Auditing

Certain log records written by Hazy processes may be useful for auditing purposes. If an external auditing platform is in use to read and analyse log data Hazy recommends the following.

  1. Switch to JSON logging for all services.

  2. If Keycloak is in use, consult the auditing section in the Keycloak server admin documentation to switch on event logging and add events to the log stream.

  3. Specific Hazy events are tagged to make filtering and auditing easier. In particular, events with the hazy_tags::audit field set to True can be considered useful for auditing purposes:

    {
      "timestamp": "2023-06-30T09:22:26+0100",
      "level": "INFO",
      "message": "Successfully connected to s3 data source 's3 sink'",
      "hazy_tags": {
        "audit": true,
        "source_data": true
      }
    }
    
    

Auditing