Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Every operation in OpenCGA is audited since version 2.0.0.
Audit recordOverview
OpenCGA 2.0.0 implements several improvements in the Audit component. Now, all operations in OpenCGA are audited.
How the audit works
OpenCGA audits every action a user performs. That includes not only queries but also any modification of the data. The Audit Record will include also information regarding if the operation could be successfully satisfied or not. If these are not satisfied, OpenCGA will audit the reason why it was not possible including the error message.
Audit Records are currently stored in a separated collection "audit" in MongoDB along with the rest of collections of OpenCGA Catalog. In version 2.1, we will support queries to the audit collection so administrators can filter by any of the fields described above.
Additionally, in future releases, we will support storing Audit Records in different auditing solutions.
Audit Record data model
The full audit data model can be checked herechecked at Audit Record.
Field | Description |
---|---|
id | Unique Audit Record id. Timestamp based. |
operationId | Timestamp based id. Some web service operations require more than one suboperation. In those cases, OpenCGA will generate as many Audit Records as necessary but they will all share the same operation id. |
userId | User carrying out the operation. |
apiVersion | OpenCGA version running when the operation was performed. |
action | Action being performed by the user. One of: CREATE, UPDATE, INFO, SEARCH, COUNT, DELETE, DOWNLOAD, INDEX, CHANGE_PERMISSION, LOGIN... See the full list here. |
resource | Involved resource. One of: USER, PROJECT, STUDY, SAMPLE, FILE, COHORT, INDIVIDUAL, FAMILY, JOB, PANEL, CLINICAL, INTERPRETATION, VARIANT, ALIGNMENT, CATALOG. |
resourceId | Involved resource id. Only filled in when possible. Example: A SEARCH action will never have an associated resource id but an INFO action will involve a particular resource id. |
resourceUuid | Involved resource uuid. Only filled in when possible. Example: A SEARCH action will never have an associated resource id but an INFO action will involve a particular resource uuid. |
studyId | Involved study id. It is not filled in when the resource is either USER, PROJECT or CATALOG. |
studyUuid | Involved study uuid. It is not filled in when the resource is either USER, PROJECT or CATALOG. |
params | All the query parameters sent by the user that are necessary to perform the action required. |
status | SUCCESS or ERROR. In case of ERROR, it will also contain an error code as well as an error description. |
date | Date when the Audit Record was generated. |
attributes | Any additional information that might be of interest and not covered in the rest of the fields. |
How the audit works
OpenCGA audits every action a user performs. That includes not only queries but also any alteration of the data. The Audit Records will include also information regarding if the operation could be successfully satisfied or not. If these are not satisfied, OpenCGA will audit the reason why it was not possible including the error message.
Audit Records are currently stored in a separated collection "audit"in |
the rest of |
the |
fields |
. |
Table of Contents:
Table of Contents | ||
---|---|---|
|