Log Record Structure
Log records that are generated by CZERTAINLY platform are structured and contain information about the event that occurred. Log records can be generated by different modules and components of the platform in JSON format.
Structure of log records is defined by Log Record JSON Schema.
Log structure
The log record structure is defined by the following properties:
Property | Type | Required | Description |
---|---|---|---|
version | String | Yes | Version of log structure JSON schema |
audited | Boolean | Yes | Flag marking log record as audit log, representing user triggered action |
module | Enum | Yes | Module where event occurred. Represents part or resource of system related to event. |
actor | Object | Yes | Affiliated party or platform component that triggered operation/event |
source | Object | No | Contains request source information like IP address, agent, etc. |
resource | Object | Yes | Information about resource that is subject of log event |
affiliatedResource | Object | No | Information about affiliated resource that acts in event and is related to subject resource (e.g. push certificate to location) |
operation | Enum | Yes | Operation that is being logged |
operationResult | Enum | Yes | Operation result which is either success or failed |
message | String | No | Free form text message to provide additional information, e.g. error message for failed operation result |
operationData | Object | No | Structured data based on operation, list of possible properties defined in schema |
additionalData | Map | No | Additional key-paired data that can contain debug information or data specific to operation logged |
Module
Module represents part or resource of system related to event. Module can be one of the following:
Module | Short description |
---|---|
approvals | Module for managing approvals and approval requests |
auth | Authentication and authorization module, containing also operations for users and roles resources |
certificates | Certificates management and operations including RA profiles and authorities |
compliance | Module for compliance operations and checks |
core | Module containing core functionality including connectors, credentials and attributes |
discovery | Module for discovery of different resources |
entities | Module for entities and locations management |
keys | Cryptographic keys management and operations including tokens and token profiles |
protocols | Protocols management and operations including protocol profiles |
scheduler | Module for scheduling operations |
workflows | Module for workflows management and operations |
Actor
Actor object represents party or platform component that triggered operation/event.
Actor object contains following properties:
Property | Type | Required | Description |
---|---|---|---|
type | String | Yes | Type of actor, can be user, connector, protocol, etc. |
authMethod | String | Yes | Authentication method used by actor, can be certificate, token, etc. |
uuid | String | No | Identification of actor, usually UUID of object representing actor type |
name | String | No | Associated name with actor based on type. For example, username, protocol name, connector name |
Source
Source object contains information about request source.
Source object contains following properties:
Property | Type | Required | Description |
---|---|---|---|
method | String | Yes | HTTP method of request |
path | String | Yes | HTTP request path |
contentType | String | No | Content type of request |
ipAddress | String | No | IP address of request source |
userAgent | String | No | User agent of request source |
Resource
Resource object contains information about resource that is subject of log event. It is applicable for both resource
and affiliatedResource
, if any.
Resource object contains following properties:
Property | Type | Required | Description |
---|---|---|---|
type | Enum | Yes | Type of the resource |
uuids | List | No | List of associated UUIDs for the resource, possible more values due to bulk operations |
names | List | No | List of resource names, possible more values due to bulk operations |
UUIDs and names lists items on same index correspond to each other.