Table of Contents
Audit service is used for logging and retrieving audit data into a datastore. Audit data are mainly coming from events.
The audit service is logging creation/deletion/modification events. It is also possible to configure the service to log other events. For example, there is an addon, called nuxeo-platform-audit-web-access, that log web access.
Audit service is mainly a datastore service. It defines a data record structure that will be used for storing audit information. The datastore is built over a relational database backend. The data record structure is defined in Java by the LogEntry and ExtendedInfo java classes. They are mapped onto the datastore using JPA (Java Persistence API) annotations. Audit service receive events from the Event service. Then the Audit service is filtering and converting them into log entries. The LogEntry class is mainly obtained from the DocumentMessage event type. Audit entries may also contain extended informations. These informations are extracted from the event message using EL (Expression Language) expression and stored into a map.
Extended information map is a feature that is available since the 5.2 release. Prior releases was achieving extension by introducing specialized LogEntry types and OR mappings.
The following java snipset shows you how to retrieve entries associated with a document
.. DocumentModel document = ... NXAuditEventService audit = Framework.getService(NXAuditEventService.class); List<LogEntry> entries = audit.getLogEntriesFor(document.getDocUUID()); ..
You can also select entries using HQL language. The following snipset shows you how to retrieve entries for a whole document hierachy having a dublincore title.
an extended information should be contributed to the audit service, extracting the dublincore title property from the document and storing it in the extended information map using the 'title' key.
..
NXAuditEventService audit = Framework.getService(NXAuditEventService.class);
List<LogEntry> entries = audit.nativeQueryLogs(
"log.docPath like '/somefolder/%' and" +
"log.extendedInfos['title'] is not null", 1, 10);
..
You may need to add some information to the audit datastore. Sending a core event is not the only way. You can invoke directly the audit service. The following java code snipset shows you how to do that.
.. NXAuditEventService audit = Framework.getService(NXAuditEventService.class); LogEntry entry = new LogEntry(); .. entry.setXXX(...); .. audit.addLogEntry(entry); ..
Logging other event types can be done by using an
event extension point. Here is an example of how to
define this extension point.
<extension point="event"
target="org.nuxeo.ecm.platform.audit.service.NXAuditEventsService">
<event name="documentCreated" />
<event name="documentCreatedByCopy" />
<event name="documentDuplicated" />
<event name="documentMoved" />
<event name="documentRemoved" />
<event name="documentModified" />
<event name="documentLocked" />
<event name="documentUnlocked" />
<event name="documentPublished" />
<event name="documentSecurityUpdated" />
<event name="documentUnPublished" />
<event name="documentSubmitedForPublication" />
<event name="documentPublicationRejected" />
<event name="documentPublicationApproved" />
<event name="lifecycle_transition_event" />
</extension>
Just after converting received DocumentMessage instance into the corresponding LogEntry instance, Audit service allows you to extract information from the handling context and to store them. To do this, you have to define an EL expression and associate it with a key. You can access to the following variables :
message
Document message describing the event
source
Document from which the event is from
principal
Identity of the event owner
The following XML snipset is an example of how to extract properties from the document model and store them into the extended information map.
<extension point="extendedInfo"
target="org.nuxeo.ecm.platform.audit.service.NXAuditEventsService">
<extendedInfo expression="${source.dublincore.title}" key="title" />
<extendedInfo expression="${message.cacheKey}" key="key" />
<extendedInfo expression="${principal.name}" key="user" />
</extension>