Audit EDRs
Purpose
Audit EDRs are generated by the OCS “resource” subsystem which produces an EDR for each API request that alters data in the OCS database.
Example
{
"type": "audit",
"node-name": "marc",
"event-timestamp": "2023-03-25T19:06:57.191200800Z",
"correlation-info": {
"slee-session-id": "fa32f6ef-edcb-42e4-8e2f-f3232bf7ea82",
"slee-event-id": "1",
"ocs-inner-intent": {
"intention": "RESOURCE_INSERT",
"resource-path": "account"
}
},
"source-info": {
"source-service": "localhost:54695",
"source-system": "n2ocs",
"source-endpoint": "localhost:10800",
"source-subsystem": "http-api"
},
"status-message": null,
"status-code": 200,
"http-info": {
"http-method": "POST",
"tcp-address-local": "127.0.0.1:10800",
"tcp-address-remote": "127.0.0.1:54695",
"http-host": "localhost:10800"
},
"audit-trigger-type": "insert",
"audit-target-list": [
{
"audit-target-type": "account",
"audit-target-id": "TestAccount379708ee-23e1-46c5-a60e-3beb95ddec3c"
}
],
"audit-target-initial": null,
"audit-target-current": {
"audit": {
"initial_creation_timestamp": "2023-03-25T19:06:57.077458700Z",
"last_change_host": "n2ocs/http-api: localhost:54695/localhost:10800",
"last_change_timestamp": "2023-03-25T19:06:57.077458700Z",
"lock": "2023-03-25T19:06:57.077458700Z"
},
"id": "TestAccount379708ee-23e1-46c5-a60e-3beb95ddec3c"
}
}
Fields
Field | Type | Presence | Description |
---|---|---|---|
audit-trigger-type |
String | Always | Values of insert , update or delete . Determines the type of update requested/performed. |
audit-target-list |
Array | Always | Determines the exact document or subdocument that was changed. |
audit-target-initial |
Object | Conditional | null if this is an insert , otherwise the document prior to the update or delete. |
audit-target-current |
Object | Conditional | null if this is a delete , otherwise the document prior to the update or insert. |
The audit-target-initial
and audit-target-current
fields reflect the
document as it is stored to the database. An wallet for example will
include buckets, subscriptions, the wallet lifecycle and any profile.