Skip to main content
Quick navigation

Audit log events

Overview

As you and your team interact with Conduktor, audit events are captured that give a detailed log of actions, providing a centralized visibility of user-related and resource-related events.

The audit log events can be browsed, filtered and searched directly within Conduktor's UI or exported from a Kafka topic for any further use, such as maintaining your own audit trail in other systems.

Admin Audit

Click on an event in the audit log to expose event-specific metadata. Here's an example of an audit event for a new connector which can include metadata such as custom tags, the cluster, connector name and its ID.

Admin Audit Event

Once configured with the correct environment variables, audit log events are also exported to a Kafka topic, allowing you to leverage the benefits of Conduktor when finding a message. kafka message audit log

View and export audit logs

Export audit log events

You can export audit log events from a Kafka topic using the Console UI. The exportable events have more detail than the legacy events, providing additional information about the event that has taken place.

Learn how to configure audit events for export via configuration properties.

The events conform to the CloudEvents specification, a vendor-neutral format that follows the following structure:

{
"specversion" : "1.0",
"type" : "com.github.pull_request.opened",
"source" : "https://github.com/cloudevents/spec/pull",
"subject" : "123",
"id" : "A234-1234-1234",
"time" : "2018-04-05T17:31:00Z",
"comexampleextension1" : "value",
"comexampleothervalue" : 5,
"datacontenttype" : "text/xml",
"data" : "<much wow=\"xml\"/>"
}

Here's an example of a Conduktor event:

{
"source": "//kafka/kafkacluster/production/topic/website-orders",
"data": {
"eventType": "Kafka.Topic.Create",
// Additional event specific data...
"metadata": {
"name": "website-orders",
"cluster": "production"
}
// Additional event specific metadata...
},
"datacontenttype": "application/json",
"id": "ad85122c-0041-421e-b04b-6bc2ec901e08",
"time": "2024-10-10T07:52:07.483140Z",
"type": "AuditLogEventType(Kafka,Topic,Create)",
"specversion": "1.0"
}

Here's a list of currently available audit log event types.

Event typeDescription
Kafka.Subject.CreateKafka subject is created.
Kafka.Subject.UpdateKafka subject is updated.
Kafka.Subject.DeleteKafka subject is deleted.
Kafka.Subject.ChangeCompatibilityKafka subject compatibility is changed
Kafka.Topic.CreateKafka topic is created.
Kafka.Topic.UpdateKafka topic is updated.
Kafka.Topic.DeleteKafka topic is deleted.
Kafka.Topic.EmptyKafka topic is emptied.
Kafka.Topic.BrowseKafka topic is browsed.
Kafka.Topic.ProduceRecordKafka topic record is produced.
Kafka.Topic.SqlQueryKafka topic is requested through Console SQL.
Kafka.Connector.CreateKafka connector is created.
Kafka.Connector.UpdateKafka connector is updated.
Kafka.Connector.DeleteKafka connector is deleted.
Kafka.Connector.RestartKafka connector is restarted.
Kafka.Connector.TaskRestartKafka connector task is restarted.
Kafka.Connector.PauseKafka connector is paused.
Kafka.Connector.ResumeKafka connector is resumed.
Kafka.Connector.AutoRestartActivateKafka connector auto-restart is activated.
Kafka.Connector.AutoRestartStopKafka connector auto-restart is stopped.
Kafka.ConsumerGroup.DuplicateKafka consumer group is duplicated.
Kafka.ConsumerGroup.UpdateKafka consumer group is updated, when the offset is reset.
Kafka.ConsumerGroup.DeleteKafka consumer group is deleted.
Event typeDescription
Iam.User.CreateIAM user is created.
Iam.User.UpdateIAM user is updated.
Iam.User.DeleteIAM user is deleted.
Iam.User.LoginIAM user logs in.
Iam.User.LogoutIAM user logs out.
Iam.Group.CreateIAM group is created.
Iam.Group.UpdateIAM group is updated.
Iam.Group.DeleteIAM group is deleted.
Event typeDescription
SelfService.Application.CreateSelf-service application is created.
SelfService.Application.UpdateSelf-service application is updated.
SelfService.Application.UpsertSelf-service application is created or updated.
SelfService.Application.DeleteSelf-service application is deleted.
SelfService.ApplicationInstance.CreateSelf-service application instance is created.
SelfService.ApplicationInstance.UpdateSelf-service application instance is updated.
SelfService.ApplicationInstance.DeleteSelf-service application instance is deleted.
SelfService.ApplicationInstanceApiKey.CreateSelf-service application instance API key is created.
SelfService.ApplicationInstanceApiKey.DeleteSelf-service application instance API key is deleted.
SelfService.ApplicationGroup.CreateSelf-service application group is created.
SelfService.ApplicationGroup.UpdateSelf-service application group is updated.
SelfService.ApplicationGroup.DeleteSelf-service application group is deleted.
SelfService.ApplicationPolicy.CreateSelf-service application policy is created.
SelfService.ApplicationPolicy.UpdateSelf-service application policy is updated.
SelfService.ApplicationPolicy.DeleteSelf-service application policy is deleted.
SelfService.ApplicationInstancePermission.CreatePermissions are created for an app instance.
SelfService.ApplicationInstancePermission.DeletePermissions are deleted for an app instance.
SelfService.ServiceAccount.CreateService account is created.
SelfService.ServiceAccount.UpdateService account is updated.
SelfService.ServiceAccount.DeleteService account is deleted.
Event typeDescription
Admin.KafkaConnect.CreateA Kafka Connect instance is created.
Admin.KafkaConnect.UpdateA Kafka Connect instance is updated
Admin.KafkaConnect.DeleteA Kafka Connect instance is deleted.
Admin.KsqlDB.CreateA ksqlDB instance is created.
Admin.KsqlDB.UpdateA ksqlDB instance is updated.
Admin.KsqlDB.DeleteA ksqlDB instance is deleted.
Admin.KafkaCluster.CreateA Kafka cluster is created.
Admin.KafkaCluster.UpdateA Kafka cluster is updated.
Admin.KafkaCluster.DeleteA Kafka cluster is deleted.
Admin.SchemaRegistry.ChangeCompatibilityThe global compatibility of the schema registry is updated.
Admin.Integration.UpdateThe alert integration (Slack, MS Teams, Webhook) is updated.
Admin.AdminApiKey.CreateA new admin API key is created.
Admin.AdminApiKey.DeleteAn admin API key is deleted.
Admin.DataMaskingPolicy.CreateA data masking policy is created.
Admin.DataMaskingPolicy.UpdateA data masking policy is updated.
Admin.DataMaskingPolicy.DeleteA data masking policy is deleted.
Admin.Certificate.CreateA certificate is created.
Admin.Certificate.DeleteA certificate is deleted.
Event typeDescription
Kafka.Alert.CreateAn alert is created.
Kafka.Alert.UpdateAn alert is updated.
Kafka.Alert.DeleteAn alert is deleted.
Kafka.Alert.TriggerAn alert is triggered.
Event typeDescription
Admin.PartnerZone.CreateA Partner Zone is created.
Admin.PartnerZone.UpdateA Partner Zone is updated.
Admin.PartnerZone.DeleteA Partner Zone is deleted.
Admin.PartnerZone.TokenCreateA token is created for accessing a Partner Zone.