You are viewing the documentation for Blueriq 17. Documentation for other versions is available in our documentation directory.
Description
The Audit Component is introduced to publish all audit events on a queue for other software to be able to consume those messages in some way. Audit events messages can be used to track important events such as who performed certain actions, saw which information, and the time it happened.
SourceType | Eventtype | Applicationid | CaseId | Context | Occurred | SourceId (mostly model element ID) | SpanId | TaskId | TaskName | TraceId | UserId | UserIp |
---|---|---|---|---|---|---|---|---|---|---|---|---|
Login* | Authentication | authenticated;sessionId;requestUrl;authorized_roles | ||||||||||
DCM_CaseList | Search | caseIds | ||||||||||
DCM_WorkList | Search | results:caseId,taskId | ||||||||||
CaseEngine | Create | messageEvent | ||||||||||
AQ_Dashboard_CommentList | Search | commentReferenceId | ||||||||||
AQ_File_Upload | Create | connectionName;fileIds;authorized;successful | ||||||||||
AQ_Timeline | Read | caseIds | ||||||||||
DCM_GetTaskInfo | Read | |||||||||||
CaseEngine | Update | |||||||||||
BAARS | Inbound Service Message | operationName;httpStatusCode | ||||||||||
DCM_ThrowAsyncMessageEvent | Update | sendToCaseIds;messageEvent;affectedCaseIds | ||||||||||
AQ_Document_Generate | Create | connectionName;fileId | ||||||||||
AQ_File_GetMetaData | Read | connectionName;authorized;fileId |
* The audit log is built to log login requests from the Runtime. When the JWT login type is used, the user never requests to login at the Runtime, but another component outside the Blueriq Platform facilitates this. Therefore, login attempts cannot be not audit-logged. Please make sure the login provider (for example Keycloak) is set to log authentication requests for audit purposes.
Requirements
The Audit Component only works with Case Modelling. Case information (caseId, taskId and taskName) is only available when the runtime is executing a task.
The Audit Component needs to be able to access a queue. Currently only RabbitMQ is supported.
Installation
In order to use this component, the audit
profile must be active.
More information on how to configure the application using Spring Profiles can be found here : External application configuration with Spring Profiles.
Add the artifact with groupId com.blueriq
and artifactId blueriq-component-audit
as a dependency to your Blueriq runtime POM file if you want to depend on it.
Configuration
Properties
To be able to publish event messages, the event exchange needs to be configured in application-audit.properties
This file can be found, or otherwise should be placed in <Blueriq installation folder>\Runtime\conf
.
Subject | Property | Explanation | Property file |
---|---|---|---|
Audit component | blueriq.audit.rabbitmq.exchangeName | Rabbitmq properties where Audit messages will be sent to |
|
blueriq.audit.rabbitmq.host | |||
blueriq.audit.rabbitmq.port | |||
blueriq.audit.rabbitmq.username | |||
blueriq.audit.rabbitmq.password | |||
blueriq.audit.rabbitmq.virtualHost | |||
blueriq.audit.rabbitmq.ssl.enabled |