Customize your API to Audit User Transaction Details

You can customize your API to audit user transaction details for all POST/PUT/DELETE requests on table-based resources and have API Server write these details to a collection in a MongoDB database that uses the MongoDBAudit data source provider.
lac53
You can customize your API to audit user transaction details for all POST/PUT/DELETE requests on table-based resources and have API Server write these details to a collection in a MongoDB database that uses the MongoDBAudit data source provider. This is a data source provider provided specifically for auditing user transaction details. The REST requests record the old and new value as an audit row into the MongoDB database. 
Layer7 Live API Creator
 stores transactions in a summary for all affected tables (for example, cascaded updates or inserts by way of a rule).
With your API customized to use audit user transaction details, the following occurs:
  1. API Server starts.
  2. A background thread starts.
  3. API Server receives a POST/PUT/DELETE request on a table-based resource.
  4. API Server uses the background thread and looks for the 
    _USER_TX_AUDIT_
     table-based resource. It writes to the collection in the MongoDB database every few seconds.
API Server writes audit user transaction details to this database only for requests on table-based resources.
In this article:
Verify the Prerequisites
Before you create the resource, verify the following prerequisites:
  • You have installed the MongoDB JDBC driver.
    For more information about how to install this driver, see MongoDB Data Source.
  • You have added a connection to a data source that uses the MongoDBAudit data source provider and defined the audit collection name. 
    Layer7 Live API Creator
     uses this data source (the MongoDB database) to store user transaction details for auditing.
    For more information about how to add connections to data sources that use the MongoDBAudit data source provider, see Database Connectivity.
Enable Tracking and Persistence of Audit Logs
Enable tracking and persistence of audit logs for all PUT, POST, and DELETE transactions that API Server receives.
Follow these steps:
  1. With your API open, in the Create section, click 
    API Properties
    .
    The 
    Overview
     tab appears.
  2. Click the 
    Settings
     tab.
  3. Select the 
    Audit User Transactions
     checkbox, and then click 
    Save
    .
    For more information about the other API settings, see API Properties.
Your API is enabled for tracking and persistence of audit logs.
Create the Resource
Create the 
_USER_TX_AUDIT_
 table-based resource to the MongoDB data source. This resource will hold the audit user transaction details. 
Follow these steps:
 
  1. With your API open, in the Create section, click 
    Resources
    .
  2. Above the Resource list, click 
    New Resource
    .
    The Add Resource window opens.
  3. Complete the following fields, and then click 
    Add
    :
    Resource Type
     
    Select 
    Table-based Resource
    .
    Entity
     
    Select the collection name that you want to write audit user transactions from the list of MongoDB data source prefixes.
    Resource Name
     
    Enter 
    _USER_TX_AUDIT_
    .
  4. Complete the following fields, and then click 
    Save
    :
    Is a collection
     
    Leave this checkbox selected.
The 
_USER_TX_AUDIT_
 table-based resource is created.
Test the Resource in the REST Lab
Ensure that you have set up the
_USER_TX_AUDIT_
 table-based resource correctly and that the API is logging audit records to the MongoDB database. Use the REST Lab to test the resource.
For more information about how to test resources in the REST Lab, see Test your API Using the REST Lab.
Follow these steps:
 
  1. With your API open, in the Tools section, click 
    REST Lab
    .
    The Request page opens by default.
  2. Select a table endpoint or resource endpoint on which you want to operate and click 
    POST
    PUT
     or 
    DELETE 
    to trigger a transaction in the database.
    Since tracking and persistence of audit logs is set up for this API, API server logs an audit record to the MongoDB database.
  3. Select 
    Resource
     as the endpoint, then select the
    _USER_TX_AUDIT_
     table-based resource, and then click 
    GET
    .
    The audit user transaction details display in the Response pane. This confirms that the
    _USER_TX_AUDIT_
     table-based resource is set up correctly.
    The following image shows an example of a GET request to the
    _USER_TX_AUDIT_
     table-based resource for the 
    Demo
     API. Changes are stored in the 
    newValue
     and 
    oldValue
     attributes. Full details of the transaction summary are captured in 
    txSummary
     attribute.
    Screen Shot 2019-01-23 at 10.56.51 AM.png