You are viewing the documentation for Blueriq 15. Documentation for other versions is available in our documentation directory.

Description

The Audit Component is introduced to publish all audit events on a queue for other software to be able to consume those messages in some way. Audit events messages can be used to track important events such as who performed certain actions, saw which information, and the time it happened.

Requirements

The Audit Component needs to be able to access a queue. Currently only RabbitMQ is supported.

Installation

In order to use this component, the audit profile must be active. 

More information on how to configure the application using Spring Profiles can be found here : External application configuration with Spring Profiles.

Add the artifact with groupId com.blueriq and artifactId blueriq-component-audit as a dependency to your Blueriq runtime POM file if you want to depend on it.

Configuration

Properties

To be able to publish event messages, the event exchange needs to be configured in application-audit.properties This file can be found, or otherwise should be placed in <Blueriq installation folder>\Runtime\conf.

SubjectPropertyExplanationProperty file
Audit componentblueriq.audit.domain.entityEntity and attributes to obtain audit logging information from.

application-audit.properties


blueriq.audit.domain.processNameAttribute
blueriq.audit.domain.caseIdAttribute
blueriq.audit.domain.taskIdAttribute
blueriq.audit.domain.taskNameAttribute
blueriq.audit.logging.config

Location to the logback configuration file which declares the required audit logger, more information can be found here.

Logback

The audit component utilizes our logging framework Logback to proces the audit messages. By default Blueriq support three methods for processing audit messages: Console, File and AMQP via RabbitMQ. When configuring the audit component you will need to add and configure a logback configuration file which is dedicated to the audit component. In the logback configuration you need to setup a Logger and an Appender which is configured to use Blueriq's Layout for audit messages.

To make configuration easier we have supplied some default configuration on how to setup and logback to process Blueriq's audit messages.

Step 1: Logback configuration

Create a logback-audit-spring.xml and places it in the <Blueriq installation folder>\Runtime\conf.

Place one of the following example configuration in the logback-audit-spring.xml file.

<included>
	<appender name="blueriq-audit-appender" class="org.springframework.amqp.rabbit.logback.AmqpAppender">
		<layout class="com.blueriq.component.audit.logback.AuditLayout"/>
		<host>...</host>
		<port>...</port>
		<virtualHost>/</virtualHost>
		<username>...</username>
		<password>...</password>
        <generateId>true</generateId>
        <exchangeName>auditEvents</exchangeName>
		<contentType>application/json</contentType>
		<routingKeyPattern>#</routingKeyPattern>
	</appender>

	<logger name="com.blueriq.audit" additivity="false">
		<appender-ref ref="blueriq-audit-appender"/>
	</logger>
</included>
<included>
	<appender name="blueriq-audit-appender" class="ch.qos.logback.core.rolling.RollingFileAppender">
		<layout class="com.blueriq.component.audit.logback.AuditLayout"/>
		<file>...</file>
		<rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
			<!-- rollover daily -->
			<fileNamePattern>...-%d.%i.log</fileNamePattern>
			<!-- or whenever the file size reaches 10MB -->
			<maxFileSize>10MB</maxFileSize>
		</rollingPolicy>
	</appender>

	<logger name="com.blueriq.audit" additivity="false">
		<appender-ref ref="blueriq-audit-appender"/>
	</logger>
</included>
<included>
	<appender name="blueriq-audit-appender" class="ch.qos.logback.core.ConsoleAppender">
		<layout class="com.blueriq.component.audit.logback.AuditLayout"/>
	</appender>

	<logger name="com.blueriq.audit" additivity="false">
		<appender-ref ref="blueriq-audit-appender"/>
	</logger>
</included>

Naming

  • The logger name must be com.blueriq.audit, otherwise Blueriq will not be able to send messages to the correct logger and will display an error on startup.
  • The appender must contain the com.blueriq.component.audit.logback.AuditLayout layout, otherwise logback will not be able to proces out audit messages correctly.

Step 2: Property configuration

For Blueriq to pick up the logback-audit-spring.xml you will need to set the blueriq.audit.logging.config property in the application-audit.properties this must to point the absolute path of the logback-audit-spring.xml.

Step 3: Logback override (optional)

If you have already setup your own logback-spring.xml configuration to override Blueriq's default logback configuration, then you have to add additional configuration to it for logback to pickup the logback-audit-spring.xml.

logback-spring
<configuration>
	...
	<!-- Include configuration for audit logging -->
	<springProfile name="audit">
		<springProperty name="auditLogConfig" source="blueriq.audit.logging.config"/>
		<if condition='isDefined("auditLogConfig")'>
			<then>
				<include file="${auditLogConfig}"/>
			</then>
		</if>
	</springProfile>
</configuration>

This is will ensure that the logback will only process audit messages when the audit profile is enabled.

Viewing audit logs

Audit logs can be viewed in the DCM Maintenance App. See Viewing audit logs in DCM Maintenance Application for more information on how to configure the DCM Maintenance App for vieweing audit logs.

  • No labels