Audit Events
Intelligent Data Store generates audit events for certain usages of the APIs. IMPACT IoT billing module must also be installed to use this feature.
This is an optional feature that can be enabled during installation. To enable this
feature, set the auditing:enabled value to true
(Default is false), and configure global.broker properties in the
values.yaml of the Intelligent Data Store helm chart.
Following are the API calls, which are audited:
| URI | Method | Description |
|---|---|---|
| /ids-rules-api/v1/rules/ | POST | Creates a rule by persisting the details to the database and creating streams in Ksql. |
| /ids-rules-api/v1/rules/{id} | DELETE | Deletes a rule specified by its ID. |
| /ids-rules-api/v1/rules/enable/{id} | PUT | Enables the rule specified by its ID. Gives an error when the already enabled rule is enabled again. |
| /ids-rules-api/v1/rules/disable/{id} PUT | PUT | Disables the rule specified by its ID. Gives an error when the already disabled rule is disabled again. |
| /ids-rules-api/v1/rules/{id} | PATCH | Modifies the rule query and sets it as the default version. |
| /ids-rules-api/v1/rules/activate/{id}/{version} | PATCH | Activates a specific version of a rule by its ID and version. |
| /ids-rules-api/v1/rules/import/ | POST | Imports the rules, persisting the details and creating streams in ksql. The input has to be an array of rules. |
Example audit events:
Use case: Create
rule
{"serverTime":1699518649022,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Create-Rule","status":"200","host":"localhost","details":{"ruleName":"testRule","ruleId":"48d51b00-7eda-11ee-9201-97f015ec59df"}}
{"serverTime":1699518675910,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Create-Rule","status":"500","host":"localhost","details":{"ruleName":"testRule","ruleId":""}}Use case: Delete
rule
{"serverTime":1699518665067,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Delete-Rule","status":"200","host":"localhost","details":{"ruleName":"testRule","ruleId":"5180cd30-7eda-11ee-9201-97f015ec59df"}}Use case: Enable
rule
{"serverTime":1699518709932,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Enable-Rule","status":"200","host":"localhost","details":{"ruleName":"testRule","ruleId":"6cde1c90-7eda-11ee-9201-97f015ec59df"}}
{"serverTime":1699518709956,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Enable-Rule","status":"409","host":"localhost","details":{"ruleName":"","ruleId":"6cde1c90-7eda-11ee-9201-97f015ec59df"}}Use case: Disable
rule
{"serverTime":1699518709523,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Disable-Rule","status":"200","host":"localhost","details":{"ruleName":"testRule","ruleId":"6cde1c90-7eda-11ee-9201-97f015ec59df"}}
{"serverTime":1699518709565,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Disable-Rule","status":"409","host":"localhost","details":{"ruleName":"","ruleId":"6cde1c90-7eda-11ee-9201-97f015ec59df"}}Use case: Edit
rule
{"serverTime":1699518678298,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Edit-Rule","status":"200","host":"localhost","details":{"ruleName":"testRule","ruleId":"59790de0-7eda-11ee-9201-97f015ec59df"}}Use case: Activate rule
version
{"serverTime":1699518680398,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Change-Rule-Version","status":"200","host":"localhost","details":{"ruleVersion":"v1","ruleName":"testRule","ruleId":"59790de0-7eda-11ee-9201-97f015ec59df"}}
{"serverTime":1699518680443,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Change-Rule-Version","status":"404","host":"localhost","details":{"ruleVersion":"v3","ruleName":"","ruleId":"59790de0-7eda-11ee-9201-97f015ec59df"}}Use case: Import
rules
{"serverTime":1699518674341,"groupName":"ddpi.ed.tenant1","component":"IMPACT-IDS","user":"rulemanage","action":"Import-Rule","status":"200","host":"localhost","details":{}}