DEV.co
Open-Source Observability · spatie

laravel-activitylog

Laravel Activity Log is a PHP package that automatically tracks and records user actions and model changes within Laravel applications. It stores all activity in a database table and provides a simple API to log, query, and analyze user behavior.

Source: GitHub — github.com/spatie/laravel-activitylog
5.9k
GitHub stars
745
Forks
PHP
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryspatie/laravel-activitylog
Ownerspatie
Primary languagePHP
LicenseMIT — OSI-approved
Stars5.9k
Forks745
Open issues3
Latest release5.0.0 (2026-03-25)
Last updated2026-06-29
Sourcehttps://github.com/spatie/laravel-activitylog

What laravel-activitylog is

A Laravel-native package that logs user activities and Eloquent model events (create, update, delete) with automatic change tracking. It persists activity records to an `activity_log` table and exposes an Activity model for querying, filtering, and accessing causer/subject relationships with full attribute change history.

Quickstart

Get the laravel-activitylog source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/spatie/laravel-activitylog.gitcd laravel-activitylog# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Audit Trail for Compliance

Track and retain user actions for regulatory compliance (HIPAA, SOC 2, GDPR) by logging who changed what, when, and with what values. Essential for financial, healthcare, and enterprise applications requiring immutable activity records.

User Behavior Analytics & Troubleshooting

Debug production issues and investigate user-reported problems by reviewing the sequence of model changes and user actions. Quickly identify which user action triggered a data corruption or unexpected state.

Admin Dashboards & Activity Feeds

Power admin panels, user activity feeds, and real-time notifications by querying the activity log. Surface who accessed or modified sensitive data, enabling transparency and accountability in multi-user systems.

Implementation considerations

  • Verify and customize the published migration for your ID type (integers, UUIDs, snowflakes) before running; default assumes integer IDs.
  • Configure which models and events to log via the published config to avoid over-logging and database bloat; consider log rotation/archiving strategy for large tables.
  • Manually call `activity()->log()` for non-model events; automatic logging only covers Eloquent lifecycle events if the LogsActivity trait is used.
  • Plan for database performance: index frequently queried columns (user_id, subject_type, created_at) and implement data retention policies.
  • Review and test with your authentication system; `causedBy($user)` requires your User model to be properly resolved in the service container.

When to avoid it — and what to weigh

  • High-Throughput Event Logging (>10k events/min) — Package is optimized for typical business apps. Heavy-volume telemetry or real-time analytics workloads may require dedicated event streaming (Kafka, CloudEvents) rather than relational DB logging.
  • Non-Laravel Applications — Tightly coupled to Laravel's Eloquent ORM and service container. Not portable to Symfony, standalone PHP, or non-PHP frameworks without significant refactoring.
  • Strict Schema-Agnostic Requirements — Assumes standard integer or UUID primary keys and expects the `activity_log` table to be managed by migrations. Highly non-standard ID schemes or immutable schemas may require custom migration logic.
  • Decoupled Microservices Without Shared DB — If services do not share a database, each service would need its own instance. Cross-service audit trails require additional event bus or log aggregation infrastructure.

License & commercial use

MIT License—permissive OSI-approved license. Allows commercial use, modification, and distribution with attribution and no warranty.

MIT is a permissive open-source license compatible with commercial use. No license fees, royalties, or restrictions on proprietary applications. Verify with your legal team for compliance with your IP policy; source must be attributed.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityLow
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Activity log records are stored in plaintext in the database; ensure database encryption and access controls are in place. No built-in encryption of sensitive properties—consider filtering or masking PII/secrets before logging. Causer and subject IDs are exposed; validate user authorization before exposing activity logs in UI. Review data retention policy to minimize exposure window for logged data.

Alternatives to consider

Laraudit (Laravel)

Similar feature set (audit trails, model tracking) but lighter-weight; less popular and fewer community examples.

Laravel Telescope (Laravel)

Built-in Laravel debugging/monitoring tool; focuses on real-time request/query inspection rather than persistent audit history.

Axiom or Datadog APM (SaaS/External)

For high-volume or multi-service deployments; decouples logging from application database and adds analytics/alerting.

Software development agency

Build on laravel-activitylog with DEV.co software developers

Laravel Activity Log is production-ready, actively maintained, and MIT-licensed. Install via Composer and start tracking user activities in minutes. Review the official docs and assess integration with your data retention and security policies.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

laravel-activitylog FAQ

Can I log actions without attaching them to a model?
Yes. Use `activity()->log('description')` for generic events. Use `->performedOn($model)` to link to a model or leave blank for user-only logging.
Does it automatically capture all Eloquent changes?
No. You must add the `LogsActivity` trait to each model you want to track. This prevents accidental logging bloat on unintended models.
How do I exclude certain fields from change tracking?
Use the published config or model property `$guarded_attributes` to specify fields (e.g., `updated_at`, passwords) that should not be logged.
Is there a built-in UI for viewing activity logs?
No. You query the Activity model directly or build custom views/dashboards using the activity data. Third-party packages or custom admin panels are required for UI.

Software developers & web developers for hire

DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If laravel-activitylog is part of your open-source observability roadmap, our team can implement, customize, migrate, and maintain it.

Ready to add audit logging to your Laravel app?

Laravel Activity Log is production-ready, actively maintained, and MIT-licensed. Install via Composer and start tracking user activities in minutes. Review the official docs and assess integration with your data retention and security policies.