Proposal: Official Audit Log Plugin for Payload CMS

[Mhmod-Hsn]

Introduction Hi Payload Team and Community! 👋

I've been working on a plugin to solve a recurring need I see in many production environments: comprehensive audit trails. While Payload provides great versioning, many enterprise use cases require a centralized, high-level log of who did what and when across the entire system, including read operations and hard deletes.

I’d like to share what I’ve built and see if there is interest in adapting this as an official Payload utility or simply getting feedback from the maintainers on the implementation.

The Plugin: payload-audit-logs The goal of this plugin is to provide a "plug-and-play" audit system that is both granular and easy to configure.

Core Features:
Granular Tracking: Choose exactly which collections and which operations (create, read, update, delete) to log.
Diffing Support: Automatically captures both originalData and newData, making it easy to see exactly what changed during an update.
User Attribution: Automatically links every log entry to the user who performed the action through a relationship field.
Centralized Collection: Adds a dedicated Audit Logs collection to the Admin UI, allowing admins to search and filter logs across the entire CMS.
Performance First: Using collection-level hooks (afterChange, afterDelete, afterRead), it only runs on the collections you explicitly opt-in for.

Example Usage:

import { auditLogPlugin } from 'payload-audit-logs'

export default buildConfig({
  plugins: [
    auditLogPlugin({
      collections: {
        'posts': { operations: ['create', 'update', 'delete'] },
        'settings': { operations: ['read', 'update'] }, // Log reads for sensitive data
      },
      userCollection: 'users', // Custom user collections supported
    }),
  ],
})

Why this belongs in the Payload Ecosystem:

Compliance: Many industries (Finance, Healthcare, Public Sector) require strict audit logs for compliance (GDPR, HIPAA, etc.).
Accountability: In multi-user environments, knowing who modified shared configuration or deleted a document is critical.
Low Friction: It follows standard Payload plugin patterns and integrates seamlessly into the existing Admin UI.
Links:

GitHub: https://github.com/Mhmod-Hsn/payload-audit-logs
NPM: https://www.npmjs.com/package/payload-audit-logs

Is an official audit logging solution on the roadmap for Payload 3.0?
Would there be interest in moving this into the official @payloadcms scope or listing it as a recommended community plugin?
Are there any architectural improvements you'd suggest to make it even more "Payload-native"?
I'd love to hear your thoughts!