Enable and Configure User Auditing
This applies to: Visual Data Discovery
Write your audit logs to the PostgreSQL database installed with Symphony, or an alternative PostgreSQL database of your choice. Create the database, update the zoomdata.properties file, and restart Symphony to begin capturing audit events.
If you expect a large number of user audit events, accumulating a significant amount of information over time, consider using a separate PostgreSQL database.
Create a Database
Create the database for user auditing. There are two ways to do so:
PostgreSQL databases are the only supported database type.
-
Bootstrap creation. When you install or upgrade Symphony using a
bootstrap-zoomdatascript, a user audit data table is created on the local PostrgreSQL instance. The user audit database is namedzoomdata-user-auditing, and installed at the same location as the Logi metadata for your Symphony instance. -
Manual creation. To use a separate database or PostgreSQL instance from your Symphony metadata database, edit the
zoomdata.propertiesfile to reflect the target parameters to use. Set the default value ofdestination.params.passwordto the same database password used in your default PostgreSQL database. Symphony creates the collections automatically in that database as needed.
Enable User Auditing
After you have created or linked your database, copy these properties into the zoomdata.properties file.
user-auditing.enabled=true
user-auditing.destination.name=PostgreSQL
user-auditing.destination.type=postgresql
user-auditing.destination.schema=public
user-auditing.destination.collection=audit_records
user-auditing.destination.collection-per-account=false
user-auditing.destination.params.user_name=${db.username:zoomdata}
user-auditing.destination.params.password=${db.password:}
user-auditing.destination.params.jdbc_url=jdbc:postgresql://localhost:5432/zoomdata-user-auditing
user-auditing.tenant.attribute=
Required and optional properties include:
| Property | Default Value | Description |
|---|---|---|
| enabled | false |
Use to enable or disable user auditing. Default is false, to disable user auditing. To enable, set to true. Required. |
| destination.name | PostgreSQL |
The name of the type of database. Only PostgreSQL is supported. |
| destination.type | postgresql | The database type. Only postgresql is supported. |
| destination.schema | public | |
| destination.collection |
The name of the collection of the user audit data. Use to separate data by accounts to prevent access to audit data by unauthorized users. For example, |
|
| destination.collection-per-account | false |
Default is false, to disable To enable, set to true and include a field for Account ID in destination.collection. |
| destination.params.user_name | zoomdata | The user name sent to the database to write audit data. Required. |
| destination.params.password | The password sent to the database to write audit data. Required. Can be the same as your default PostgreSQL database. | |
| destination.params.jdbc_url |
jdbc:postgresql://localhost:5432/zoomdata-user-auditing |
The path to the audit data database. This can be the same database as the user audit schema as shown, or a separate database or partition, as needed. Required. |
| tenant.attribute | Include any new or existing user attribute to support data capture by tenant customer users. Use in addition to account information that is always captured and retained in the database. |
Restart Symphony
Restart Symphony to begin capturing audit events.
If you used the bootstrap script to install Symphony and audit setup, the audit database table is created when the first event is logged. Test your setup by performing any of the event-triggering actions. See User Audit Events.
If you've set up your database manually, set up the Data Writer microservice to support the user audit processes.