akhq icon indicating copy to clipboard operation
akhq copied to clipboard

Published 20 hours ago verified publisher icon tchiotludo

[New Feature] Add auditing on access and actions done by users

Open apellegr06 opened this issue 1 year ago • 3 comments

Hi @tchiotludo

First of all, I would like to mention that I love your tool, I use it every day and it's always a pleasure, it's very simple and with all principal functionalities.

As we give access to this tool to our devlopement teams, it could be a good idea to be able to have an history of all access and actions done by all users. So an audit log.

What do you think about that ?

Regards Alain

apellegr06 avatar May 03 '23 13:05 apellegr06

Hello @tchiotludo, what do you think if I inject an "audit sink" in each relevant controller/repository and call "save" after each operation that needs auditing:

public interface AuditSink {
    void save(Event event);
}

The AuditSink would call the SecurityService to retrieve the current user name, if any and send the audit event downstream (I guess the most straightforward implementation is to write back to kafka in a dedicated topic).

An audit event would be:

public class Event {
    private String clusterId;
    private String userName;
    private String type;
    private String entityName;
    private String entityType;
    private Map<String, String> data;
}

Any thoughts? Recommendations? I think this would be easier to call the save method in the controller, but maybe it makes more sense in the repositories?

Happy to submit a PR once we can decide on a few things before.

ebrard avatar Nov 20 '23 13:11 ebrard

My only concern about that is the storage like you mention, storing some audit log in kafka is easy, but will open the door to multiple things:

  • I want to see audit log
  • I want to filter audit log
  • I want to have audit log in another systems

Why I don't start anything about that, in a meantime, this could be the first easy one (to sent back to kafka)

tchiotludo avatar Nov 20 '23 13:11 tchiotludo

So, first here is a little (non-unit-tested) MVP. It seems quite straighforward.

In a production critical environment, what I would do is to use a dedicated Kafka cluster for audit data (a small one), then configure akhq as shown below to send audit data to this cluster. With this dedicated I would configure kafka-connect to send the audit topic data to elasticsearch.

akhq:
  audit:
    enabled: true
    cluster-id: local
    topic-name: akhq.audit

Basically, theres's two way to see this, either we use Kafka directly, which is very convenient with the KafkaModule class and then we let the user configure another integration (elasticsearch, rockset, postgres...) to actually explore and use this data (my favorite option, also what confluent cloud does fyi), or we directly integrate 3rd party system to akhq so that audit data is sent directly to those systems. This would mean adding extra dependencies to the application and maintaining as many integration as required (instead of one - vanilla kafka).

ebrard avatar Nov 20 '23 14:11 ebrard