SlideShare a Scribd company logo

Design and Implementation Anypoint Platform Audit Logs Splunk Integration

Download as PPTX, PDF
M
Mary Joy Sabal

The document summarizes a presentation on designing and implementing an integration between the Anypoint Platform audit logs and Splunk. The presentation covers the Anypoint Platform audit logs features, the audit log query API, a proposed solution to integrate the audit logs with Splunk using that API, and a demo of the integration. It also notes the rate limiting and data retention policies for the audit logs.

1 of 20
June 2023 Wellington MuleSoft Meetup Group DESIGN AND IMPLEMENTATION: ANYPOINT PLATFORM AUDIT LOGS SPLUNK INTEGRATION Please introduce yourself to the chat…
Speakers https://www.linkedin.com/in/gopalb264/ https://www.linkedin.com/in/mary-joy-sabal/ SPEAKER Gopal Bhumireddy Senior MuleSoft Developer, DXC Technology SPEAKER Mary Joy Sabal Advisor Solution Architect, DXC Technology
3 ● Problem Statement ● Audit Logs Query API (Anypoint Platform) ● Proposed Solution ● Demo ● Key Takeaways Agenda
Out of scope / Exclusions ● Splunk Enterprise Security ● Disabling Cloudhub logs due to trial account ● MuleSoft Operational Logs 4
Problem Statement / Business Challenges
Business Challenges 6
Audit Logging
Audit Logs ● Changes made by users within Anypoint Platform organizations are logged through an audit logging service. ● Provides a queryable history of actions performed within the Anypoint Platform. ● Keeps track of all users who have interacted with objects in the system and timestamps those actions. ● Provides mechanisms for querying the set of users who have performed actions, the set of objects that had actions performed on them, and other endpoints that enable the querying of log entries. ● Users who have the Organization Administrator permission or the Audit Log Viewer permission on Anypoint Platform have access to both the UI and the Query API. ● Business-group aware, which means you see only logs that are relevant to your own business group. 8
Audit Log Query API 9 https://anypoint.mulesoft.com/exchange/portals/anypoint-platform/f1e97bc6-315a-4490-82a7-23abe036327a.anypoint-platform/audit-log-query-api/
Audit Log Contents Each log entry has a set of properties that provides information about the activity: o Time: The timestamp when the activity occurred. o Product: The product where the object resides, for example, Access Management o Type: The type of the object on which the action is performed, for example, Organization o Action: The action associated with the object, for example, Create o Object: The name of the object, for example, foo o User Name: The user who performed the action, for example, johndoe o Connected App: Name of the connected app that takes an action on behalf of a user or itself. If a connected app did not execute the action, the payload is N/A. o Environment: Environment names for events from API Manager, Runtime Manager, CloudHub, Partner Manager, and MQ. o Parent: (Optional) The parent of the object (if any) on which the action is performed. Mainly relevant to APIs. o Payload: (Optional) More information about the log properties. For example, if an Organization was created, then the payload would contain information about the organization and the owner, such as IDs. 10
Rate Limit Policy for Audit Log Query Endpoint ● If a client exceeds the rate limit for a given control plane, the Audit Log Query endpoint returns a 503 Service Unavailable status code until the minute expires. During this time, the service is unavailable to the client. ● MuleSoft recommends that users of the Audit Log Query Endpoint monitor their request rates and adjust their usage accordingly to avoid exceeding the rate limit. Note that exceeding the rate limit may result in the endpoint being temporarily unavailable. 11 Control Plane Allowed requests per minute per IP US 700 EU 40 Gov 40
Audit Log Retention Period ● Default retention period of six years. ● Users who have Audit Log Config Manager and Organization Administrator permissions can configure the retention period for the audit logs in their organization. ● Download your logs periodically if you want to maintain your log files for longer than six years or build a custom API to send the audit logs to external monitoring tool like Splunk. ● When you configure a retention period: https://docs.mulesoft.com/access-management/audit- log-retention#configure-audit-log-retention-period  You can specify a retention period between 30 and 2190 days.  The date the new retention period takes effect must be a minimum of seven days from the current date.  Configuring a new retention period affects your organization’s compliance policy. 12
Proposed Solution
Conceptual Diagram 14
Sequence Diagram 15
Demo
Pre-requisites ● Splunk Cloud trial account or standalone installed on your local machine. ● Anypoint Platform trial account 17
Key Takeaways
Feel free to reach out! https://www.linkedin.com/in/gopalb264/ https://www.linkedin.com/in/mary-joy-sabal/ SPEAKER Gopal Bhumireddy Senior MuleSoft Developer, DXC Technology SPEAKER Mary Joy Sabal Advisor Solution Architect, DXC Technology

Recommended

Mule SFTP connector
Mule SFTP connectorMule SFTP connector
Mule SFTP connector
Ankush Sharma
 
RabbitMQ Operations
RabbitMQ OperationsRabbitMQ Operations
RabbitMQ Operations
Michael Klishin
 
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
MysoreMuleSoftMeetup
 
Postman Enterprise Webinar
Postman Enterprise WebinarPostman Enterprise Webinar
Postman Enterprise Webinar
Kin Lane
 
Learn mulesoft from scratch
Learn mulesoft from scratchLearn mulesoft from scratch
Learn mulesoft from scratch
Nikhil More
 
Postman Webinar: "API Governance with Postman"
Postman Webinar: "API Governance with Postman"Postman Webinar: "API Governance with Postman"
Postman Webinar: "API Governance with Postman"
Postman
 
API strategy with IBM API connect
API strategy with IBM API connectAPI strategy with IBM API connect
API strategy with IBM API connect
Kellton Tech Solutions Ltd
 
DevOps and APIs: Great Alone, Better Together
DevOps and APIs: Great Alone, Better Together DevOps and APIs: Great Alone, Better Together
DevOps and APIs: Great Alone, Better Together
MuleSoft
 

Recommended

Mule SFTP connector
Mule SFTP connectorMule SFTP connector
Mule SFTP connector
Ankush Sharma
 
RabbitMQ Operations
RabbitMQ OperationsRabbitMQ Operations
RabbitMQ Operations
Michael Klishin
 
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
Log4j2 - A deep dive into the logging services in Mulesoft with On-Prem deplo...
MysoreMuleSoftMeetup
 
Postman Enterprise Webinar
Postman Enterprise WebinarPostman Enterprise Webinar
Postman Enterprise Webinar
Kin Lane
 
Learn mulesoft from scratch
Learn mulesoft from scratchLearn mulesoft from scratch
Learn mulesoft from scratch
Nikhil More
 
Postman Webinar: "API Governance with Postman"
Postman Webinar: "API Governance with Postman"Postman Webinar: "API Governance with Postman"
Postman Webinar: "API Governance with Postman"
Postman
 
API strategy with IBM API connect
API strategy with IBM API connectAPI strategy with IBM API connect
API strategy with IBM API connect
Kellton Tech Solutions Ltd
 
DevOps and APIs: Great Alone, Better Together
DevOps and APIs: Great Alone, Better Together DevOps and APIs: Great Alone, Better Together
DevOps and APIs: Great Alone, Better Together
MuleSoft
 
Presentation for soap ui
Presentation for soap uiPresentation for soap ui
Presentation for soap ui
Anjali Rao
 
Livy: A REST Web Service for Spark
Livy: A REST Web Service for SparkLivy: A REST Web Service for Spark
Livy: A REST Web Service for Spark
Ashish kumar
 
Unified stateful big data processing in Apache Beam (incubating)
Unified stateful big data processing in Apache Beam (incubating)Unified stateful big data processing in Apache Beam (incubating)
Unified stateful big data processing in Apache Beam (incubating)
Aljoscha Krettek
 
Future of Integration | MuleSoft
Future of Integration | MuleSoftFuture of Integration | MuleSoft
Future of Integration | MuleSoft
MuleSoft
 
SOA Testing
SOA TestingSOA Testing
SOA Testing
Roopesh Kohad
 
Postman: An Introduction for Testers
Postman: An Introduction for TestersPostman: An Introduction for Testers
Postman: An Introduction for Testers
Postman
 
MuleSoft for Enterprises
MuleSoft for EnterprisesMuleSoft for Enterprises
MuleSoft for Enterprises
PrashantGolani1
 
JMeter
JMeterJMeter
JMeter
YoungSu Son
 
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
Postman
 
Testing Your APIs: Postman, Newman, and Beyond
Testing Your APIs: Postman, Newman, and BeyondTesting Your APIs: Postman, Newman, and Beyond
Testing Your APIs: Postman, Newman, and Beyond
Postman
 
Grails Spring Boot
Grails Spring BootGrails Spring Boot
Grails Spring Boot
TO THE NEW | Technology
 
Why Messaging system?
Why Messaging system?Why Messaging system?
Why Messaging system?
Gurpreet singh
 
Api Testing
Api TestingApi Testing
Api Testing
Vishwanath KC
 
Debugging mule
Debugging muleDebugging mule
Debugging mule
Sindhu VL
 
Postman Webinar: Postman 101
Postman Webinar: Postman 101Postman Webinar: Postman 101
Postman Webinar: Postman 101
Nikita Sharma
 
Scopes in mule
Scopes in muleScopes in mule
Scopes in mule
Ramakrishna kapa
 
Building microservices with grpc
Building microservices with grpcBuilding microservices with grpc
Building microservices with grpc
Sathiyaseelan Muthu kumar
 
Automation Testing With Appium
Automation Testing With AppiumAutomation Testing With Appium
Automation Testing With Appium
Knoldus Inc.
 
Postman
PostmanPostman
Postman
Igor Shubovych
 
Soa testing soap ui (2)
Soa testing soap ui (2)Soa testing soap ui (2)
Soa testing soap ui (2)
Knoldus Inc.
 
Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...
Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...
Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...
Stackify
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
pqrs1234
 

More Related Content

What's hot

Presentation for soap ui
Presentation for soap uiPresentation for soap ui
Presentation for soap ui
Anjali Rao
 
Livy: A REST Web Service for Spark
Livy: A REST Web Service for SparkLivy: A REST Web Service for Spark
Livy: A REST Web Service for Spark
Ashish kumar
 
Unified stateful big data processing in Apache Beam (incubating)
Unified stateful big data processing in Apache Beam (incubating)Unified stateful big data processing in Apache Beam (incubating)
Unified stateful big data processing in Apache Beam (incubating)
Aljoscha Krettek
 
Future of Integration | MuleSoft
Future of Integration | MuleSoftFuture of Integration | MuleSoft
Future of Integration | MuleSoft
MuleSoft
 
SOA Testing
SOA TestingSOA Testing
SOA Testing
Roopesh Kohad
 
Postman: An Introduction for Testers
Postman: An Introduction for TestersPostman: An Introduction for Testers
Postman: An Introduction for Testers
Postman
 
MuleSoft for Enterprises
MuleSoft for EnterprisesMuleSoft for Enterprises
MuleSoft for Enterprises
PrashantGolani1
 
JMeter
JMeterJMeter
JMeter
YoungSu Son
 
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
Postman
 
Testing Your APIs: Postman, Newman, and Beyond
Testing Your APIs: Postman, Newman, and BeyondTesting Your APIs: Postman, Newman, and Beyond
Testing Your APIs: Postman, Newman, and Beyond
Postman
 
Grails Spring Boot
Grails Spring BootGrails Spring Boot
Grails Spring Boot
TO THE NEW | Technology
 
Why Messaging system?
Why Messaging system?Why Messaging system?
Why Messaging system?
Gurpreet singh
 
Api Testing
Api TestingApi Testing
Api Testing
Vishwanath KC
 
Debugging mule
Debugging muleDebugging mule
Debugging mule
Sindhu VL
 
Postman Webinar: Postman 101
Postman Webinar: Postman 101Postman Webinar: Postman 101
Postman Webinar: Postman 101
Nikita Sharma
 
Scopes in mule
Scopes in muleScopes in mule
Scopes in mule
Ramakrishna kapa
 
Building microservices with grpc
Building microservices with grpcBuilding microservices with grpc
Building microservices with grpc
Sathiyaseelan Muthu kumar
 
Automation Testing With Appium
Automation Testing With AppiumAutomation Testing With Appium
Automation Testing With Appium
Knoldus Inc.
 
Postman
PostmanPostman
Postman
Igor Shubovych
 
Soa testing soap ui (2)
Soa testing soap ui (2)Soa testing soap ui (2)
Soa testing soap ui (2)
Knoldus Inc.
 

What's hot (20)

Presentation for soap ui
Presentation for soap uiPresentation for soap ui
Presentation for soap ui
 
Livy: A REST Web Service for Spark
Livy: A REST Web Service for SparkLivy: A REST Web Service for Spark
Livy: A REST Web Service for Spark
 
Unified stateful big data processing in Apache Beam (incubating)
Unified stateful big data processing in Apache Beam (incubating)Unified stateful big data processing in Apache Beam (incubating)
Unified stateful big data processing in Apache Beam (incubating)
 
Future of Integration | MuleSoft
Future of Integration | MuleSoftFuture of Integration | MuleSoft
Future of Integration | MuleSoft
 
SOA Testing
SOA TestingSOA Testing
SOA Testing
 
Postman: An Introduction for Testers
Postman: An Introduction for TestersPostman: An Introduction for Testers
Postman: An Introduction for Testers
 
MuleSoft for Enterprises
MuleSoft for EnterprisesMuleSoft for Enterprises
MuleSoft for Enterprises
 
JMeter
JMeterJMeter
JMeter
 
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
POST/CON 2019 Workshop: Testing, Automated Testing, and Reporting APIs with P...
 
Testing Your APIs: Postman, Newman, and Beyond
Testing Your APIs: Postman, Newman, and BeyondTesting Your APIs: Postman, Newman, and Beyond
Testing Your APIs: Postman, Newman, and Beyond
 
Grails Spring Boot
Grails Spring BootGrails Spring Boot
Grails Spring Boot
 
Why Messaging system?
Why Messaging system?Why Messaging system?
Why Messaging system?
 
Api Testing
Api TestingApi Testing
Api Testing
 
Debugging mule
Debugging muleDebugging mule
Debugging mule
 
Postman Webinar: Postman 101
Postman Webinar: Postman 101Postman Webinar: Postman 101
Postman Webinar: Postman 101
 
Scopes in mule
Scopes in muleScopes in mule
Scopes in mule
 
Building microservices with grpc
Building microservices with grpcBuilding microservices with grpc
Building microservices with grpc
 
Automation Testing With Appium
Automation Testing With AppiumAutomation Testing With Appium
Automation Testing With Appium
 
Postman
PostmanPostman
Postman
 
Soa testing soap ui (2)
Soa testing soap ui (2)Soa testing soap ui (2)
Soa testing soap ui (2)
 

Similar to Design and Implementation Anypoint Platform Audit Logs Splunk Integration

Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...
Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...
Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...
Stackify
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
pqrs1234
 
stackconf 2023 | Measuring Reliability in Production by Thomas Voss.pdf
stackconf 2023 | Measuring Reliability in Production by Thomas Voss.pdfstackconf 2023 | Measuring Reliability in Production by Thomas Voss.pdf
stackconf 2023 | Measuring Reliability in Production by Thomas Voss.pdf
NETWAYS
 
Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...
Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...
Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...
Eva Mave Ng
 
Apigee Insights: Data & Context-Driven Actions
Apigee Insights: Data & Context-Driven ActionsApigee Insights: Data & Context-Driven Actions
Apigee Insights: Data & Context-Driven Actions
Apigee | Google Cloud
 
Salesforce Spring'15 release overview
Salesforce Spring'15 release overviewSalesforce Spring'15 release overview
Salesforce Spring'15 release overview
Rakesh Gupta
 
Experimentation at Blue Apron (webinar)
Experimentation at Blue Apron (webinar)Experimentation at Blue Apron (webinar)
Experimentation at Blue Apron (webinar)
Optimizely
 
PhillyForce 2018 - Salesforce Platform Keynote
PhillyForce 2018 - Salesforce Platform KeynotePhillyForce 2018 - Salesforce Platform Keynote
PhillyForce 2018 - Salesforce Platform Keynote
andyinthecloud
 
Api functional monitoring -9th October 2021
Api functional monitoring -9th October 2021Api functional monitoring -9th October 2021
Api functional monitoring -9th October 2021
AnuragSharma900
 
Princeton-NJ-Meetup-MuleSoft SumoLogic Integration.pptx
Princeton-NJ-Meetup-MuleSoft SumoLogic Integration.pptxPrinceton-NJ-Meetup-MuleSoft SumoLogic Integration.pptx
Princeton-NJ-Meetup-MuleSoft SumoLogic Integration.pptx
SubhasRoy11
 
Sumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - FundamentalsSumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - Fundamentals
Sumo Logic
 
Avanttic tech dates - de la monitorización a la 'observabilidad'
Avanttic tech dates - de la monitorización a la 'observabilidad'Avanttic tech dates - de la monitorización a la 'observabilidad'
Avanttic tech dates - de la monitorización a la 'observabilidad'
avanttic Consultoría Tecnológica
 
Mumbai MuleSoft Meetup 13
Mumbai MuleSoft Meetup 13Mumbai MuleSoft Meetup 13
Mumbai MuleSoft Meetup 13
Akshata Sawant
 
Meetup milano #4 log management and anypoint advanced monitoring
Meetup milano #4 log management and anypoint advanced monitoringMeetup milano #4 log management and anypoint advanced monitoring
Meetup milano #4 log management and anypoint advanced monitoring
Gonzalo Marcos Ansoain
 
Shailendra Resume
Shailendra ResumeShailendra Resume
Shailendra Resume
Shailendra Wasnik
 
Day5 R3 Basis Security
Day5 R3 Basis SecurityDay5 R3 Basis Security
Day5 R3 Basis Security
Guang Ying Yuan
 
Red Hat OpenShift V3 Overview and Deep Dive
Red Hat OpenShift V3 Overview and Deep DiveRed Hat OpenShift V3 Overview and Deep Dive
Red Hat OpenShift V3 Overview and Deep Dive
Greg Hoelzer
 
Microsoft 365 Audit Log Reports - M365 Learning Document
Microsoft 365 Audit Log Reports - M365 Learning DocumentMicrosoft 365 Audit Log Reports - M365 Learning Document
Microsoft 365 Audit Log Reports - M365 Learning Document
Learning SharePoint
 
Sudheer_SAP_ABAP_Resume
Sudheer_SAP_ABAP_ResumeSudheer_SAP_ABAP_Resume
Sudheer_SAP_ABAP_Resume
Sudheer babu
 
TechTalk: Report Bugs Like a Boss
TechTalk: Report Bugs Like a BossTechTalk: Report Bugs Like a Boss
TechTalk: Report Bugs Like a Boss
Lizzy Guido (she/her)
 

Similar to Design and Implementation Anypoint Platform Audit Logs Splunk Integration (20)

Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...
Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...
Leveraging Python Telemetry, Azure Application Logging, and Performance Testi...
 
Session on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log managementSession on API auto scaling, monitoring and Log management
Session on API auto scaling, monitoring and Log management
 
stackconf 2023 | Measuring Reliability in Production by Thomas Voss.pdf
stackconf 2023 | Measuring Reliability in Production by Thomas Voss.pdfstackconf 2023 | Measuring Reliability in Production by Thomas Voss.pdf
stackconf 2023 | Measuring Reliability in Production by Thomas Voss.pdf
 
Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...
Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...
Designing Apps for Runtime Fabric: Logging, Monitoring & Object Store Persist...
 
Apigee Insights: Data & Context-Driven Actions
Apigee Insights: Data & Context-Driven ActionsApigee Insights: Data & Context-Driven Actions
Apigee Insights: Data & Context-Driven Actions
 
Salesforce Spring'15 release overview
Salesforce Spring'15 release overviewSalesforce Spring'15 release overview
Salesforce Spring'15 release overview
 
Experimentation at Blue Apron (webinar)
Experimentation at Blue Apron (webinar)Experimentation at Blue Apron (webinar)
Experimentation at Blue Apron (webinar)
 
PhillyForce 2018 - Salesforce Platform Keynote
PhillyForce 2018 - Salesforce Platform KeynotePhillyForce 2018 - Salesforce Platform Keynote
PhillyForce 2018 - Salesforce Platform Keynote
 
Api functional monitoring -9th October 2021
Api functional monitoring -9th October 2021Api functional monitoring -9th October 2021
Api functional monitoring -9th October 2021
 
Princeton-NJ-Meetup-MuleSoft SumoLogic Integration.pptx
Princeton-NJ-Meetup-MuleSoft SumoLogic Integration.pptxPrinceton-NJ-Meetup-MuleSoft SumoLogic Integration.pptx
Princeton-NJ-Meetup-MuleSoft SumoLogic Integration.pptx
 
Sumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - FundamentalsSumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - Fundamentals
 
Avanttic tech dates - de la monitorización a la 'observabilidad'
Avanttic tech dates - de la monitorización a la 'observabilidad'Avanttic tech dates - de la monitorización a la 'observabilidad'
Avanttic tech dates - de la monitorización a la 'observabilidad'
 
Mumbai MuleSoft Meetup 13
Mumbai MuleSoft Meetup 13Mumbai MuleSoft Meetup 13
Mumbai MuleSoft Meetup 13
 
Meetup milano #4 log management and anypoint advanced monitoring
Meetup milano #4 log management and anypoint advanced monitoringMeetup milano #4 log management and anypoint advanced monitoring
Meetup milano #4 log management and anypoint advanced monitoring
 
Shailendra Resume
Shailendra ResumeShailendra Resume
Shailendra Resume
 
Day5 R3 Basis Security
Day5 R3 Basis SecurityDay5 R3 Basis Security
Day5 R3 Basis Security
 
Red Hat OpenShift V3 Overview and Deep Dive
Red Hat OpenShift V3 Overview and Deep DiveRed Hat OpenShift V3 Overview and Deep Dive
Red Hat OpenShift V3 Overview and Deep Dive
 
Microsoft 365 Audit Log Reports - M365 Learning Document
Microsoft 365 Audit Log Reports - M365 Learning DocumentMicrosoft 365 Audit Log Reports - M365 Learning Document
Microsoft 365 Audit Log Reports - M365 Learning Document
 
Sudheer_SAP_ABAP_Resume
Sudheer_SAP_ABAP_ResumeSudheer_SAP_ABAP_Resume
Sudheer_SAP_ABAP_Resume
 
TechTalk: Report Bugs Like a Boss
TechTalk: Report Bugs Like a BossTechTalk: Report Bugs Like a Boss
TechTalk: Report Bugs Like a Boss
 

Recently uploaded

AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
IndexBug
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
Claudio Di Ciccio
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 

Recently uploaded (20)

AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceAI 101: An Introduction to the Basics and Impact of Artificial Intelligence
AI 101: An Introduction to the Basics and Impact of Artificial Intelligence
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”“I’m still / I’m still / Chaining from the Block”
“I’m still / I’m still / Chaining from the Block”
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 

Design and Implementation Anypoint Platform Audit Logs Splunk Integration

  • 1. June 2023 Wellington MuleSoft Meetup Group DESIGN AND IMPLEMENTATION: ANYPOINT PLATFORM AUDIT LOGS SPLUNK INTEGRATION Please introduce yourself to the chat…
  • 3. 3 ● Problem Statement ● Audit Logs Query API (Anypoint Platform) ● Proposed Solution ● Demo ● Key Takeaways Agenda
  • 4. Out of scope / Exclusions ● Splunk Enterprise Security ● Disabling Cloudhub logs due to trial account ● MuleSoft Operational Logs 4
  • 5. Problem Statement / Business Challenges
  • 8. Audit Logs ● Changes made by users within Anypoint Platform organizations are logged through an audit logging service. ● Provides a queryable history of actions performed within the Anypoint Platform. ● Keeps track of all users who have interacted with objects in the system and timestamps those actions. ● Provides mechanisms for querying the set of users who have performed actions, the set of objects that had actions performed on them, and other endpoints that enable the querying of log entries. ● Users who have the Organization Administrator permission or the Audit Log Viewer permission on Anypoint Platform have access to both the UI and the Query API. ● Business-group aware, which means you see only logs that are relevant to your own business group. 8
  • 9. Audit Log Query API 9 https://anypoint.mulesoft.com/exchange/portals/anypoint-platform/f1e97bc6-315a-4490-82a7-23abe036327a.anypoint-platform/audit-log-query-api/
  • 10. Audit Log Contents Each log entry has a set of properties that provides information about the activity: o Time: The timestamp when the activity occurred. o Product: The product where the object resides, for example, Access Management o Type: The type of the object on which the action is performed, for example, Organization o Action: The action associated with the object, for example, Create o Object: The name of the object, for example, foo o User Name: The user who performed the action, for example, johndoe o Connected App: Name of the connected app that takes an action on behalf of a user or itself. If a connected app did not execute the action, the payload is N/A. o Environment: Environment names for events from API Manager, Runtime Manager, CloudHub, Partner Manager, and MQ. o Parent: (Optional) The parent of the object (if any) on which the action is performed. Mainly relevant to APIs. o Payload: (Optional) More information about the log properties. For example, if an Organization was created, then the payload would contain information about the organization and the owner, such as IDs. 10
  • 11. Rate Limit Policy for Audit Log Query Endpoint ● If a client exceeds the rate limit for a given control plane, the Audit Log Query endpoint returns a 503 Service Unavailable status code until the minute expires. During this time, the service is unavailable to the client. ● MuleSoft recommends that users of the Audit Log Query Endpoint monitor their request rates and adjust their usage accordingly to avoid exceeding the rate limit. Note that exceeding the rate limit may result in the endpoint being temporarily unavailable. 11 Control Plane Allowed requests per minute per IP US 700 EU 40 Gov 40
  • 12. Audit Log Retention Period ● Default retention period of six years. ● Users who have Audit Log Config Manager and Organization Administrator permissions can configure the retention period for the audit logs in their organization. ● Download your logs periodically if you want to maintain your log files for longer than six years or build a custom API to send the audit logs to external monitoring tool like Splunk. ● When you configure a retention period: https://docs.mulesoft.com/access-management/audit- log-retention#configure-audit-log-retention-period  You can specify a retention period between 30 and 2190 days.  The date the new retention period takes effect must be a minimum of seven days from the current date.  Configuring a new retention period affects your organization’s compliance policy. 12
  • 16. Demo
  • 17. Pre-requisites ● Splunk Cloud trial account or standalone installed on your local machine. ● Anypoint Platform trial account 17
  • 18.
  • 20. Feel free to reach out! https://www.linkedin.com/in/gopalb264/ https://www.linkedin.com/in/mary-joy-sabal/ SPEAKER Gopal Bhumireddy Senior MuleSoft Developer, DXC Technology SPEAKER Mary Joy Sabal Advisor Solution Architect, DXC Technology