Audit Logging

Audit logging provides a chronological record showing proof of operations or alterations on Algoreus entities. This record can be used to track the set of actions that defined the state of an entity at a certain point in time. These actions involve the creation, alteration, and deletion of an entity, as well as the changes made to the entity's metadata. For data entities (datasets), it includes access information that's used to generate the entity's lineage.

Supported Audit Events

Algoreus supports the following audit events:

Audit Event Type
Supported Entities

CREATE

Datasets

UPDATE

Datasets

DELETE

Datasets

TRUNCATE

Datasets

ACCESS

Datasets

METADATA_CHANGE

Applications, Artifacts, Datasets, Programs

Configuring Audit Publishing

The properties set in the algoreus-site.xml control audit publishing:

  • audit.enabled: This determines whether the publishing of audit logs is enabled. By default, this is set to true.

  • audit.topic: This sets the topic to publish to. By default, this is set to audit.

Consuming Audit Events

When audit publishing is enabled, for each audit event, a message is sent to Algoreus Algo Connect on the configured topic.

The contents of the message are a JSON representation of the AuditMessage class.

Here are some example JSON messages, formatted for readability:

Dataset Creation

{
        "version": 1,
        "time": 1000,
        "entityId": {
                "namespace": "ns1",
                "dataset": "ds1",
                "entity": "DATASET"
        },
        "user": "user1",
        "type": "CREATE",
        "payload": {}
}

Application Metadata Change

{
        "version": 1,
        "time": 3000,
        "entityId": {
              "namespace": "ns1",
              "application": "app1",
                "entity": "APPLICATION"
        },
        "user": "user1",
        "type": "METADATA_CHANGE",
        "payload": {
                "previous": {
                      "USER": {
                              "properties": {
                                      "uk": "uv",
                                      "uk1": "uv2"
                                },
                                "tags": ["ut1", "ut2"]
                        },
                        "SYSTEM": {
                                "properties": {
                                        "sk": "sv"
                                },
                                "tags": []
                        }
                },
                "additions": {
                        "SYSTEM": {
                                "properties": {
                                        "sk": "sv"
                                },
                                "tags": ["t1", "t2"]
                        }
                },
                "deletions": {
                        "USER": {
                                "properties": {
                                        "uk": "uv"
                                },
                                "tags": ["ut1"]
                        }
                }
        }
}
PreviousDiscovery and LineageNextMetadata Management

Last updated