Data governance (Audit log)

Kpow captures all user actions in an audit log.

The audit log is retained in an internal topic, __oprtr_audit_log and displayed in the Kpow UI.

Kpow provides Slack integration integration to have user actions sent to the slack channel of your choosing.

The audit log captures requests and responses related to each user action, as well as the metadata associated with the request.

Audit log

Administrators in Kpow can view the last seven days of audit logs from within the application by navigating to the "Audit log" section within "Settings":

User Log

Users can view their last seven days worth of activity from within the application by navigating to the "User Log" section with "Settings":

Sample Audit Record

Consider a request to create a new Kafka topic named tx-events.

Kpow has been configured with GitHub SSO and the following RBAC policy.

  - resource: ["cluster", "Enpl9Kw4QK6pwK0LaRVssQ"]
    effect:   "Allow"
    role:     "*"

The request to create Kafka topic tx-events will result in the following audit record.

  {:provider :github,
   :email "[email protected]",
   :name "John Smith",
   :login "JohnSmithGithub",
   :id "e69002ee-467d-4d6f-8236-054c58b2a00c"},
   {:topic-name "MyNewTopic",
    :replication-factor "1",
    :partitions "1",
    :config-items {},
    :request/ctx {:cluster-id "Enpl9Kw4QK6pwK0LaRVssQ"}}],
  {:success? true,
   :action "TOPIC_CREATE",
   ({:resource [:cluster "*"],
     :role "*",
     :effect "Allow",
 :ctx {:cluster-id "Enpl9Kw4QK6pwK0LaRVssQ"},
 :type :mutation/request}

The audit log record contains the following details:

  • The contents of the request itself (topic create request)
  • Metadata about the user who made the request (John Smith)
  • Authorization results:
    • Whether the user was authorized to perform the request
    • The matching policies that were evaluated against the request
    • The action required to perform the mutation (TOPIC_CREATE)