Start for free

Cryptographically verifiable
audit logs. Three lines of code.

Every event is SHA-256 hash-chained. Tampering breaks the chain. The audit log you can actually prove.

Get Your API KeyView demo

No credit card required

Live activity feed
Createuser.invitedJohn D. invited Sarah M.
2s ago
Updaterole.changedAdmin promoted Mike T.
15s ago
Deleteapi_key.revokedProduction key retired
1m ago
Createdocument.sharedQ4 Report shared with team
3m ago

Cryptographic integrity

Every event is SHA-256 hash-chained at write time. Field tampering, deletion, reordering, and retroactive insertion all leave an arithmetic trace.

Independent verification

Verify your chain any time from the SDK or a one-liner curl. Pin the tip externally and you can prove integrity without trusting our API.

Multi-tenant by design

Tag every event with a groupId — your customer's tenant id. One Evelmo account powers per-tenant activity views, filters, and exports.

Five-minute setup

npm install evelmo, add three lines, done. No infrastructure to provision, no schema to design.

Developer-first SDK

TypeScript-first with full type safety. Idempotent retries via the Idempotency-Key header. Predictable errors, no magic.

Searchable explorer

Filter by actor, action, target, group, or date range from the dashboard. Pagination, wildcard matching, and full metadata inspection included.

Three lines. That's it.

Start logging activity in your app with minimal code.

import { Evelmo } from 'evelmo';

const evelmo = new Evelmo(process.env.EVELMO_API_KEY);

await evelmo.log({
  action: 'user.invited',
  actor: { id: 'usr_123', name: 'John' },
  target: { id: 'usr_456', type: 'user' }
});

Built for the teams who actually need this

Three problems Evelmo solves better than a text file or a DIY table.

Embed activity logs in your product

Ship an “Activity” tab to your customers without building a backend. Tag each event with their tenant id via groupId — they see only what belongs to them. One API, one bill, no schema to design.

SOC 2, HIPAA, GDPR Article 30 evidence

Cryptographic integrity, retention controls, and on-demand verification map directly to the logging-and-monitoring requirements auditors actually check — SOC 2 CC7.2, HIPAA §164.312(b), GDPR Article 30 — covered in one integration.

Security forensics

When something goes wrong, reconstruct the exact sequence of events — actor, target, IP, user agent, metadata — with filterable, verifiable history. You'll know if the evidence was touched.

Simple, transparent pricing

Start free. Scale when you're ready.

Hacker

Perfect for side projects and MVPs

$0/month
  • 1,000 logs/month
  • 7-day retention
  • 1 API key
  • Community support
Get started
Most popular

Startup

For growing teams shipping fast

$41/month$49

Billed $490/year

  • 50,000 logs/month
  • 1-year retention
  • Unlimited API keys
  • CSV export
  • Priority email support
Get started

Pro

For teams that need cryptographic proof

$166/month$199

Billed $1,990/year

  • 200,000 logs/month
  • 7-year retention
  • CSV & JSON export
  • Signed Merkle inclusion proofs (available soon)
  • Event webhook delivery (coming soon)
  • Dedicated support
Get started

Business

For mid-market teams with procurement and compliance

From $500/month

Custom contract — priced on volume & term

  • Everything in Pro
  • SSO / SAML (Okta, Azure AD, Google)
  • Signed DPA & BAA on request
  • Retention windows negotiable beyond plan defaults
  • US residency today; EU on request with a delivery timeline
  • Dedicated Slack + SLA
Contact sales

Need on-prem, high-volume, or non-standard contract terms? Contact us.

Ready to ship audit logs?

Get started in minutes. Free forever for small teams.

Get Your API Key