You are viewing the documentation for Blueriq 16. Documentation for other versions is available in our documentation directory.

Description

The Audit Component is introduced to publish all audit events on a queue for other software to be able to consume those messages in some way. Audit events messages can be used to track important events such as who performed certain actions, saw which information, and the time it happened.

SourceTypeEventtypeApplicationidCaseIdContextOccurredSourceId (mostly model element ID)SpanIdTaskIdTaskNameTraceIdUserIdUserIp
Login*Authentication

authenticated;sessionId;requestUrl;authorized_roles(tick) 
(tick) 

(tick) (tick) (tick) 
DCM_CaseListSearch(tick) 
caseIds(tick) (tick) (tick) 

(tick) (tick) (tick) 
DCM_WorkListSearch(tick) 
results:caseId,taskId(tick) (tick) (tick) 

(tick) (tick) (tick) 
CaseEngineCreate
(tick) messageEvent(tick) (tick) (tick) 

(tick) (tick) (tick) 
AQ_Dashboard_CommentListSearch(tick) 
commentReferenceId(tick) 






AQ_File_UploadCreate(tick) (tick) connectionName;fileIds;authorized;successful(tick) (tick) (tick) (tick) (tick) (tick) (tick) (tick) 
AQ_TimelineRead(tick) 
caseIds(tick) (tick) (tick) 

(tick) (tick) (tick) 
DCM_GetTaskInfoRead(tick) 

(tick) (tick) (tick) (tick) (tick) (tick) (tick) (tick) 
CaseEngineUpdate(tick) (tick) 
(tick) (tick) (tick) (tick) (tick) (tick) (tick) (tick) 
BAARSInbound Service Message(tick) 
operationName;httpStatusCode(tick) (tick) (tick) 

(tick) (tick) 
DCM_ThrowAsyncMessageEventUpdate(tick) 
sendToCaseIds;messageEvent;affectedCaseIds(tick) (tick) (tick) 

(tick) (tick) 
AQ_Document_GenerateCreate(tick) (tick) connectionName;fileId(tick) (tick) (tick) (tick) (tick) (tick) (tick) (tick) 
AQ_File_GetMetaDataRead(tick) (tick) connectionName;authorized;fileId(tick) (tick) (tick) (tick) (tick) (tick) (tick) (tick) 

* The audit log is built to log login requests from the Runtime. When the JWT login type is used, the user never requests to login at the Runtime, but another component outside the Blueriq Platform facilitates this. Therefore, login attempts cannot be not audit-logged. Please make sure the login provider (for example Keycloak) is set to log authentication requests for audit purposes.

Requirements

The Audit Component only works with Case Modelling. Case information (caseId, taskId and taskName) is only available when the runtime is executing a task.

The Audit Component needs to be able to access a queue. Currently only RabbitMQ is supported.

Installation

In order to use this component, the audit profile must be active. 

More information on how to configure the application using Spring Profiles can be found here : External application configuration with Spring Profiles.

Add the artifact with groupId com.blueriq and artifactId blueriq-component-audit as a dependency to your Blueriq runtime POM file if you want to depend on it.

Configuration

Properties

To be able to publish event messages, the event exchange needs to be configured in application-audit.properties This file can be found, or otherwise should be placed in <Blueriq installation folder>\Runtime\conf.

SubjectPropertyExplanationProperty file
Audit componentblueriq.audit.rabbitmq.exchangeName

Rabbitmq properties where Audit messages will be sent to







application-audit.properties








blueriq.audit.rabbitmq.host
blueriq.audit.rabbitmq.port
blueriq.audit.rabbitmq.username
blueriq.audit.rabbitmq.password
blueriq.audit.rabbitmq.virtualHost
blueriq.audit.rabbitmq.ssl.enabled