Skip to content

BETA BLOG - Providing Liberty audit logs to OpenTelemetry using MicroProfile Telemetry 2.0 #30490

New issue
New issue
Open
Open
BETA BLOG - Providing Liberty audit logs to OpenTelemetry using MicroProfile Telemetry 2.0#30490
Labels
Blogtarget:25002-betatarget:betaThe Epic or Issue is targetted for the next beta
@pgunapal

Description

@pgunapal
pgunapal
opened on Jan 7, 2025

The information you provide here will be included in the Open Liberty beta blog post (example), which will be published on openliberty.io/blog/, and potentially elsewhere, to promote this beta feature/function of Open Liberty. For this post to be included in the beta issue please make sure that this is completed by the end of Friday following the GM (Tuesday). The beta and release blogs are created using automation and rely on you following the template's structure. DO NOT REMOVE/ALTER THE <GHA> TAGS THROUGHOUT THIS TEMPLATE.

<GHA-BLOG-SUMMARY>

MicroProfile Telemetry 2.0 provides developers with the latest Open Telemetry technology; In addition to distributed tracing, the feature now allows OpenTelemetry to collect and export metrics and logs.

Liberty Audit logs can now also be collected to OpenTelemetry using the mpTelemetry-2.0 feature, along with the audit-1.0 or audit-2.0 feature, in addition to Open Liberty runtime log sources (messages, traces, ffdcs) and application logs generated via java.util.logging (JUL).

To enable the MicroProfile Telemetry 2.0 feature to collect audit logs, add either the audit-1.0 or audit-2.0 feature and the new audit log source to the source attribute for the <mpTelemetry/> server configuration element, as stated in the following configuration to your server.xml:

<featureManager>
   <feature>audit-1.0 or audit-2.0</feature>
   <feature>mpTelemetry-2.0</feature>
</featureManager>

<mpTelemetry source="audit"/>
  • Different audit events that are captured and routed to OpenTelemetry are also configurable, by specifying the relevant audit events and outcomes in the auditFileHandler element, as follows:
<auditFileHandler maxFiles="5" maxFileSize="20" compact="true">
    <events name="AuditEvent_1" eventName="SECURITY_AUTHN" outcome="SUCCESS"/>
    <events name="AuditEvent_2" eventName="SECURITY_AUTHN" outcome="REDIRECT"/>
    <events name="AuditEvent_3" eventName="SECURITY_AUTHN" outcome="FAILURE"/>
    <events name="AuditEvent_4" eventName="SECURITY_AUTHZ"/>
</auditFileHandler>

For more information, regarding the audit feature, please refer to the following Open Liberty documentation.

</GHA-BLOG-SUMMARY>

What happens next?

  • Add the label to the blog issue for the beta you're targeting (e.g. target:YY00X-beta).
  • Make sure this blog post is linked back to the Epic for this feature/function.
  • Your paragraph will be included in the beta blog post. It might be edited for style and consistency.
  • You will be asked to review a draft before publication.
    • Once you've approved the code review, close this issue.
  • If you would also like to write a standalone blog post about your update (highly recommended), raise an issue on the Open Liberty blogs repo. State in the issue that the blog post relates to a specific release so that we can ensure it is published on an appropriate date (it won't be the same day as the beta blog post).

Metadata

Metadata

Assignees

No one assigned

    Labels

    Blogtarget:25002-betatarget:betaThe Epic or Issue is targetted for the next beta

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions