Dear Camunda community,
We are looking for an elegant way to store run-time audit trail (e.g. for SOX-compliant processes) for a process run-time meta-data (timestamps, approvers, metadata on files attached via forms, etc.). Ideally we would like to have similar interface for all the processes to store and retrieve data. We are planning to use an external reporting engine to generate audit report from the database.
We see several options to deal with this:
1/ Create an “audit trail logger” class to persist data and call this class from all the processes
2/ Similar to p. 1, but run a script
3/ Create a REST-service to keep audit trail and post audit trail data at the end of the process
4/ Use a standard variable with a predefined name (e.g. AUDIT_TRAIL) in all the processes and keep audit trail metadata inside this variable
We would appreciate your sharing of other options or ideas on the best way to approach this.