Skip to main content

Time for a Change - Announcing Statetrace

· 5 min read
Kyle Hanson

The world of application data today is broken. We treat our most valuable asset as a second-class citizen, only keeping the most recent version data available and throwing away critical information of how the data got there. It's is a hard problem to fix. Statetrace is here to make it easier.

Data auditing is the future of application development. It enables teams to solve tougher problems faster. With Statetrace, teams can develop an auditing solution in hours instead of months and start delivering reliable answers to their customers. Statetrace annotates row level changes from your databases, piping them into webhooks, into data warehouses, or indexing them for fast searches.

Whats wrong today

The world of auditing today has been stuck for decades. There exist libraries and tools at the application layer to associate changes with who changed them, however these tools are deeply flawed. Because they work at the application layer, they miss things that don't go through the application; like migrations or someone connected directly to the DB. More importantly they are strictly framework dependent and do not offer a general solution.

CDC pipelines capture the changes accurately but do not associate those changes with application meta information.

How it works

Statetrace connects to the logical replication of Postgres or the BinLog of MySQL. By reading events directly from the replication log, Statetrace gets a 100% accurate history of your data. More importantly because it is intefacing with the database instead of the application, Statetrace can work with any framework or language with minimal configuration.

The application annotates transactions by writing to an annotations table in the same transaction that you change other data, associating session and user information with individual row changes.

Solving the "Who dunnit?"

Nobody wants to answer the dreaded customer complaint "Who changed my data?" Even if the customer was the last one to change the data, without a proper auditing solution one might not be able to give a reliable answer. Having uncertainty around the history of data puts a company's reputation at risk.

Statetrace puts the answers to these questions at your fingertips. With an annotated audit log, each row change is associated with meta-information about who in the application changed the data. Pipe these changes into the destination of your choice for easy searching.

Github for Code. Statetrace for Data.

Version control for code is integral to the development process. Companies spend billions of dollars every year on developer salaries and want to keep that investment of developer output. Data about what the code was and who changed it is so valuable that a multi-billion dollar industry has grown to support those needs.

However, companies are throwing away money when it comes to their actual bread and butter: the application data. The stream of changes from application data are a gold mine for solving problems and answering questions. But the vast majority of companies today throw away these changes, because they have little value as they don't connect the change to who made the change. This is bad, because you don't know what type of questions you might want to know in the future and once you throw it away, its gone for ever.

Statetrace is solving this problem. Statetrace makes the stream of changes useful by associating the change with who changed it and simplifying piping these changes into other data sources.

Time traveling SQL

Once all changes from a DB are collected, they can be used to recreate transaction-level point-in-time snapshots of your entire database, a particular table, or just a single row. This allows you to easily go back to see what a the result of a query was. It also helps you answer more interesting questions in data analytics as you can compare two points in time in a single query all in your existing data warehouse.

Compliance focused

Your data belongs with you. Statetrace is designed to be run on-prem, leaving you in complete control of your data. Whether you are running a HIPAA deployment or need to stay SOC 2 compliant, Statetrace works with your compliance team to succeed.

Statetrace Core

Users can try Statetrace Core today for free. Its a limited edition of statetrace without a UI, but with all of the power. Try it out locally to quickly connect your database and start scanning within minutes.

Statetrace Enterprise

Our flagship product is Statetrace for Enterprise. Its the full featured Statetrace experience with a robust UI, enterprise level user permissions, pre-constructed SQL models for time-travel and support from our customer success team.

The future

We are developing the highest quality auditing experience. If what we are doing sounds interesting, reach out at [email protected] and we would love to tell you about what we are working on.