Skip to main content Skip to complementary content

Enabling and configuring audit capabilities in Talend Data Stewardship

You can enable and configure the audit capabilities in Talend Data Stewardship to ensure that the audit events are tracked and recorded properly.

All user actions on any item in Talend Data Stewardship are audited by default. Audit events show who took the action, what was the exact operation and when did it happen. You can also decide to disable the audit capabilities and stop generating audit events in certain circumstances.

Audit events include the following:

Category

Audit events

Security (authentication)

  • A user logs in successfully to the application from Talend Data Stewardship components.

  • A user logs out successfully from Talend Data Stewardship components.

  • A user fails to log from Talend Data Stewardship components. For example, a wrong username or password is used.

Activity (data model)

  • A data model is created.

  • A data model is updated.

  • A data model is deleted.

Activity (campaign)

  • A campaign is created.

  • A campaign is updated.

  • A campaign is deleted.

Activity (task)

  • A task is created.

  • A task is updated.

    This event includes all operations done on tasks, for example when a task is assigned or marked as ready or resolved, etc.

  • A task is deleted.

Before you begin

You have installed Talend log server when installing Talend Data Stewardship.

Procedure

  1. Browse to the file <path_to_installation_folder>/tds/apache-tomcat/conf/data-stewardship.properties and open it.
  2. Make sure audit.log.enabled is set to true.
    From now on all operation performed by Talend Data Stewardship users are registered on the log server.
  3. Browse to the file <path_to_installation_folder>/tds/apache-tomcat/conf/audit.properties and open it.
  4. Configure the audit logging properties according to your needs.
    You can choose to use all of the log appenders (file and http) or only one of them.

    Property

    Description

    log.appender=http

    The log entries will be sent through HTTP requests.

    You need to specify the URL and the access credentials (if any). For example:

    appender.http.url=http://localhost:8057/
    #appender.http.username=talendlogs
    #appender.http.password=tpsvclogs

    You can check the audit events later by accessing the log service platform http://[log server address]:5601 and selecting talendaudit* from the Dashboard list in the upper left corner.

    log.appender=file

    The log entries will be placed into a JSON file. In most cases there should be a Filebeat instance picking up new messages and sending them to Logstash.

    You need to specify the exact path to the file, the maximum size of the file (once exceeded, a new backup file will be created), and the maximum number of backup files allowed in one day. For example:

    appender.file.path=${mdm.root}/logs/audit.log
    appender.file.maxsize=52428800
    appender.file.maxbackup=20
  5. Save your changes.
  6. To stop generating audit events, set audit.log.enabled to false and save your changes.
    Under certain circumstances, for example during migration, you may want to avoid generating audit events.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!