Audit
The Audit Log provides a tamper-proof and immutable audit trail of all events that occur in the Rhize system. Users with appropriate permissions can access the audit log either through the UI menu or the GraphQL API.
Prerequisites
To use the audit log, ensure you have the following:
If accessing to your Rhize UI environment, a user account with appropriate permissions
If accessing through GraphQL, you also need:
- The ability to Use the Rhize GraphQL API
- A token configured so that
audienceincludesaudit, and the scopes containaudit:query.
This scope should be created by BaaS, not manually. For details, refer to Set up Keycloak.
Audit through the UI
To inspect the audit log through the Rhize UI, follow these steps:
- From the UI menu, select Audit.
- Select the users that you want to include in the audit.
- Use the time filters to select the pre-defined or custom range that you want to return.
On success, a log of events appears for the users and time ranges specified. For a description of the fields returned, refer to the Audit fields section.
Audit fields
In the audit UI, each record in the audit has the following fields:
| Field | Description |
|---|---|
| Timestamp | The time when the event occurred |
| User | The user who performed the operation |
| Operation | The GraphQL operation involved |
| Entity Internal ID | The ID of the resource that was changed |
| Attribute | What changed in the resource. This corresponds to the object properties as defined by the API and its underlying schema |
| Value | The new value of the updated attribute |
Audit through GraphQL
The audit log is also exposed through the GraphQL API.
To access it, use the queryAuditLog operation, and add filters for the time range and users.
Here’s an example query:
query {
queryAuditLog(filter: {start: "2023-01-01T00:00:00Z", end:"2023-12-31T00:00:00Z", tagFilter:[{id:"user", in: ["admin@libremfg.com"]},{id:"operation", in: ["set"]}]}, order: {}) {
operationType
meta {
time
user
}
event {
operation
uid
attribute
value
}
}
}