Audit Logs
The accountability on the Ververica Platform is ensured by the Audit Logs feature, which provides a capturing mechanism of all the user actions via the UI or via the API.
Specification
Audit Logs are defined as a set of Audit Actions. Each Audit Action has two parts, i.e. a) the metadata and b) the resource related to the action in JSON format.
Audit Logs are searchable via the UI by occurred time, user or API Token, and action taken.
Endpoints
The following endpoints are available for interacting with the persisted Audit Logs:
| URI | Method | Description |
|---|---|---|
| /api/v1/logs/ | GET | List all Audit Logs of a given window, delivered paged |
| /api/v1/logs/reports | GET | CSV/JSON report of the Audit Logs for a given window |
Audit Logs are persisted in the corresponding database for 180 days.
Disable Audit Logs
By default, on Ververica Platform version 2.12 and later, Audit Logs are enabled. The logs can demand large space requirements if there are many updates to deployments or other resources within the platform. In case the feature needs to be disabled, the following snippet can be added to the Helm values.yaml file:
vvp:
auditor:
enabled: false
Additionally, the appmanager and gateway can be disabled on an individual basis by changing either's corresponding value: to false. The example below shows disabling the logs for appmanager while leaving the gateway enabled.
appmanager:
env:
- name: "vvp.auditor.enabled"
value: "false"
gateway:
env:
- name: "vvp.auditor.enabled"
value: "true"
By default, leaving value.auditor.enabled unspecified is equivalent to enabled: true.