The Audit Service provides a mechanism for tracking repository events, recording critical details about them using predicates from the PREMIS ontology:
- Which user performed the event, and using what client software
- What kind of action was taken (creating objects, deleting files, etc.)
- When was the action performed
- What repository resource was changed
The event-driven audit service is a Camel component that processes the JMS events emitted by Fedora 4, and creates audit event records in an external triplestore.
Event-driven audit events provide a lightweight audit system, with minimal impact on the repository. All information for processing is included in the events that Fedora 4 sends, so the Camel processing does not need to retrieve any extra information from the repository, and can accurately process multiple update and deletion events. The external triplestore provides full-featured query functionality for working with audit event records using SPARQL.
The internal audit service is an optional module which can be used to have audit event records automatically created in the repository when updates happen.
Internal audit events provide a way to store audit event information without having to setup an external triplestore, and provides a more robust event store that can take advantage of Fedora's replication, backup, and other preservation features.
When used together, the event-driven and internal audit events provide robust audit storage and full-featured query functionality.
Audit events can also be recorded for processes that happen outside of the repository. These events can be added directly to an external triplestore, or added to the repository along with other event records.
Recording events for external processes allows them to be queried and retrieved with the same processes and tools as Fedora's events, and allows using Fedora's preservation features for storing the event records.