RabbitMQ Audit log

There are several reasons why your organisation might want a log of all actions performed on a RabbitMQ instance: verifying that your apps are behaving as they should, reviewing what went wrong after an incident, and checking that only apps/users you know about are connecting to RabbitMQ... For theses reasons we have an audit log feature for RabbitMQ that takes internal events from RabbitMQ (e.g. connection.created, queue.created, binding.created...) and delivers them as Syslog (rfc5424) over TCP to an endpoint of your choice (maybe an a9s LogMe instance).

This feature has been developed for RabbitMQ 3.7 only and therefore when enabled globally (all instances created by a service broker) RabbitMQ 3.6 should be disabled.

Variables

\rabbitmq_audit_log_endpoint: should be the URL of Syslog endpoint where you would like to stream the logs of all of your RabbitMQ instances to e.g. logme.service.dcx.consul:601

Ops files

Enabling audit log support globally is simple, just include the ops/rabbitmq-globaly-enable-audit-log.yml ops file with your deployment of rabbitmq-service.