Audit logs

As you and your team interact with Conduktor, audit events are captured that give a detailed log of actions, providing a centralized visibility of user-related and resource-related events.

Console overview

The Console audit log events can be browsed, filtered and searched directly via the UI or exported from a Kafka topic for further use (such as maintaining your own audit trail in other systems).

Click on an event in the audit log to expose event-specific metadata. Here’s an example of an audit event for a new connector which can include metadata such as custom tags, the cluster, connector name and its ID.

Once configured with the correct environment variables, audit log events are also exported to a Kafka topic, allowing you to leverage the benefits of Conduktor when finding a message.

View and export audit logs

Export audit log events

You can export audit log events from a Kafka topic using the Console UI. The exportable events have more detail than the legacy events, providing additional information about the event that has taken place.Learn how to configure audit events for export via configuration properties.The events conform to the CloudEvents specification, a vendor-neutral format that follows the following structure:

{
    "specversion" : "1.0",
    "type" : "com.github.pull_request.opened",
    "source" : "https://github.com/cloudevents/spec/pull",
    "subject" : "123",
    "id" : "A234-1234-1234",
    "time" : "2018-04-05T17:31:00Z",
    "comexampleextension1" : "value",
    "comexampleothervalue" : 5,
    "datacontenttype" : "text/xml",
    "data" : "<much wow=\"xml\"/>"
}

Here’s an example of a Conduktor event:

{
  "source": "//kafka/kafkacluster/production/topic/website-orders",
  "data": {
    "eventType": "Kafka.Topic.Create",
    // Additional event specific data...
    "metadata": {
      "name": "website-orders",
      "cluster": "production"
    }
    // Additional event specific metadata...
  },
  "datacontenttype": "application/json",
  "id": "ad85122c-0041-421e-b04b-6bc2ec901e08",
  "time": "2024-10-10T07:52:07.483140Z",
  "type": "AuditLogEventType(Kafka,Topic,Create)",
  "specversion": "1.0"
}

Here’s a list of currently available audit log event types.

Kafka related events

Event type	Description
Kafka.Subject.Create	Kafka subject is created.
Kafka.Subject.Update	Kafka subject is updated.
Kafka.Subject.Delete	Kafka subject is deleted.
Kafka.Subject.ChangeCompatibility	Kafka subject compatibility is changed
Kafka.Topic.Create	Kafka topic is created.
Kafka.Topic.Update	Kafka topic is updated.
Kafka.Topic.Delete	Kafka topic is deleted.
Kafka.Topic.Empty	Kafka topic is emptied.
Kafka.Topic.Browse	Kafka topic is browsed.
Kafka.Topic.ProduceRecord	Kafka topic record is produced.
Kafka.Topic.SqlQuery	Kafka topic is requested through Console SQL.
Kafka.Connector.Create	Kafka connector is created.
Kafka.Connector.Update	Kafka connector is updated.
Kafka.Connector.Delete	Kafka connector is deleted.
Kafka.Connector.Restart	Kafka connector is restarted.
Kafka.Connector.TaskRestart	Kafka connector task is restarted.
Kafka.Connector.Pause	Kafka connector is paused.
Kafka.Connector.Resume	Kafka connector is resumed.
Kafka.Connector.AutoRestartActivate	Kafka connector auto-restart is activated.
Kafka.Connector.AutoRestartStop	Kafka connector auto-restart is stopped.
Kafka.ConsumerGroup.Duplicate	Kafka consumer group is duplicated.
Kafka.ConsumerGroup.Update	Kafka consumer group is updated, when the offset is reset.
Kafka.ConsumerGroup.Delete	Kafka consumer group is deleted.

IAM related events

Event type	Description
Iam.User.Create	IAM user is created.
Iam.User.Update	IAM user is updated.
Iam.User.Delete	IAM user is deleted.
Iam.User.Login	IAM user logs in.
Iam.User.Logout	IAM user logs out.
Iam.Group.Create	IAM group is created.
Iam.Group.Update	IAM group is updated.
Iam.Group.Delete	IAM group is deleted.

Self-service related events

Event type	Description
SelfService.Application.Create	Self-service application is created.
SelfService.Application.Update	Self-service application is updated.
SelfService.Application.Upsert	Self-service application is created or updated.
SelfService.Application.Delete	Self-service application is deleted.
SelfService.ApplicationInstance.Create	Self-service application instance is created.
SelfService.ApplicationInstance.Update	Self-service application instance is updated.
SelfService.ApplicationInstance.Delete	Self-service application instance is deleted.
SelfService.ApplicationInstanceApiKey.Create	Self-service application instance API key is created.
SelfService.ApplicationInstanceApiKey.Delete	Self-service application instance API key is deleted.
SelfService.ApplicationGroup.Create	Self-service application group is created.
SelfService.ApplicationGroup.Update	Self-service application group is updated.
SelfService.ApplicationGroup.Delete	Self-service application group is deleted.
SelfService.ApplicationPolicy.Create	Self-service application policy is created.
SelfService.ApplicationPolicy.Update	Self-service application policy is updated.
SelfService.ApplicationPolicy.Delete	Self-service application policy is deleted.
SelfService.ApplicationInstancePermission.Create	Permissions are created for an app instance.
SelfService.ApplicationInstancePermission.Delete	Permissions are deleted for an app instance.
SelfService.ServiceAccount.Create	Service account is created.
SelfService.ServiceAccount.Update	Service account is updated.
SelfService.ServiceAccount.Delete	Service account is deleted.

Admin related events

Event type	Description
Admin.KafkaConnect.Create	A Kafka Connect instance is created.
Admin.KafkaConnect.Update	A Kafka Connect instance is updated
Admin.KafkaConnect.Delete	A Kafka Connect instance is deleted.
Admin.KsqlDB.Create	A ksqlDB instance is created.
Admin.KsqlDB.Update	A ksqlDB instance is updated.
Admin.KsqlDB.Delete	A ksqlDB instance is deleted.
Admin.KafkaCluster.Create	A Kafka cluster is created.
Admin.KafkaCluster.Update	A Kafka cluster is updated.
Admin.KafkaCluster.Delete	A Kafka cluster is deleted.
Admin.SchemaRegistry.ChangeCompatibility	The global compatibility of the schema registry is updated.
Admin.Integration.Update	The alert integration (Slack, MS Teams, Webhook) is updated.
Admin.AdminApiKey.Create	A new admin API key is created.
Admin.AdminApiKey.Delete	An admin API key is deleted.
Admin.DataMaskingPolicy.Create	A data masking policy is created.
Admin.DataMaskingPolicy.Update	A data masking policy is updated.
Admin.DataMaskingPolicy.Delete	A data masking policy is deleted.
Admin.Certificate.Create	A certificate is created.
Admin.Certificate.Delete	A certificate is deleted.

Alert related events

Event type	Description
Kafka.Alert.Create	An alert is created.
Kafka.Alert.Update	An alert is updated.
Kafka.Alert.Delete	An alert is deleted.
Kafka.Alert.Trigger	An alert is triggered.

Partner Zone related events

Event type	Description
Admin.PartnerZone.Create	A Partner Zone is created.
Admin.PartnerZone.Update	A Partner Zone is updated.
Admin.PartnerZone.Delete	A Partner Zone is deleted.
Admin.PartnerZone.TokenCreate	A token is created for accessing a Partner Zone.

Conduktor

Conduktor in production

Deploy Gateway

Deploy Console

Deploy Cortex

Monitor

Manage licenses

Automate

Manage

Access and permissions

Conduktor use cases

Monitor Conduktor usage

Manage Kafka

Console overview

View and export audit logs

Export audit log events

Kafka related events

IAM related events

Self-service related events

Admin related events

Alert related events

Partner Zone related events

Conduktor

Conduktor in production

Deploy Gateway

Deploy Console

Deploy Cortex

Monitor

Manage licenses

Automate

Manage

Access and permissions

Conduktor use cases

Monitor Conduktor usage

Manage Kafka

​Console overview

​View and export audit logs

​Export audit log events

Kafka related events

IAM related events

Self-service related events

Admin related events

Alert related events

Partner Zone related events

​Related resources

Console overview

View and export audit logs

Export audit log events

Related resources