Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documentation, Provide a way to send Liberty Audit Logs to OpenTelemetry #7829

Open
1 of 2 tasks
pgunapal opened this issue Feb 25, 2025 · 0 comments
Open
1 of 2 tasks

Documentation, Provide a way to send Liberty Audit Logs to OpenTelemetry #7829

pgunapal opened this issue Feb 25, 2025 · 0 comments
Labels
25.0.0.3
Milestone
25.0.0.3

Comments

@pgunapal
Copy link
Member

pgunapal commented Feb 25, 2025
edited
Loading

Feature epic details

Operating systems

Does the documentation apply to all operating systems?

  • Yes
  • No; specify operating systems: ______

Summary

Provide a concise summary of your feature. What is the update, why does it matter, and to whom? What do 80% of target users need to know to be most easily productive using your runtime update?

Liberty Audit logs can now also be collected to OpenTelemetry using the mpTelemetry-2.0 feature, along with the audit-1.0 or audit-2.0 feature, in addition to Open Liberty runtime log sources (messages, traces, ffdcs) and application logs generated via java.util.logging (JUL).

Configuration

List any new or changed properties, parameters, elements, attributes, etc. Include default values and configuration examples where relevant:

To enable the MicroProfile Telemetry 2.0 feature to collect audit logs, add either the audit-1.0 or audit-2.0 feature and the new audit log source to the source attribute for the <mpTelemetry/> server configuration element, as stated in the following configuration to your server.xml:

<featureManager>
   <feature>audit-1.0 or audit-2.0</feature>
   <feature>mpTelemetry-2.0</feature>
</featureManager>

<mpTelemetry source="audit"/>
  • Different audit events that are captured and routed to OpenTelemetry are also configurable, by specifying the relevant audit events and outcomes in the auditFileHandler element, as follows:
<auditFileHandler maxFiles="5" maxFileSize="20" compact="true">
    <events name="AuditEvent_1" eventName="SECURITY_AUTHN" outcome="SUCCESS"/>
    <events name="AuditEvent_2" eventName="SECURITY_AUTHN" outcome="REDIRECT"/>
    <events name="AuditEvent_3" eventName="SECURITY_AUTHN" outcome="FAILURE"/>
    <events name="AuditEvent_4" eventName="SECURITY_AUTHZ"/>
</auditFileHandler>

Updates to existing topics

Documentation to be updated: https://openliberty.io/docs/latest/reference/feature/mpTelemetry-2.0.html#logs

  • Add the audit log source:
  • Mention that the audit-1.0/audit-2.0 features are required in the server configuration, along with the audit source in the source list for the audit log events to be collected by OpenTelemetry.

Documentation to be updated: https://openliberty.io/docs/latest/mptel-log-events-list.html
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
25.0.0.3
Projects
None yet
Milestone
25.0.0.3
Development

No branches or pull requests
2 participants
@pgunapal @dmuelle