Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Every operation in OpenCGA is audited since version 2.0.0.

Audit record data model

The full audit data model can be checked here.

FieldDescription
idUnique Audit Record id. Timestamp based.
operationIdTimestamp based id. Some web service operations require more than one suboperation. In those cases, OpenCGA will generate as many Audit Records as necessary but they will all share the same operation id.
userIdUser carrying out the operation.
apiVersionOpenCGA version running when the operation was performed.
actionAction being performed by the user. One of: CREATE, UPDATE, INFO, SEARCH, COUNT, DELETE, DOWNLOAD, INDEX, CHANGE_PERMISSION, LOGIN... See the full list here.
resourceInvolved resource. One of: USER, PROJECT, STUDY, SAMPLE, FILE, COHORT, INDIVIDUAL, FAMILY, JOB, PANEL, CLINICAL, INTERPRETATION, VARIANT, ALIGNMENT, CATALOG.
resourceIdInvolved resource id. Only filled in when possible. Example: A SEARCH action will never have an associated resource id but an INFO action will involve a particular resource id.
resourceUuidInvolved resource uuid. Only filled in when possible. Example: A SEARCH action will never have an associated resource id but an INFO action will involve a particular resource uuid.
studyIdInvolved study id. It is not filled in when the resource is either USER, PROJECT or CATALOG.
studyUuidInvolved study uuid. It is not filled in when the resource is either USER, PROJECT or CATALOG.
paramsAll the query parameters sent by the user that are necessary to perform the action required.
statusSUCCESS or ERROR. In case of ERROR, it will also contain an error code as well as an error description.
dateDate when the Audit Record was generated.
attributesAny additional information that might be of interest and not covered in the rest of the fields.

How the audit works

OpenCGA audits every action a user performs. That includes not only queries but also any alteration of the data. The Audit Records will include also information regarding if the operation could be successfully satisfied or not. If these are not satisfied, OpenCGA will audit the reason why it was not possible including the error message.

Audit Records are currently stored in a separated collection "audit" in MongoDB along with the rest of collections of OpenCGA catalog. In version 2.1, we will support queries to the audit collection so administrators can filter by any of the fields described above.

Additionally, in future releases, we will support storing Audit Records in different auditing solutions.

Table of Contents:

Table of Contents
indent20px