Table of Contents

Introduction

The log

Security

Introduction

When this functionality is enabled, in addition to unstructered logging, AllegroGraph provides an audit log with which important changes can be tracked and queried. The intended audience is system and database administrators conscious of security and performance.

The log

The log resides in the graph of the 'system' repository of the 'system' catalog and consists of a series of events. Each event has a type, a number of parameters specific to the event type, and some contexts that identify the source of the event and the components of the system it passed through. For example, the following event (presented in Turtle format) describes the creation of a free text index called "foo" at 2013-02-26 10:21:29 UTC. The database for which the index was created goes by the name "test db" and is in catalog "test catalog". 

@prefix : <http://franz.com/allegrograph/4.11/audit-log#> .  
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .  
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .  
@prefix temp: <http://franz.com/ns/allegrograph/3.0/temporal/> .  
 
[] a :createFreeTextIndex ;  
  :version "http://www.franz.com/agraph/support/documentation/4.11/" ;  
  temp:time "2013-02-26T10:21:29Z"^^xsd:dateTime ;  
  :db  
  [ a :db ;  
    :name "test db" ;  
    :catalog "test catalog" ] ;  
  :index "foo" ;  
  :backend  
  [ temp:time "2013-02-26T10:21:29Z"^^xsd:dateTime ;  
    a :backend ;  
    :pid 4605  
    :servicePort 55713 ;  
    :remoteHost "127.0.0.1" ;  
    :remotePort 52307 ;  
    :localHost "127.0.0.1" ;  
    :localPort 44860 ] ;  
  :frontend  
  [ temp:time "2013-02-26T10:21:29Z"^^xsd:dateTime ;  
    a :frontend ;  
    :user "joe" ;  
    :pid 9877  
    :servicePort 9233 ;  
    :remoteHost "127.0.0.1" ;  
    :remotePort 36927 ;  
    :localHost "127.0.0.1" ;  
    :localPort 42194 ] .

There are three contexts carrying additional information about the event. The request was received at the main port of the front end, from user "joe". It was then forwarded to the backend process with pid 4605. The main port of the backend's http server was 55713.

Security

Regardless of security setting, only superuser has access to the system catalog.