DOC-4519-audit-log (#117)

mendonk · aimurphy · web-flow · commit 7c3dc017d65d · 2024-08-14T15:48:31.000-04:00
* initial-content

* more

* Apply suggestions from code review

Co-authored-by: April M &lt;36110273+aimurphy@users.noreply.github.com&gt;

* cleanup-and-add-api-link

* api requests

* Apply suggestions from code review

Co-authored-by: April M &lt;36110273+aimurphy@users.noreply.github.com&gt;

* ypu-you

---------

Co-authored-by: April M &lt;36110273+aimurphy@users.noreply.github.com&gt;
diff --git a/modules/operations/nav.adoc b/modules/operations/nav.adoc
@@ -8,6 +8,7 @@
 ** xref:astream-scrape-metrics.adoc[]
 ** xref:monitoring/integration.adoc[]
 ** xref:monitoring/new-relic.adoc[]
+** xref:monitoring/stream-audit-logs.adoc[]
 ** Grafana dashboards
 *** xref:monitoring/metrics.adoc[]
 *** xref:monitoring/overview-dashboard.adoc[]
diff --git a/modules/operations/pages/monitoring/stream-audit-logs.adoc b/modules/operations/pages/monitoring/stream-audit-logs.adoc
@@ -0,0 +1,91 @@
+= Stream {astra_db} audit logs 
+
+Stream your xref:astra-db-serverless:administration:view-account-audit-log.adoc[{astra_db} audit logs] through {product_name} to an external system.
+
+To enable audit log streaming, you must do one of the following:
+
+ * Provide the **Full Name** of your {product_name} topic and the streaming tenant's `client.conf` file to {support_url}[{company} Support] or your account representative.
+ * POST your configuration to the xref:astra-api-docs:ROOT:attachment$devops-api/index.html#tag/Organization-Operations/operation/configureTelemetry[Astra DevOps API telemetry endpoint].
+
+== Create an {product_name} topic for audit logs
+
+Audit log streaming requires a streaming tenant in the AWS `us-east-2` region.
+You can create a new tenant with the xref:astra-streaming:getting-started:index.adoc[{product_name} quickstart] or use an existing {product_name} tenant.
+
+. In the {link-astra-portal}, go to **Streaming**.
+. Select an existing tenant or xref:astra-streaming:getting-started:index.adoc#your-first-streaming-tenant[Create a Streaming Tenant] in AWS `us-east-2`.
+. Add a xref:astra-streaming:getting-started:index.adoc#add-a-namespace-to-hold-topics[namespace] and xref:astra-streaming:getting-started:index.adoc#a-topic-to-organize-messages[topic] to the tenant.
+. On the *Namespace and Topics* page, click the new topic, and then copy the topic's **Full Name**, such as `persistent://aws-us-east-2-mk/*NAMESPACE_NAME*/*TOPIC_NAME*`.
+. If necessary, create additional audit log topics, and then record the **Full Name** for each topic.
+You can use topics to organize audit logs by event type or other criteria.
+. In the {link-astra-portal}, go to **Streaming**, and then click your audit log streaming tenant.
+. On the *Connect* tab, click **Download client.conf**.
+. To finalize the configuration, do one of the following:
++
+* Send your topic's full name and the `client.conf` file to {support_url}[{company} Support] or your account representative, and then {company} will complete the setup.
+* <<use-the-devops-api,Use the Astra DevOps API to complete the setup.>>
+
+[#use-the-devops-api]
+== Configure audit log streaming with the DevOps API
+
+You can use the xref:astra-api-docs:ROOT:attachment$devops-api/index.html#tag/Organization-Operations/operation/configureTelemetry[Astra DevOps API telemetry endpoint] to configure audit log streaming instead of providing the configuration details to {company} Support.
+
+. In the {link-astra-portal}, create an application token with the **Organization Administrator** role, if you don't already have one.
+
+. To create the audit log streaming configuration, send a POST request with your topic’s full name and the required values from the tenant's `client.conf` file.
++
+The `auth_strategy` and other authentication details depend on your Pulsar configuration.
++
+[source,curl,subs="verbatim,quotes"]
+----
+curl --request POST \
+  --url 'https://api.astra.datastax.com/v2/organizations/**ORG_ID**/telemetry/auditLogs' \
+  --header 'Accept: application/json' \
+  --header 'Authorization: Bearer **APPLICATION_TOKEN**' \
+  --data '{
+  "pulsar": {
+    "endpoint": "pulsar+**BROKER_SERVICE_URL**",
+    "auth_strategy": "token",
+    "topic": "**TOPIC_FULL_NAME**",
+    "auth_name": "token",
+    "token": "**PULSAR_AUTHENTICATION_TOKEN**"
+  }
+}'
+----
++
+.Response
+[%collapsible]
+====
+[source,plain]
+----
+HTTP/1.1 202 Accepted
+----
+====
+. To retrieve and verify the audit log streaming configuration, send a GET request:
++
+[source,curl,subs="verbatim,quotes"]
+----
+curl --request GET \
+  --url 'https://api.astra.datastax.com/v2/organizations/**ORG_ID**/telemetry/auditLogs' \
+  --header 'Authorization: Bearer **APPLICATION_TOKEN**'
+----
++
+.Response
+[%collapsible]
+====
+[source,json]
+----
+{
+  "pulsar": {
+    "endpoint": "pulsar+ssl://pulsar-aws-useast2.streaming.datastax.com:6651",
+    "topic": "persistent://aws-us-east-2-mk-2/default/audit-log",
+    "auth_strategy": "token",
+    "token": "********",
+    "auth_name": "token"
+  }
+}
+----
+====
+
+. To delete an audit log streaming configuration, xref:astra-api-docs:ROOT:attachment$devops-api/index.html#tag/Organization-Operations/operation/deleteTelemetryConfig[send a DELETE request].
+
