Understanding auditing for the building block

The Audit service interacts with a data source layer to write audit entries to a relational database. Audit entries are logged by the Review Commenting & Approval Core service for the building block.

When the Review Commenting & Approval Core service starts, it registers the audit configuration with the Audit service. Registration is required once and occurs each time the ReviewCommentingAndApproval application is redeployed. After successful registration, the following occurs:

  • Registered audit configuration is saved to the database and can be retrieved when required.

  • Audit entries are stored to the database for reviews. The audit entries are logged by the Review Commenting & Approval Core service.

When auditing is enabled for a review, the Audit service determines whether a given action is logged based on the audit level . Audit levels are defined in the audit configuration file using a predefined schema. Each audit level defines the audit actions that are recorded as an audit log .

Audit configuration file:
An XML file that is available in the ReviewCommentingAndApproval application at ReviewCommentingAndApproval/resources/misc/audit/AuditConfig.xml. The XML file defines the audit levels that are available. You can modify the audit configuration to define custom levels and uses a predefined schema. (See Audit configuration file schema .)

Audit logs:
The entries logged for a review. Audit logs are entries made to a database and include predefined and optional custom attributes. Optional custom attributes are provided as name-value pairs. Predefined attributes include the following information:
Module name:
The internal name defined by the building block. For internal use only.

Audited By:
The internal name of the service in the building block that logged the audit entry. For internal use only.

Audit Level:
The name of the audit level.

Action Name:
The name of the audit action, which specifies the action that occurred.

Audit level
Defines the audit actions that are logged as audit entries to the database.

Audit action
Defines an action or occurrence during the review. Each occurrence is identified by a unique name. (See Building block action levels .)

// Ethnio survey code removed