This document intends to describe the audit log command message data model.
It represents an activity that occurred in the system.
We are calling this message “Event”, see note in https://safibank.atlassian.net/wiki/spaces/ITArch/pages/51740699/Audit+log+manager#Audit-log-architecture.
Message Model
Generally speaking, the activity describes a specific occurrence in the past, and it consists of six parts.
activity = WHO + DID WHAT + TO WHOM/WHICH + WHEN + WHERE + RESULT/SIDE RESULT/OUTCOME
The WHERE part is not necessary for our scenario because is' uniquely determined by WHO (customers can only do activities in the mobile app, bank employees in the backoffice web app, etc.)
Important: For changes (like an update of customer email) we do not store the original values in the audit log, so the log entry will only say “Customer email changes to X by user Y because of ticket Z at time T” but not what the value was before.
Storing the original values was not in the requirements.
Attribute | Description |
---|---|
source | WHO triggered the event (actor). |
| A unique identifier of the source actor. The possible options are: |
| See SOURCE options in Log Event Data Model | Enums
|
| A map of extra attributes related to the source. See Attribute Keys in Log Event Data Model | Enums |
action | WHAT the source actor did. See ACTION options in Log Event Data Model | Enums |
target | WHICH entity is the event impacting |
| A unique identifier of the target “entity”, for |
| See TARGET options in Log Event Data Model | Enums |
| A map of extra attributes related to the target. See Attribute Keys in Log Event Data Model | Enums |
eventTime | WHEN the event occurred , a timestamp |
detail | A map of results or side effects of the action, such things as attributes changed, status changed, etc. This is an action-specific object which contains different sub properties in accordance with action and target category. Details will be discussed below. |
Enums
Enum | Values |
---|---|
source type | See |
target type | See |
meta attribute key | |
action |
Persistency
Postgres supports JSON/JSONB data type, and standard JSONPATH queries and indices on JSON attributes. Without these features, we would turn to ElasticSearch, but luckily, Postgres does.
Final Avro schemas
The latest avro schema file is in common/schema/schemas/backoffice