update audit log #962
update audit log #962
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
There was a problem hiding this comment.
Pull request overview
This PR enhances the audit log documentation by expanding the section on streaming audit logs to external systems. The update transforms a brief explanation into a comprehensive guide with configuration steps, output format examples, integration guidance, and supported systems.
Key Changes
- Expanded the audit log streaming section with structured subsections for configuration, output formats, integration, and supported systems
- Added detailed examples showing both key-value pair and JSON output formats
- Included Docker command example demonstrating the
--enable-json-loggingflag usage
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
adela-bytebase
force-pushed
the
a-branch-95
branch
from
a5325be to
fd2ff2b
Compare
|
|
||
| Database permission controls individual users' or groups' actions within the database. Below shows the built-in roles' database permissions. | ||
|
|
||
| | Role | EXPLAIN | Query | Export | Mutation DML | DDL | Admin | |
There was a problem hiding this comment.
Why not simply DML?
DML = UPDATE | INSERT | DELETE.
What does the word mutation add?
There was a problem hiding this comment.
there page is not updated, it's because the folder name mintlify->docs
I will rename this part in another pr
adela-bytebase
force-pushed
the
a-branch-95
branch
from
fd2ff2b to
e09b2f6
Compare
|  | ||
|
|
||
| ## Emit audit logs to stdout | ||
| ## Stream audit logs to external systems |
There was a problem hiding this comment.
Let's take this chance to do a major refinement of this doc, as audit log is really important for our customers in terms of compliance requirement, e.g. Singpass requires comprehensive audit logging to integrate into their system for monitoring purposes.
There was a problem hiding this comment.
Existing content, especially the Streaming part are mostly good. The whole structure needs some improvement.
Docs are mostly used by developers to solve technical problems, so our doc should be structured to help them quickly obtain the necessary information.
They usually use audit log doc to:
- integrate our audit log into their system
- find the culprit of incident
both of the use cases need log structure and what events are logged to accomplish this
There was a problem hiding this comment.
Actually the structure and documentation of https://tailscale.com/kb/1203/audit-logging is a very good example, we can follow the pattern:
- Basic Information:
- Introducing what audit logging do, and give a reference to all events (log events can be placed in the end of the doc in reference section.
- Available only for Pro and Enterprise
- Log structure.
- Accessing Audit Logs
- on UI
- via API
- Streaming (it would be nice if we include example on end-to-end configuration)
- Retention: need to warn user to purge periodically or disk may be full and result in Bytebase crash
- Events
- Limitations:
- events we don't log
- query results won't be included in the log due to privacy and security reason
|
|
||
| The stdout logs can be ingested by any log collection system, including: | ||
|
|
||
| - **SIEM platforms**: Splunk, Datadog, Elastic, Sumo Logic, Panther |
There was a problem hiding this comment.
Future improvement, add example to integrate log streaming to:
- splunk: dominant SIEM for enterprises
- elasticsearch with logstash: mostly used in open source community
@zchpeter
No description provided.