Stream Astra DB audit logs

Stream your Astra DB audit logs through Astra Streaming to an external system.

To enable audit log streaming, you must do one of the following:

Create an Astra Streaming topic for audit logs

Audit log streaming requires a streaming tenant in the AWS us-east-2 region. You can create a new tenant with the Astra Streaming quickstart or use an existing Astra Streaming tenant.

  1. In the Astra Portal, go to Streaming.

  2. Select an existing tenant or Create a Streaming Tenant in AWS us-east-2.

  3. Add a namespace and topic to the tenant.

  4. On the Namespace and Topics page, click the new topic, and then copy the topic’s Full Name, such as persistent://aws-us-east-2-mk/NAMESPACE_NAME/TOPIC_NAME.

  5. If necessary, create additional audit log topics, and then record the Full Name for each topic. You can use topics to organize audit logs by event type or other criteria.

  6. In the Astra Portal, go to Streaming, and then click your audit log streaming tenant.

  7. On the Connect tab, click Download client.conf.

  8. To finalize the configuration, do one of the following:

Configure audit log streaming with the DevOps API

You can use the Astra DevOps API telemetry endpoint to configure audit log streaming instead of providing the configuration details to DataStax Support.

  1. In the Astra Portal, create an application token with the Organization Administrator role, if you don’t already have one.

  2. To create the audit log streaming configuration, send a POST request with your topic’s full name and the required values from the tenant’s client.conf file.

    The auth_strategy and other authentication details depend on your Pulsar configuration.

    curl --request POST \
  --url 'https://api.astra.datastax.com/v2/organizations/ORG_ID/telemetry/auditLogs' \
  --header 'Accept: application/json' \
  --header 'Authorization: Bearer APPLICATION_TOKEN' \
  --data '{
  "pulsar": {
    "endpoint": "pulsar+BROKER_SERVICE_URL",
    "auth_strategy": "token",
    "topic": "TOPIC_FULL_NAME",
    "auth_name": "token",
    "token": "PULSAR_AUTHENTICATION_TOKEN"
  }
}'
    Response 
    HTTP/1.1 202 Accepted

  3. To retrieve and verify the audit log streaming configuration, send a GET request:

    curl --request GET \
  --url 'https://api.astra.datastax.com/v2/organizations/ORG_ID/telemetry/auditLogs' \
  --header 'Authorization: Bearer APPLICATION_TOKEN'
    Response 
    {
  "pulsar": {
    "endpoint": "pulsar+ssl://pulsar-aws-useast2.streaming.datastax.com:6651",
    "topic": "persistent://aws-us-east-2-mk-2/default/audit-log",
    "auth_strategy": "token",
    "token": "********",
    "auth_name": "token"
  }
}

  4. To delete an audit log streaming configuration, send a DELETE request.

Was this helpful?

Edit this page

Give Feedback

How can we improve the documentation?

© 2024 DataStax | Privacy policy | Terms of use

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000, info@datastax.com