From 49fc1babbc6611b29287bffa8039eaf5e071fad2 Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Fri, 26 Jul 2024 18:34:47 -0400 Subject: [PATCH 01/11] docs: Document telemetry --- .../events/telemetry-data-too.mdx | 215 +++++++++ .../configuration/events/telemetry-data.mdx | 454 ++++++++++++++++++ website/data/docs-nav-data.json | 8 + 3 files changed, 677 insertions(+) create mode 100644 website/content/docs/configuration/events/telemetry-data-too.mdx create mode 100644 website/content/docs/configuration/events/telemetry-data.mdx diff --git a/website/content/docs/configuration/events/telemetry-data-too.mdx b/website/content/docs/configuration/events/telemetry-data-too.mdx new file mode 100644 index 0000000000..580bf6e22a --- /dev/null +++ b/website/content/docs/configuration/events/telemetry-data-too.mdx @@ -0,0 +1,215 @@ +--- +layout: docs +page_title: Telemetry data +description: |- + Learn what data Boundary captures when telemetry is enabled and how you can view it. +--- + +# Telemetry data + +Refer to an event to see which telemetry fields it emits, if you have telemetry enabled. + +## Auth methods (Create) + +- Auth method ID +- Auth method type +- Auth method URI +- Link (Includes location: org ID, project ID, and internal ID) +- Scope ID +- Scope type +- Timestamp + +## Auth methods (Delete) + +- Auth method ID +- Link (Includes location: org ID, project ID, and internal ID) +- Timestamp + +## Auth methods user authenticate + +- Account ID +- Auth method ID +- Link (Includes location: org ID, project ID, and internal ID) +- Scope ID +- Scope type +- Timestamp +- User ID + +## Connections authorized + +- Connection ID +- Connections left +- Connection limit +- Connection status +- Connection type +- Link (Includes location: org ID, project ID, and internal ID) +- Session ID +- Timestamp +- Worker ID + +## Connections closed + +- Connection ID +- Connection status +- Connection type +- Link (Includes location: org ID, project ID, and internal ID) +- Timestamp + +## Group add member + +- HCP Boundary user ID +- Link (Includes location: org ID, project ID, and internal ID) +- Parent scope ID +- Scope ID +- Timestamp + +## Group remove member + +- HCP Boundary user ID +- Link (Includes location: org ID, project ID, and internal ID) +- Parent scope ID +- Scope ID +- Timestamp + +## Group set member + +- HCP Boundary user ID +- Link (Includes location: org ID, project ID, and internal ID) +- Parent scope ID +- Scope ID +- Timestamp + +## Groups (Create/delete) + +- HCP Boundary user ID +- Link (Includes location: org ID, project ID, and internal ID) +- Parent scope ID +- Scope ID +- Timestamp + +## HCP Boundary clusters created + +- Boundary version +- Internal ID +- Link (Includes location: org ID, project ID, and internal ID) +- Organization ID +- Principal ID +- Principal type +- Project ID +- Provider +- Region +- Source channel + +## Host catalogs created + +- Host catalog ID +- Host catalog type +- Link (Includes location: org ID, project ID, and internal ID) +- Parent scope ID +- Plugin ID +- Scope ID +- Timestamp + +## Host catalogs deleted + +- Host catalog ID +- Link (Includes locations: org, project ID, and internal ID) +- Timestamp + +## Hosts created + +- Host catalog ID +- Host ID +- Host type +- Link (Includes locations: org, project ID, and internal ID) +- Parent scope ID +- Plugin ID +- Scope ID +- Timestamp + +## Hosts deleted + +- Host catalog ID +- Host ID +- Link (Includes locations: org ID, project ID, and internal ID) +- Timestamp + +## Org scopes (Create/delete) + +- Organization ID +- Parent scope ID +- Timestamp + +## Project scopes (Create/delete) + +- Link (Including location: org ID, project ID, and internal ID) +- Organization ID +- Parent scope ID +- Timestamp + +## Roles added + +- HCP Boundary user ID +- Link (Includes location: org ID, project ID, and internal ID) +- Parent scope ID +- Scope ID +- Timestamp + +## Roles deleted + +- Link (Includes location: org ID, project ID, and internal ID) +- Role ID +- Timestamp + +## Sessions cancelled + +- Link (Includes location: org ID, project ID, and internal ID) +- Session ID +- Session status +- Timestamp + +## Session lookup + +- Connections left +- Connection limit +- HCP Boundary user ID +- Host ID +- Host set ID +- Link (Includes location: org ID, project ID, and internal ID) +- Session ID +- Session status +- Timestamp +- Worker ID + +## Target session authorized + +- HCP Boundary user ID +- Host ID +- Host set ID +- Link (Includes location: org ID, project ID, and internal ID) +- Parent scope ID +- Scope ID +- Session ID +- Session type +- Target ID +- Timestamp + +## Targets (Create) + +- Link (Includes location: org ID, project ID, and internal ID) +- Target ID +- Timestamp + +## Targets (Delete) + +- Link (Includes location: org ID, project ID, and internal ID) +- Target ID +- Timestamp + +## Users (Create/delete) + +- HCP Boundary user ID +- Link (Includes location: org ID, project ID, and internal ID) +- Parent scope ID +- Scope ID +- Timestamp diff --git a/website/content/docs/configuration/events/telemetry-data.mdx b/website/content/docs/configuration/events/telemetry-data.mdx new file mode 100644 index 0000000000..137a11961a --- /dev/null +++ b/website/content/docs/configuration/events/telemetry-data.mdx @@ -0,0 +1,454 @@ +--- +layout: docs +page_title: Telemetry data +description: |- + Learn what data Boundary captures when telemetry is enabled and how you can view it. +--- + +# Telemetry data + +If you have telemetry enabled in Boundary, you can view the following information. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
EventsTelemetry fields
Auth methods (Create)Auth method ID
Auth method type
Auth method URI
Link (Includes location: org ID, project ID, and internal ID)
Scope ID
Scope type
Timestamp
Auth methods (Delete)Auth method ID
Link (Includes location: org ID, project ID, and internal ID)
Timestamp
Auth methods user authenticateAccount ID
Auth method ID
Link (Includes location: org ID, project ID, and internal ID)
Scope ID
Scope type
Timestamp
User ID
Connections authorizedConnection ID
Connections left
Connection limit
Connection status
Connection type
Link (Includes location: org ID, project ID, and internal ID)
Session ID
Timestamp
Worker ID
Connections closedConnection ID
Link (Includes location: org ID, project ID, and internal ID)
Timestamp
Connections connectedConnection ID
Connection status
Connection type
Link (Includes location: org ID, project ID, and internal ID)
Timestamp
Group add memberHCP Boundary user ID
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
Scope ID
Timestamp
Group remove memberHCP Boundary user ID
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
Scope ID
Timestamp
Group set memberHCP Boundary user ID
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
Scope ID
Timestamp
Groups (Create/delete)HCP Boundary user ID
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
Scope ID
Timestamp
HCP Boundary clusters createdBoundary version
Internal ID
Link (Includes location: org ID, project ID, and internal ID)
Organization ID
Principal ID
Principal type
Project ID
Provider
Region
Source channel
Host catalogs createdHost catalog ID
Host catalog type
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
Plugin ID
Scope ID
Timestamp
Host catalogs deletedHost catalog ID
Link (Includes location: org ID, project ID, and internal ID)
Timestamp
Hosts createdHost catalog ID
Host ID
Host type
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
Plugin ID
Scope ID
Timestamp
Hosts deletedHost catalog ID
Host ID
Link (Includes location: org ID, project ID, and internal ID)
Timestamp
Org scopes (Create/delete)Organization ID
Parent scope ID
Timestamp
Project scopes (Create/delete)Link (Includes location: org ID, project ID, and internal ID)
Organization ID
Parent scope ID
Timestamp
Roles addedHCP Boundary user ID
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
Scope ID
Timestamp
Roles deletedLink (Includes location: org ID, project ID, and internal ID)
Role ID
Timestamp
Sessions cancelledLink (Includes location: org ID, project ID, and internal ID)
Session ID
Session status
Timestamp
Session lookupConnections left
Connection limit
HCP Boundary user ID
Host ID
Host set ID
Link (Includes location: org ID, project ID, and internal ID)
Session ID
Session status
Timestamp
Worker ID
Target session authorizedHCP Boundary user ID
Host ID
Host set ID
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
Scope ID
Session ID
Session type
Target ID
Timestamp
Targets (Create)Link (Includes location: org ID, project ID, and internal ID)
Target ID
Timestamp
Targets (Delete)Link (Includes location: org ID, project ID, and internal ID)
Target ID
Timestamp
Users (Create/delete)HCP Boundary user ID
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
Scope ID
Timestamp
diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index 239ee4e23c..c821d4d150 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -584,6 +584,14 @@ { "title": "Stderr sink", "path": "configuration/events/stderr" + }, + { + "title": "Telemetry data", + "path": "configuration/events/telemetry-data" + }, + { + "title": "Also telemetry", + "path": "configuration/events/telemetry-data-too" } ] }, From faf01eadfeaf7d0eed7e5987ba034be9ae1a3b52 Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Fri, 9 Aug 2024 12:23:46 -0400 Subject: [PATCH 02/11] docs: Update with improved table format --- .../events/telemetry-data-too.mdx | 215 ------------------ .../configuration/events/telemetry-data.mdx | 170 ++++++++++++-- website/data/docs-nav-data.json | 4 - 3 files changed, 151 insertions(+), 238 deletions(-) delete mode 100644 website/content/docs/configuration/events/telemetry-data-too.mdx diff --git a/website/content/docs/configuration/events/telemetry-data-too.mdx b/website/content/docs/configuration/events/telemetry-data-too.mdx deleted file mode 100644 index 580bf6e22a..0000000000 --- a/website/content/docs/configuration/events/telemetry-data-too.mdx +++ /dev/null @@ -1,215 +0,0 @@ ---- -layout: docs -page_title: Telemetry data -description: |- - Learn what data Boundary captures when telemetry is enabled and how you can view it. ---- - -# Telemetry data - -Refer to an event to see which telemetry fields it emits, if you have telemetry enabled. - -## Auth methods (Create) - -- Auth method ID -- Auth method type -- Auth method URI -- Link (Includes location: org ID, project ID, and internal ID) -- Scope ID -- Scope type -- Timestamp - -## Auth methods (Delete) - -- Auth method ID -- Link (Includes location: org ID, project ID, and internal ID) -- Timestamp - -## Auth methods user authenticate - -- Account ID -- Auth method ID -- Link (Includes location: org ID, project ID, and internal ID) -- Scope ID -- Scope type -- Timestamp -- User ID - -## Connections authorized - -- Connection ID -- Connections left -- Connection limit -- Connection status -- Connection type -- Link (Includes location: org ID, project ID, and internal ID) -- Session ID -- Timestamp -- Worker ID - -## Connections closed - -- Connection ID -- Connection status -- Connection type -- Link (Includes location: org ID, project ID, and internal ID) -- Timestamp - -## Group add member - -- HCP Boundary user ID -- Link (Includes location: org ID, project ID, and internal ID) -- Parent scope ID -- Scope ID -- Timestamp - -## Group remove member - -- HCP Boundary user ID -- Link (Includes location: org ID, project ID, and internal ID) -- Parent scope ID -- Scope ID -- Timestamp - -## Group set member - -- HCP Boundary user ID -- Link (Includes location: org ID, project ID, and internal ID) -- Parent scope ID -- Scope ID -- Timestamp - -## Groups (Create/delete) - -- HCP Boundary user ID -- Link (Includes location: org ID, project ID, and internal ID) -- Parent scope ID -- Scope ID -- Timestamp - -## HCP Boundary clusters created - -- Boundary version -- Internal ID -- Link (Includes location: org ID, project ID, and internal ID) -- Organization ID -- Principal ID -- Principal type -- Project ID -- Provider -- Region -- Source channel - -## Host catalogs created - -- Host catalog ID -- Host catalog type -- Link (Includes location: org ID, project ID, and internal ID) -- Parent scope ID -- Plugin ID -- Scope ID -- Timestamp - -## Host catalogs deleted - -- Host catalog ID -- Link (Includes locations: org, project ID, and internal ID) -- Timestamp - -## Hosts created - -- Host catalog ID -- Host ID -- Host type -- Link (Includes locations: org, project ID, and internal ID) -- Parent scope ID -- Plugin ID -- Scope ID -- Timestamp - -## Hosts deleted - -- Host catalog ID -- Host ID -- Link (Includes locations: org ID, project ID, and internal ID) -- Timestamp - -## Org scopes (Create/delete) - -- Organization ID -- Parent scope ID -- Timestamp - -## Project scopes (Create/delete) - -- Link (Including location: org ID, project ID, and internal ID) -- Organization ID -- Parent scope ID -- Timestamp - -## Roles added - -- HCP Boundary user ID -- Link (Includes location: org ID, project ID, and internal ID) -- Parent scope ID -- Scope ID -- Timestamp - -## Roles deleted - -- Link (Includes location: org ID, project ID, and internal ID) -- Role ID -- Timestamp - -## Sessions cancelled - -- Link (Includes location: org ID, project ID, and internal ID) -- Session ID -- Session status -- Timestamp - -## Session lookup - -- Connections left -- Connection limit -- HCP Boundary user ID -- Host ID -- Host set ID -- Link (Includes location: org ID, project ID, and internal ID) -- Session ID -- Session status -- Timestamp -- Worker ID - -## Target session authorized - -- HCP Boundary user ID -- Host ID -- Host set ID -- Link (Includes location: org ID, project ID, and internal ID) -- Parent scope ID -- Scope ID -- Session ID -- Session type -- Target ID -- Timestamp - -## Targets (Create) - -- Link (Includes location: org ID, project ID, and internal ID) -- Target ID -- Timestamp - -## Targets (Delete) - -- Link (Includes location: org ID, project ID, and internal ID) -- Target ID -- Timestamp - -## Users (Create/delete) - -- HCP Boundary user ID -- Link (Includes location: org ID, project ID, and internal ID) -- Parent scope ID -- Scope ID -- Timestamp diff --git a/website/content/docs/configuration/events/telemetry-data.mdx b/website/content/docs/configuration/events/telemetry-data.mdx index 137a11961a..549e4f2cf6 100644 --- a/website/content/docs/configuration/events/telemetry-data.mdx +++ b/website/content/docs/configuration/events/telemetry-data.mdx @@ -9,6 +9,8 @@ description: |- If you have telemetry enabled in Boundary, you can view the following information. +## Auth methods + @@ -27,7 +29,7 @@ If you have telemetry enabled in Boundary, you can view the following informatio - + @@ -53,10 +55,10 @@ If you have telemetry enabled in Boundary, you can view the following informatio - + - + @@ -71,6 +73,19 @@ If you have telemetry enabled in Boundary, you can view the following informatio + +
Auth method URI
Link (Includes location: org ID, project ID, and internal ID)
Auth methods user authenticate Account ID
Auth method ID
Link (Includes location: org ID, project ID, and internal ID)
User ID
+ +## Connections + + + + + + + + + @@ -125,7 +140,20 @@ If you have telemetry enabled in Boundary, you can view the following informatio + +
EventsTelemetry fields
Connections authorized Connection ID
Timestamp
+ +## Groups + + + + + + + + + @@ -189,7 +217,20 @@ If you have telemetry enabled in Boundary, you can view the following informatio + +
EventsTelemetry fields
Group add member HCP Boundary user ID
Timestamp
+ +## HCP Boundary + + + + + + + + + @@ -220,7 +261,20 @@ If you have telemetry enabled in Boundary, you can view the following informatio + +
EventsTelemetry fields
HCP Boundary clusters created Boundary version
Source channel
+ +## Host catalogs + + + + + + + + + @@ -252,7 +306,20 @@ If you have telemetry enabled in Boundary, you can view the following informatio + +
EventsTelemetry fields
Host catalogs created Host catalog ID
Timestamp
+ +## Hosts + + + + + + + + + @@ -290,56 +357,95 @@ If you have telemetry enabled in Boundary, you can view the following informatio + +
EventsTelemetry fields
Hosts created Host catalog ID
Timestamp
+ +## Roles + + + - - + + + + + + + + + + + - + - - + - + + - + + +
Org scopes (Create/delete)Organization IDEventsTelemetry fields
Roles addedHCP Boundary user ID
Link (Includes location: org ID, project ID, and internal ID)
Parent scope ID
TimestampScope ID
Project scopes (Create/delete)Link (Includes location: org ID, project ID, and internal ID)Timestamp
Organization IDRoles deletedLink (Includes location: org ID, project ID, and internal ID)
Parent scope IDRole ID
Timestamp
+ +## Scopes + + + - - + + - - + + + + + - - - - + - + + + + + +
Roles addedHCP Boundary user IDEventsTelemetry fields
Link (Includes location: org ID, project ID, and internal ID)
Org scopes (Create/delete)Organization ID
Parent scope ID
Scope ID
Timestamp
Roles deletedProject scopes (Create/delete) Link (Includes location: org ID, project ID, and internal ID)
Role IDOrganization ID
Parent scope ID
Timestamp
+ +## Sessions + + + + + + + + + @@ -414,7 +520,20 @@ If you have telemetry enabled in Boundary, you can view the following informatio + +
EventsTelemetry fields
Sessions cancelled Link (Includes location: org ID, project ID, and internal ID)
Timestamp
+ +## Targets + + + + + + + + + @@ -434,7 +553,20 @@ If you have telemetry enabled in Boundary, you can view the following informatio + +
EventsTelemetry fields
Targets (Create) Link (Includes location: org ID, project ID, and internal ID)
Timestamp
+ +## Users + + + + + + + + + diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index c821d4d150..49f79271fe 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -588,10 +588,6 @@ { "title": "Telemetry data", "path": "configuration/events/telemetry-data" - }, - { - "title": "Also telemetry", - "path": "configuration/events/telemetry-data-too" } ] }, From d22bbd4eeb8b2a75be130844ee4c1caff18da430 Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Fri, 9 Aug 2024 16:11:49 -0400 Subject: [PATCH 03/11] docs: Adds new topic --- .../configuration/events/configure-events.mdx | 27 +++++++++++++++++++ .../configuration/events/telemetry-data.mdx | 2 +- website/data/docs-nav-data.json | 4 +++ 3 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 website/content/docs/configuration/events/configure-events.mdx diff --git a/website/content/docs/configuration/events/configure-events.mdx b/website/content/docs/configuration/events/configure-events.mdx new file mode 100644 index 0000000000..c8444572c8 --- /dev/null +++ b/website/content/docs/configuration/events/configure-events.mdx @@ -0,0 +1,27 @@ +--- +layout: docs +page_title: Configure events +description: |- + Configure log event sinks to monitor Boundary resources and actions. +--- + +# Configure events + +You can log system information in a well-defined, structured format that give you visibility into emitted events. + +Event sinks provide a location for Boundary to write events to. +You can configure sinks to allow or deny specific event types using filter syntax. +There are two types of event sinks: + +- `stderr` - Sends events to a stderr. +- `file` - Sends events to a file. + +You can repeat the `sink` stanza multiple times to send events to multiple sinks, but each file sink must have a unique path and file name. + +When you configure a sink, you can specify what types of events should be emitted by Boundary: + +- `audit_enabled` - Specifies if audit events should be emitted. +- `observations_enabled` - Specifies if observation events should be emitted. +- `sysevents_enabled` - Specifies if system events should be emitted. +- `telemetry_enabled` - Specifies if telemetry events should be emitted. +To receive telemetry events, you must also set `observations_enabled` to `true`. \ No newline at end of file diff --git a/website/content/docs/configuration/events/telemetry-data.mdx b/website/content/docs/configuration/events/telemetry-data.mdx index 549e4f2cf6..c7e9cfd919 100644 --- a/website/content/docs/configuration/events/telemetry-data.mdx +++ b/website/content/docs/configuration/events/telemetry-data.mdx @@ -7,7 +7,7 @@ description: |- # Telemetry data -If you have telemetry enabled in Boundary, you can view the following information. +If you have telemetry enabled in Boundary, you can view information about the following resources. ## Auth methods diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index 49f79271fe..735aae9b3f 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -573,6 +573,10 @@ "title": "Overview", "path": "configuration/events" }, + { + "title": "Configure event logging", + "path": "configuration/events/configure-events" + }, { "title": "Common sink parameters", "path": "configuration/events/common" From 9cd24cbaa2ebdcd1057426bb7e8f6b351021837d Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Wed, 14 Aug 2024 11:56:30 -0400 Subject: [PATCH 04/11] docs: Add config file example --- .../configuration/events/configure-events.mdx | 56 ++++++++++++++++--- 1 file changed, 49 insertions(+), 7 deletions(-) diff --git a/website/content/docs/configuration/events/configure-events.mdx b/website/content/docs/configuration/events/configure-events.mdx index c8444572c8..040f9ecc0d 100644 --- a/website/content/docs/configuration/events/configure-events.mdx +++ b/website/content/docs/configuration/events/configure-events.mdx @@ -16,12 +16,54 @@ There are two types of event sinks: - `stderr` - Sends events to a stderr. - `file` - Sends events to a file. -You can repeat the `sink` stanza multiple times to send events to multiple sinks, but each file sink must have a unique path and file name. +You can repeat the `sink` stanza more than once to send events to multiple sinks, but each file sink must have a unique path and file name. -When you configure a sink, you can specify what types of events should be emitted by Boundary: +When you configure a sink, you can specify what types of events Boundary should emit: -- `audit_enabled` - Specifies if audit events should be emitted. -- `observations_enabled` - Specifies if observation events should be emitted. -- `sysevents_enabled` - Specifies if system events should be emitted. -- `telemetry_enabled` - Specifies if telemetry events should be emitted. -To receive telemetry events, you must also set `observations_enabled` to `true`. \ No newline at end of file +- `audit_enabled` - Specifies if Boundary emits audit events. +- `observations_enabled` - Specifies if Boundary emits observation events. +- `sysevents_enabled` - Specifies if Boundary should emit system events. +- `telemetry_enabled` - Specifies if Boundary should emit telemetry events. +To receive telemetry events, you must also set `observations_enabled` to `true`. + +You configure event sinks in the configuration file for a controller or worker server. +The following example includes the contents of the `events` stanza in the `compose/controller.hcl` configuration file: + + + +```hcl +events { + audit_enabled = true + observations_enabled = true + sysevents_enabled = true + telemetry_enabled = true + + sink "stderr" { + name = "all-events" + description = "All events sent to stderr" + event_types = ["*"] + format = "cloudevents-json" + } + + sink { + name = "controller-audit-sink" + description = "Audit sent to a file" + event_types = ["audit"] + format = "cloudevents-json" + + file { + path = "/logs" + file_name = "controller.log" + } + + audit_config { + audit_filter_overrides { + secret = "encrypt" + sensitive = "hmac-sha256" + } + } + } +} +``` + + \ No newline at end of file From 3ea327107ee0ddaef21fba95bc1534411024c728 Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Tue, 12 Nov 2024 13:33:43 -0500 Subject: [PATCH 05/11] docs: Remove redundancy --- .../configuration/events/configure-events.mdx | 35 ++++++++-------- .../docs/configuration/events/index.mdx | 41 ++++++++++++------- 2 files changed, 45 insertions(+), 31 deletions(-) diff --git a/website/content/docs/configuration/events/configure-events.mdx b/website/content/docs/configuration/events/configure-events.mdx index 040f9ecc0d..8ba035893c 100644 --- a/website/content/docs/configuration/events/configure-events.mdx +++ b/website/content/docs/configuration/events/configure-events.mdx @@ -7,26 +7,21 @@ description: |- # Configure events -You can log system information in a well-defined, structured format that give you visibility into emitted events. +The [`events`](/docs/configuration/events) stanza lets you log system information in a well-defined, structured format that gives you visibility into emitted events. -Event sinks provide a location for Boundary to write events to. -You can configure sinks to allow or deny specific event types using filter syntax. -There are two types of event sinks: +You configure emitted events and sinks in the configuration file for any controller or worker server. +Complete the following steps to configure events: -- `stderr` - Sends events to a stderr. -- `file` - Sends events to a file. - -You can repeat the `sink` stanza more than once to send events to multiple sinks, but each file sink must have a unique path and file name. - -When you configure a sink, you can specify what types of events Boundary should emit: - -- `audit_enabled` - Specifies if Boundary emits audit events. -- `observations_enabled` - Specifies if Boundary emits observation events. -- `sysevents_enabled` - Specifies if Boundary should emit system events. -- `telemetry_enabled` - Specifies if Boundary should emit telemetry events. +1. Open the configuration file for the controller or worker server that you want to emit events. +1. Edit the `events` stanza in the configuration file. +Set the following to `true` to emit that type of event, and then configure any sinks: + - `audit_enabled` - Specifies if Boundary emits audit events. + - `observations_enabled` - Specifies if Boundary emits observation events. + - `sysevents_enabled` - Specifies if Boundary should emit system events. + - `telemetry_enabled` - Specifies if Boundary should emit telemetry events. To receive telemetry events, you must also set `observations_enabled` to `true`. +1. Save the file. -You configure event sinks in the configuration file for a controller or worker server. The following example includes the contents of the `events` stanza in the `compose/controller.hcl` configuration file: @@ -66,4 +61,10 @@ events { } ``` - \ No newline at end of file + + +## More information + +Refer to the `events` stanza [Overview](/docs/configuration/events) for more information about monitoring events for a controller or worker. + +Refer to [Telemetry data](/docs/configuration/events/telemetry-data) for a list of the events and data you can track by enabling telemetry events. \ No newline at end of file diff --git a/website/content/docs/configuration/events/index.mdx b/website/content/docs/configuration/events/index.mdx index 613e28baba..163ce0f8f9 100644 --- a/website/content/docs/configuration/events/index.mdx +++ b/website/content/docs/configuration/events/index.mdx @@ -7,8 +7,29 @@ description: |- # `events` stanza +You can log system information in a well-defined, structured format that give you visibility into emitted events. The `events` stanza configures Boundary events-specific parameters. + + + +You can specify what types of events Boundary should emit: + +- `audit_enabled` - Specifies if Boundary emits audit events. +- `observations_enabled` - Specifies if Boundary emits observation events. +- `sysevents_enabled` - Specifies if Boundary should emit system events. +- `telemetry_enabled` - Specifies if Boundary should emit telemetry events. +To receive telemetry events, you must also set `observations_enabled` to `true`. + +Event sinks provide a location for Boundary to write events to. +You can configure sinks to allow or deny specific event types using filter syntax: + +- `sink` - Specifies the configuration of an event sink. +Currently, two types of sinks are supported: [file](/boundary/docs/configuration/events/file) and [stderr](/boundary/docs/configuration/events/stderr). + +You can repeat the `sink` stanza more than once to send events to multiple sinks, but each file sink must have a unique path and file name. +If no sinks are configured, then all events will be sent to a default [stderr](/boundary/docs/configuration/events/stderr) sink. + Example: ```hcl @@ -35,20 +56,6 @@ events { } ``` -- `audit_enabled` - Specifies if audit events should be emitted. - -- `observations_enabled` - Specifies if observation events should be emitted. - -- `sysevents_enabled` - Specifies if system events should be emitted. - -- `telemetry_enabled` - Specifies if telemetry events should be emitted. -To receive telemetry events, you must also set `observations_enabled` to `true`. - -- `sink` - Specifies the configuration of an event sink. Currently, two types of - sink are supported: [file](/boundary/docs/configuration/events/file) and [stderr](/boundary/docs/configuration/events/stderr). If no sinks are configured then all - events will be sent to a default [stderr](/boundary/docs/configuration/events/stderr) sink. Events may be sent to multiple - sinks. - ## Default events stanza If no event stanza is specified then the following default is used: @@ -66,3 +73,9 @@ events { } } ``` + +## Next steps + +Refer to [Configure events](/docs/configuration/events/configure-events) to configure a controller or worker server to emit events. + +Refer to [Telemetry data](/docs/configuration/events/telemetry-data) for a list of the events and data you can track by enabling telemetry events. \ No newline at end of file From 248ffc1bc3774b1ede0c573683e6239cb2b2f14b Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Tue, 12 Nov 2024 13:36:08 -0500 Subject: [PATCH 06/11] docs: Fix broken links --- .../content/docs/configuration/events/configure-events.mdx | 6 +++--- website/content/docs/configuration/events/index.mdx | 7 ++----- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/website/content/docs/configuration/events/configure-events.mdx b/website/content/docs/configuration/events/configure-events.mdx index 8ba035893c..0bd00348cc 100644 --- a/website/content/docs/configuration/events/configure-events.mdx +++ b/website/content/docs/configuration/events/configure-events.mdx @@ -7,7 +7,7 @@ description: |- # Configure events -The [`events`](/docs/configuration/events) stanza lets you log system information in a well-defined, structured format that gives you visibility into emitted events. +The [`events`](/boundary/docs/configuration/events) stanza lets you log system information in a well-defined, structured format that gives you visibility into emitted events. You configure emitted events and sinks in the configuration file for any controller or worker server. Complete the following steps to configure events: @@ -65,6 +65,6 @@ events { ## More information -Refer to the `events` stanza [Overview](/docs/configuration/events) for more information about monitoring events for a controller or worker. +Refer to the `events` stanza [Overview](/boundary/docs/configuration/events) for more information about monitoring events for a controller or worker. -Refer to [Telemetry data](/docs/configuration/events/telemetry-data) for a list of the events and data you can track by enabling telemetry events. \ No newline at end of file +Refer to [Telemetry data](/boundary/docs/configuration/events/telemetry-data) for a list of the events and data you can track by enabling telemetry events. \ No newline at end of file diff --git a/website/content/docs/configuration/events/index.mdx b/website/content/docs/configuration/events/index.mdx index 163ce0f8f9..61731d2c8c 100644 --- a/website/content/docs/configuration/events/index.mdx +++ b/website/content/docs/configuration/events/index.mdx @@ -10,9 +10,6 @@ description: |- You can log system information in a well-defined, structured format that give you visibility into emitted events. The `events` stanza configures Boundary events-specific parameters. - - - You can specify what types of events Boundary should emit: - `audit_enabled` - Specifies if Boundary emits audit events. @@ -76,6 +73,6 @@ events { ## Next steps -Refer to [Configure events](/docs/configuration/events/configure-events) to configure a controller or worker server to emit events. +Refer to [Configure events](/boundary/docs/configuration/events/configure-events) to configure a controller or worker server to emit events. -Refer to [Telemetry data](/docs/configuration/events/telemetry-data) for a list of the events and data you can track by enabling telemetry events. \ No newline at end of file +Refer to [Telemetry data](/boundary/docs/configuration/events/telemetry-data) for a list of the events and data you can track by enabling telemetry events. \ No newline at end of file From 83c356a156d5d3301b19eb75edfed59ed2699476 Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Tue, 12 Nov 2024 13:49:54 -0500 Subject: [PATCH 07/11] docs: Fix a typo --- website/content/docs/configuration/events/configure-events.mdx | 2 +- website/content/docs/configuration/events/index.mdx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/website/content/docs/configuration/events/configure-events.mdx b/website/content/docs/configuration/events/configure-events.mdx index 0bd00348cc..9f259eff5e 100644 --- a/website/content/docs/configuration/events/configure-events.mdx +++ b/website/content/docs/configuration/events/configure-events.mdx @@ -5,7 +5,7 @@ description: |- Configure log event sinks to monitor Boundary resources and actions. --- -# Configure events +# Configure event logging The [`events`](/boundary/docs/configuration/events) stanza lets you log system information in a well-defined, structured format that gives you visibility into emitted events. diff --git a/website/content/docs/configuration/events/index.mdx b/website/content/docs/configuration/events/index.mdx index 61731d2c8c..0e451e9948 100644 --- a/website/content/docs/configuration/events/index.mdx +++ b/website/content/docs/configuration/events/index.mdx @@ -73,6 +73,6 @@ events { ## Next steps -Refer to [Configure events](/boundary/docs/configuration/events/configure-events) to configure a controller or worker server to emit events. +Refer to [Configure event logging](/boundary/docs/configuration/events/configure-events) to configure a controller or worker server to emit events. Refer to [Telemetry data](/boundary/docs/configuration/events/telemetry-data) for a list of the events and data you can track by enabling telemetry events. \ No newline at end of file From dca9a0d38809ff193e73dc4a53d0f3522d87afa3 Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Tue, 12 Nov 2024 14:26:20 -0500 Subject: [PATCH 08/11] docs: Updates from review --- website/content/docs/concepts/filtering/events.mdx | 3 ++- .../content/docs/configuration/events/configure-events.mdx | 2 +- website/content/docs/configuration/events/index.mdx | 7 ++++++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/website/content/docs/concepts/filtering/events.mdx b/website/content/docs/concepts/filtering/events.mdx index bf7833fe35..74f45b9827 100644 --- a/website/content/docs/concepts/filtering/events.mdx +++ b/website/content/docs/concepts/filtering/events.mdx @@ -65,7 +65,8 @@ and the second event is an observation event. To filter an event sink which was configured for every event type to only include the above events, use the following sink configuration: -``` + +```hcl sink "stderr" = { name = "all-events" description = "All events sent to stderr" diff --git a/website/content/docs/configuration/events/configure-events.mdx b/website/content/docs/configuration/events/configure-events.mdx index 9f259eff5e..d62ed176a2 100644 --- a/website/content/docs/configuration/events/configure-events.mdx +++ b/website/content/docs/configuration/events/configure-events.mdx @@ -9,7 +9,7 @@ description: |- The [`events`](/boundary/docs/configuration/events) stanza lets you log system information in a well-defined, structured format that gives you visibility into emitted events. -You configure emitted events and sinks in the configuration file for any controller or worker server. +You configure emitted events and sinks in the configuration file for any [controller](/boundary/docs/configuration/controller) or [worker](/boundary/docs/configuration/worker) server. Complete the following steps to configure events: 1. Open the configuration file for the controller or worker server that you want to emit events. diff --git a/website/content/docs/configuration/events/index.mdx b/website/content/docs/configuration/events/index.mdx index 0e451e9948..ddd3ce44b2 100644 --- a/website/content/docs/configuration/events/index.mdx +++ b/website/content/docs/configuration/events/index.mdx @@ -8,6 +8,7 @@ description: |- # `events` stanza You can log system information in a well-defined, structured format that give you visibility into emitted events. +You configure emitted events and sinks in the configuration file for any [controller](/boundary/docs/configuration/controller) or [worker](/boundary/docs/configuration/worker) server. The `events` stanza configures Boundary events-specific parameters. You can specify what types of events Boundary should emit: @@ -75,4 +76,8 @@ events { Refer to [Configure event logging](/boundary/docs/configuration/events/configure-events) to configure a controller or worker server to emit events. -Refer to [Telemetry data](/boundary/docs/configuration/events/telemetry-data) for a list of the events and data you can track by enabling telemetry events. \ No newline at end of file +Refer to [Telemetry data](/boundary/docs/configuration/events/telemetry-data) for a list of the events and data you can track by enabling telemetry events. + +## Tutorial + +Refer to the [Event filtering and sink configuration](/boundary/tutorials/self-managed-deployment/event-logging) tutorial to learn how to define an event sink and configure logging. \ No newline at end of file From 32f326c985724ab3905f095161008ae5160e9506 Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Tue, 12 Nov 2024 14:32:02 -0500 Subject: [PATCH 09/11] Update website/content/docs/configuration/events/configure-events.mdx Co-authored-by: Robin Beck --- .../content/docs/configuration/events/configure-events.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/content/docs/configuration/events/configure-events.mdx b/website/content/docs/configuration/events/configure-events.mdx index d62ed176a2..a65c45b14b 100644 --- a/website/content/docs/configuration/events/configure-events.mdx +++ b/website/content/docs/configuration/events/configure-events.mdx @@ -1,8 +1,8 @@ --- layout: docs page_title: Configure events -description: |- - Configure log event sinks to monitor Boundary resources and actions. +description: >- + Configure log event sinks for controllers and workers to monitor Boundary resources and actions. --- # Configure event logging From 83375da9c4592e1da6a518da3ba6ad3acf6727ee Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Tue, 12 Nov 2024 14:32:09 -0500 Subject: [PATCH 10/11] Update website/content/docs/configuration/events/telemetry-data.mdx Co-authored-by: Robin Beck --- website/content/docs/configuration/events/telemetry-data.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/configuration/events/telemetry-data.mdx b/website/content/docs/configuration/events/telemetry-data.mdx index c7e9cfd919..60cb9c953b 100644 --- a/website/content/docs/configuration/events/telemetry-data.mdx +++ b/website/content/docs/configuration/events/telemetry-data.mdx @@ -1,7 +1,7 @@ --- layout: docs page_title: Telemetry data -description: |- +description: >- Learn what data Boundary captures when telemetry is enabled and how you can view it. --- From 07240cfeb071b1af6f6c4aa3b0a32c71cc6339cf Mon Sep 17 00:00:00 2001 From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> Date: Tue, 12 Nov 2024 14:33:18 -0500 Subject: [PATCH 11/11] docs: Update meta description on index --- website/content/docs/configuration/events/index.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/content/docs/configuration/events/index.mdx b/website/content/docs/configuration/events/index.mdx index ddd3ce44b2..4bf19d8896 100644 --- a/website/content/docs/configuration/events/index.mdx +++ b/website/content/docs/configuration/events/index.mdx @@ -1,8 +1,8 @@ --- layout: docs page_title: Controller/worker - events -description: |- - The events stanza configures events-specific parameters. +description: >- + Learn about using the events stanza to configure events-specific parameters. --- # `events` stanza
EventsTelemetry fields
Users (Create/delete) HCP Boundary user ID