Add support for JSON logging for audit events (!7978) · Merge requests · GitLab.org / GitLab

Stan Hu requested to merge sh-add-json-logging-audit-events into master Oct 17, 2018

This will add audit_json.log that writes one line per audit event. Why?

This makes it easier for customers to ship these logs to tools such as Elasticsearch, Splunk, BigQuery, RedShift for analysis
Removes an immediate need to add an API for audit events, export to CSV, and provide more UI tools for querying
Punts on database schema/management that we need in general for audit logs

Logs will automatically be rotated in Omnibus. Each event is generated in the format such as the following:

{"severity":"INFO","time":"2018-10-17T17:38:22.523Z","author_id":3,"entity_id":2,"entity_type":"Project","change":"visibility","from":"Private","to":"Public","author_name":"John Doe4","target_id":2,"target_type":"Project","target_details":"namespace2/project2"}

Edited Oct 17, 2018 by Stan Hu

Add support for JSON logging for audit events

Merge request reports