Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-3418

Doc: AMQ broker audit logging should be configurable, and easier for an administrator to interpret

    XMLWordPrintable

Details

    • Task
    • Resolution: Done
    • Major
    • AMQ 7.7.0.GA
    • AMQ 7.3.0.GA
    • documentation
    • None

    Description

      AMQ 7 has some audit logging capabilities since 7.3. This feature is documented upstream[1] but, at the time of writing, there is no Red Hat documentation.

      The auditing feature appears simply to log every JMX operation, including those that check for permissions. Thus not only are significant administrative changes captured, ordinary messaging operations generate a large amount of audit log. Here is a sample:

      [server=ActiveMQServerImpl::serverUUID=71686817-b821-11e9-a8a4-fa163e20a53f], temp=false]@431671ff []
2019-08-06 10:28:40,516 [AUDIT](qtp1422273905-38) AMQ601019: User amq|amq| is getting mbean info on target resource: org.apache.activemq.artemis.core.management.impl.QueueControlImpl@589da3f3 []
2019-08-06 10:28:40,517 [AUDIT](qtp1422273905-38) AMQ601168: User amq|amq| is getting messages acknowledged on target resource: QueueImpl[name=project1.HELLOWORLDMDBQueue, postOffice=PostOfficeImpl [server=ActiveMQServerImpl::serverUUID=71686817-b821-11e9-a8a4-fa163e20a53f], temp=false]@431671ff []
2019-08-06 10:28:40,517 [AUDIT](qtp1422273905-38) AMQ601019: User amq|amq| is getting mbean info on target resource: org.apache.activemq.artemis.core.management.impl.QueueControlImpl@589da3f3 []
2019-08-06 10:28:40,517 [AUDIT](qtp1422273905-38) AMQ601190: User amq|amq| is getting first message as json on target resource: QueueImpl[name=project1.HELLOWORLDMDBQueue, postOffice=PostOfficeImpl

      There does not appear to be any way to control the granularity of the logging, nor the classes of events that are logged. Consequently, not only is it difficult to find the relevant information, the large log volume could cause a reduction in throughput that would be unhelpful in a high-load, production setting.

      What AMQ administrators really want to audit, in my experience, is significant administrative events. The audit trail needs to capture events like deleting messages using the console, or changing the configuration of the broker. This information is captured in the current implementation, but it's difficult to find.

      I think it would be of benefit to make three enhancements to the audit logging implementation:

      1. By default, only JMX operations that are directly related to administrator action (via the command line or console) should be logged.
      2. The classes of events that are logged should be externalised, and read from a configuration file
      3. The log should include the event class, ideally in user-friendly language. That is, it should state in plain language what was done, rather than an MBean method name.

      [1] https://activemq.apache.org/components/artemis/documentation/latest/logging.html

      Attachments

        Issue Links

          clones

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. ENTMQBR-2736 AMQ broker audit logging should be configurable, and easier for an administrator to interpret

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              jbyrne@redhat.com John Byrne
              jbyrne@redhat.com John Byrne
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: