Customize your API to Audit User Transaction Details
You can customize your API to audit user transaction details for all POST/PUT/DELETE requests on table-based resources and have API Server write these details to a collection in a MongoDB database that uses the MongoDBAudit data source provider.
You can customize your API to audit user transaction details for all POST/PUT/DELETE requests on table-based resources and have API Server write these details to a collection in a MongoDB database that uses the MongoDBAudit data source provider. This is a data source provider provided specifically for auditing user transaction details. The REST requests record the old and new value as an audit row into the MongoDB database.
Layer7 Live API Creatorstores transactions in a summary for all affected tables (for example, cascaded updates or inserts by way of a rule).
With your API customized to use audit user transaction details, the following occurs:
- API Server starts.
- A background thread starts.
- API Server receives a POST/PUT/DELETE request on a table-based resource.
- API Server uses the background thread and looks for the_USER_TX_AUDIT_table-based resource. It writes to the collection in the MongoDB database every few seconds.
API Server writes audit user transaction details to this database only for requests on table-based resources.
In this article:
Verify the Prerequisites
Before you create the resource, verify the following prerequisites:
- You have installed the MongoDB JDBC driver.For more information about how to install this driver, see MongoDB Data Source.
- You have added a connection to a data source that uses the MongoDBAudit data source provider and defined the audit collection name.Layer7 Live API Creatoruses this data source (the MongoDB database) to store user transaction details for auditing.For more information about how to add connections to data sources that use the MongoDBAudit data source provider, see Database Connectivity.
Enable Tracking and Persistence of Audit Logs
Enable tracking and persistence of audit logs for all PUT, POST, and DELETE transactions that API Server receives.
Follow these steps:
- With your API open, in the Create section, clickAPI Properties.TheOverviewtab appears.
- Click theSettingstab.
- Select theAudit User Transactionscheckbox, and then clickSave.For more information about the other API settings, see API Properties.
Your API is enabled for tracking and persistence of audit logs.
Create the Resource
_USER_TX_AUDIT_table-based resource to the MongoDB data source. This resource will hold the audit user transaction details.
Follow these steps:
- With your API open, in the Create section, clickResources.
- Above the Resource list, clickNew Resource.The Add Resource window opens.
- Complete the following fields, and then clickAdd:Resource TypeSelectTable-based Resource.EntitySelect the collection name that you want to write audit user transactions from the list of MongoDB data source prefixes.Resource NameEnter_USER_TX_AUDIT_.
- Complete the following fields, and then clickSave:Is a collectionLeave this checkbox selected.
_USER_TX_AUDIT_table-based resource is created.
Test the Resource in the REST Lab
Ensure that you have set up the
_USER_TX_AUDIT_table-based resource correctly and that the API is logging audit records to the MongoDB database. Use the REST Lab to test the resource.
For more information about how to test resources in the REST Lab, see Test your API Using the REST Lab.
Follow these steps:
- With your API open, in the Tools section, clickREST Lab.The Request page opens by default.
- Select a table endpoint or resource endpoint on which you want to operate and clickPOST,PUTorDELETEto trigger a transaction in the database.Since tracking and persistence of audit logs is set up for this API, API server logs an audit record to the MongoDB database.
- SelectResourceas the endpoint, then select the_USER_TX_AUDIT_table-based resource, and then clickGET.The audit user transaction details display in the Response pane. This confirms that the_USER_TX_AUDIT_table-based resource is set up correctly.The following image shows an example of a GET request to the_USER_TX_AUDIT_table-based resource for theDemoAPI. Changes are stored in thenewValueandoldValueattributes. Full details of the transaction summary are captured intxSummaryattribute.