Skip to content

Service ping for streaming audit events by type

Release notes

Problem to solve

Visibility into the quantity and types of audit events that are sent with streaming audit events will help us to better understand which features users are using. It is currently difficult to understand when events in streaming audit events are truly "high volume" or not, which means we err on the side of caution of which events to include in streaming audit events compared to normal audit events.

Proposal

Add service ping counters for the quantity of each streaming audit event type sent over the reporting period. This is intended to just be a raw count over the time period - we do not want to collect any of the source, target, IP, messages, or any of the sensitive data in the event itself.

  • This can use the event_type/name that already exists in the event, rather than creating new event names. If there is no name, create a default name to catch all events within it.

As an illustrative example, these results might look like this JSON dictionary:

{
   reported_at: "2022-05-01",
   streaming_audit_event_counts: {
      event_1: 499,
      event_2: 74,
      ...
      event_n: 918
   }
}

Question: What sort of performance impact, if any, would recording this data have? Question: What is the best format to send these events back in so that they can easily be interfaced with in Snowflake along our other service ping data? Consider talking to the Product Intelligence team.

Implementation plan

  • Implement a Redis instrumentation class to count the number of audit events generated for each type.
  • Inside the AuditEventStreamingWorker class, increment this counter each time a new audit event is streamed.

Intended users

Feature Usage Metrics

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.

Edited by Harsimar Sandhu