Fusion Audit is a standalone web application that can receive audit and log events from any Fusion Application that has been configured to audit itself.
Fusion Audit has been built specifically to capture and categorise SDMX specific information, as well as general request details. Fusion Audit provides an interactive web interface which displays an aggregated view of audit event with the ability to filter and refine the view based on specific criteria.
Fusion Audit provides an insight into activity across the Fusion Range, with the ability to raise alerts, as well as email weekly usage reports.
Fusion Audit can capture events from multiple applications, such as Fusion Regis, Fusion Matrix, Fusion Security. Fusion Audit can also capture events from multiple instances of the same application, and provides the ability to distinguish between the instances. This makes it possible to see how the load is shared on a load balanced application. This is especially true when viewing the live feed information.
In addition to capturing general details about a request, such as request parameters, IP address, username, response status, Fusion Audit also captures information specific to SDMX. Each request is categorised to a specific function, such as data request, structure request, and information specific to the function is captured, such as which dataflow was queried. Fusion Audit will also audit general, non-sdmx specific requests.
Capturing both general and SDMX specific information makes Fusion Audit a useful application for providing insight into not only who is using an application, but what data they are looking at, or what structures are being modified.
In addition to auditing a server request, Fusion Audit also captured any associated Log events that were also logged by the audited application. Fusion Audit provides the ability to view the log events for any audited request.
Usually log events for an application are stored in a single file on the server, which can make it very difficult to pick out which log events belonged to which request, especially when looking at more historical events. Fusion Audit mitigates this issue by capturing log events and associating each log with a specific request, making it easy to debug issues.
The web Interface provides a live update of activity which shows a breakdown of activity for the past hour for each auditing application. The feed updates every 5 seconds, giving a real time view on server load.
The live feed is a useful feature for viewing how user activity is shared on a load balanced application, as it differentiates usage between multiple instances of same application.
Fusion Audit uses RabbitMQ, a widely used, robust messaging application to guarantee audit delivery. Fusion Products send their audit information to RabbitMQ which in turn delivers the message to Fusion Audit.
Introducing an intermediary message broker ensures no audit events are lost, even if Fusion Audit is taken offline. In the case that messages cannot be delivered, RabbitMQ will persist them, until such a time that they can be successfully processed.
The web Interface provides a chart, showing activity over time alongside a pie chart which shows a breakdown of activity. It is possible to both change what activity is being viewed and over which time period, as well as how the information is broken down. The interface also displays a table of events, with the ability to drill into each event to view additional information about a specific request.
Fusion Audit can email weekly reports on activity.
It is possible in Fusion Audit to exclude specific IP addresses from the interactive view and email reports.