You can associate audit logs with custom objects using a script to add custom property information to the audit logs.
import audit from 'audit'
// Create custom object
org.objects.objects.insertOne({
label: 'My Object',
name: 'my_object',
defaultAcl: 'owner.delete',
createAcl: 'account.public',
properties: [
{
label: 'name',
name: 'c_name',
type: 'String',
indexed: true
}
]
})
.execute()
// Create audit record
return audit.record('my_object', org.objects.my_object._id, 'create', {
metadata: {
message: 'record created'
}
})
{
"ETag": "9984ad7455e8b36d32bc7395ca0148d9",
"_id": "436f6e746578742041756474",
"allowConnections": false,
"auditing": {
"all": false,
"category": "audit",
"changes": false,
"enabled": false,
"updateSubcategory": "update"
},
"connectionOptions": {
"requireAccept": true,
"requiredAccess": 5,
"sendNotifications": true
},
"createAcl": [],
"custom": false,
"defaultAcl": [],
"extended": true,
"extensible": false,
"feedDefinition": [],
"hasETag": false,
"isUnmanaged": true,
"isVersioned": false,
"label": "Audit",
"name": "audit",
"object": "schema",
"pluralName": "audits",
"properties": [
{
"fqpp": "audit._id",
"indexed": true,
"label": "Id",
"name": "_id",
"read": 1,
"readOnly": true,
"type": "ObjectId"
},
{
"fqpp": "audit.object",
"indexed": true,
"label": "Object",
"name": "object",
"read": 1,
"readOnly": true,
"type": "String"
},
{
"fqpp": "audit.access",
"label": "Access Level",
"name": "access",
"read": 1,
"readOnly": true,
"type": "Number"
},
{
"fqpp": "audit.propertyAccess",
"label": "Property Access",
"name": "propertyAccess",
"optional": true,
"read": 1,
"readOnly": true,
"type": "Document"
},
{
"fqpp": "audit.req",
"indexed": true,
"label": "Request Id",
"name": "req",
"read": 4,
"readOnly": true,
"type": "ObjectId"
},
{
"fqpp": "audit.principal",
"indexed": true,
"label": "Principal",
"name": "principal",
"read": 4,
"readOnly": true,
"type": "ObjectId"
},
{
"fqpp": "audit.ipv4",
"indexed": true,
"label": "IP Address",
"name": "ipv4",
"read": 4,
"readOnly": true,
"type": "Number"
},
{
"fqpp": "audit.cat",
"indexed": true,
"label": "Category",
"name": "cat",
"read": 4,
"readOnly": true,
"type": "String"
},
{
"fqpp": "audit.sub",
"indexed": true,
"label": "Sub Category",
"name": "sub",
"read": 4,
"readOnly": true,
"type": "String"
},
{
"fqpp": "audit.context",
"label": "Context",
"name": "context",
"properties": [
{
"fqpp": "audit.context.object",
"indexed": true,
"label": "Object",
"name": "object",
"read": 4,
"readOnly": true,
"type": "String"
},
{
"fqpp": "audit.context._id",
"indexed": true,
"label": "Identifier",
"name": "_id",
"read": 4,
"readOnly": true,
"type": "ObjectId"
}
],
"read": 4,
"readOnly": true,
"type": "Document"
},
{
"fqpp": "audit.ac",
"label": "Access Context",
"name": "ac",
"read": 4,
"readOnly": true,
"type": "Any"
},
{
"fqpp": "audit.metadata",
"label": "Metadata",
"name": "metadata",
"read": 4,
"readOnly": true,
"type": "Any"
},
{
"fqpp": "audit.err",
"label": "Error",
"name": "err",
"read": 4,
"readOnly": true,
"type": "Any"
}
],
"shareAcl": [],
"shareChain": [
5,
2
]
}
