Navigation :

Audit EDRs

Purpose

Audit EDRs are generated by the OCS “resource” subsystem which produces an EDR for each API request that alters data in the OCS database.

Example

{
  "type": "audit",
  "node-name": "marc",
  "event-timestamp": "2023-03-25T19:06:57.191200800Z",
  "correlation-info": {
    "slee-session-id": "fa32f6ef-edcb-42e4-8e2f-f3232bf7ea82",
    "slee-event-id": "1",
    "ocs-inner-intent": {
      "intention": "RESOURCE_INSERT",
      "resource-path": "account"
    }
  },
  "source-info": {
    "source-service": "localhost:54695",
    "source-system": "n2ocs",
    "source-endpoint": "localhost:10800",
    "source-subsystem": "http-api"
  },
  "status-message": null,
  "status-code": 200,
  "http-info": {
    "http-method": "POST",
    "tcp-address-local": "127.0.0.1:10800",
    "tcp-address-remote": "127.0.0.1:54695",
    "http-host": "localhost:10800"
  },
  "audit-trigger-type": "insert",
  "audit-target-list": [
    {
      "audit-target-type": "account",
      "audit-target-id": "TestAccount379708ee-23e1-46c5-a60e-3beb95ddec3c"
    }
  ],
  "audit-target-initial": null,
  "audit-target-current": {
    "audit": {
      "initial_creation_timestamp": "2023-03-25T19:06:57.077458700Z",
      "last_change_host": "n2ocs/http-api: localhost:54695/localhost:10800",
      "last_change_timestamp": "2023-03-25T19:06:57.077458700Z",
      "lock": "2023-03-25T19:06:57.077458700Z"
    },
    "id": "TestAccount379708ee-23e1-46c5-a60e-3beb95ddec3c"
  }
}

Fields

Field Type Presence Description
audit-trigger-type String Always Values of insert, update or delete. Determines the type of update requested/performed.
audit-target-list Array Always Determines the exact document or subdocument that was changed.
audit-target-initial Object Conditional null if this is an insert, otherwise the document prior to the update or delete.
audit-target-current Object Conditional null if this is a delete, otherwise the document prior to the update or insert.

The audit-target-initial and audit-target-current fields reflect the document as it is stored to the database. An wallet for example will include buckets, subscriptions, the wallet lifecycle and any profile.