a9s Messaging Audit log
An extensive log of actions executed on an a9s Messaging instance can be valuable for your organization for various reasons, including:
- Ensuring that your applications are functioning correctly.
- Investigating incidents by reviewing a chronological record of events.
- Validating that only known apps/users are accessing the a9s Messaging platform.
For these reasons we have an audit log feature for a9s Messaging that takes internal events from RabbitMQ
(e.g. connection.created, queue.created, binding.created, ...) and delivers them as Syslog (rfc5424) over TCP to
an endpoint of your choice (maybe an a9s LogMe or a9s LogMe2 instance).
This feature has been developed for a9s RabbitMQ 3.7 and greater.
Enable Globally
It can be achieved by using the following a9s Messaging custom parameters in the a9s SPI configuration or in the service plans configuration for the a9s Messaging.
Example when configuring the SPI:
(...)
rabbitmq-spi:
service_instance:
custom_param_config:
audit-log-endpoint:
default_value: syslog-tls://myd5963ba-fluentd.service.dc1.dsf2.a9ssvc:6514
modifiable: false
audit-log-ca-crt:
modifiable: false
default_value: |
-----BEGIN CERTIFICATE-----
(...) <ca-content-here>
-----END CERTIFICATE-----
(...)
Take a look at Custom Parameter Configuration documentation.