2018/11/27

Audit log mode applied to all audit data

jBPM allows to store so called audit logs in various modes

  • JPA (default)
  • JMS
  • None
JPA mode means that data will be stored directly and within the same transaction as process execution. That usually have some additional performance overhead although it's certainly not significant and unless huge volume is expected is a sound default setting.

JMS mode means that all audit data will be stored in background and the engine will push all required data via JMS layer. That allows to offload main thread from being responsible for storing audit logs and then allow to process more process instances while JMS listener will deal with storing audit logs in background.

None mode means that audit logs won't be stored at all, which might make sense in some cases (usually straight through processes) so the audit data is not required. Keep in mind that with disabled audit logs (set to None mode) both jBPM console and Kie Server features are limited as they do rely on audit data.

Until 7.15 audit mode applied only to process related audit data and that consists of
  • ProcessInstanceLog
  • NodeInstanceLog
  • VariableInstanceLog
it has been improved to cover all audit logs that span across processes, user tasks and cases. With that said it covers (in addition to listed above) following
  • AuditTaskImpl
  • TaskEvent
  • TaskVariableImpl
  • CaseFileDataLog
  • CaseRoleAssignmentLog
BAMTaskSummary is not covered with audit mode except for NONE mode which also disables BAM logging.

Configuration

JPA and NONE mode do not require additional configuration and can be used directly after installation. JMS does need a bit of configuration to allow to take advantage of JMS layer.

This sample configuration assumes the runtime environment is based on WildFly (or EAP) as application server.

Enable JMS queue creation in kie-server-jms.xml

First you need to enable dedicated JMS queue for sending audit data through. To do so, go to  kie-server.war/META-INF and edit kie-server-jms.xml file. Locate the commended queue named KIE.SERVER.AUDIT and uncomment the entire queue configuration, it should look like

<messaging-deployment xmlns="urn:jboss:messaging-activemq-deployment:1.0">
  <server name="default">
    <jms-destinations>

      <!-- Kie Server REQUEST queue -->
      <jms-queue name="KIE.SERVER.REQUEST">
        <entry name="queue/KIE.SERVER.REQUEST" />
        <entry name="java:jboss/exported/jms/queue/KIE.SERVER.REQUEST" />
      </jms-queue>

      <!-- Kie Server RESPONSE queue -->
      <jms-queue name="KIE.SERVER.RESPONSE">
        <entry name="queue/KIE.SERVER.RESPONSE" />
        <entry name="java:jboss/exported/jms/queue/KIE.SERVER.RESPONSE" />
      </jms-queue>

      <!-- Kie Server EXECUTOR queue -->
      <jms-queue name="KIE.SERVER.EXECUTOR">
        <entry name="queue/KIE.SERVER.EXECUTOR" />
      </jms-queue>

      <!-- JMS queue for signals -->
      <!-- enable when external signals are required -->
      <!--
      <jms-queue name="KIE.SERVER.SIGNAL.QUEUE">
        <entry name="queue/KIE.SERVER.SIGNAL" />
        <entry name="java:jboss/exported/jms/queue/KIE.SERVER.SIGNAL" />
      </jms-queue>
      -->

      <!-- JMS queue for audit -->
      <!-- enable when jms mode for audit is required -->
      <!---->
      <jms-queue name="KIE.SERVER.AUDIT">
        <entry name="queue/KIE.SERVER.AUDIT"/>
        <entry name="java:jboss/exported/jms/queue/KIE.SERVER.AUDIT"/>
      </jms-queue>

    </jms-destinations>
  </server>
</messaging-deployment>

Enable message listener in ejb-jar.xml

Next, go to kie-server.war/WEB-INF and edit ejb-jar.xml file. Locate  CompositeAsyncAuditLogReceiver and uncomment entire section for that message driven bean. Also uncomment the enterprise-beans tags for the document.
It should look like below
<ejb-jar id="ejb-jar_ID" version="3.1"
      xmlns="http://java.sun.com/xml/ns/javaee"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
                          http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd">


  <!---->
  <enterprise-beans>

  <!-- enable when external signals are required and queue and connection factory is defined
    <message-driven>
      <ejb-name>JMSSignalReceiver</ejb-name>
      <ejb-class>org.jbpm.process.workitem.jms.JMSSignalReceiver</ejb-class>
      <transaction-type>Bean</transaction-type>
      <activation-config>
        <activation-config-property>
          <activation-config-property-name>destinationType</activation-config-property-name>
          <activation-config-property-value>javax.jms.Queue</activation-config-property-value>
        </activation-config-property>
        <activation-config-property>
          <activation-config-property-name>destination</activation-config-property-name>
          <activation-config-property-value>java:/queue/KIE.SERVER.SIGNAL</activation-config-property-value>
        </activation-config-property>
      </activation-config>
    </message-driven>
    -->

    <!-- enable when jms mode for audit is required and queue and connection factory is defined-->
    <message-driven>
      <ejb-name>CompositeAsyncAuditLogReceiver</ejb-name>
      <ejb-class>org.jbpm.kie.services.impl.CompositeAsyncAuditLogReceiver</ejb-class>
      <transaction-type>Container</transaction-type>
      <activation-config>
        <activation-config-property>
          <activation-config-property-name>destinationType</activation-config-property-name>
          <activation-config-property-value>javax.jms.Queue</activation-config-property-value>
        </activation-config-property>
        <activation-config-property>
          <activation-config-property-name>destination</activation-config-property-name>
          <activation-config-property-value>java:/queue/KIE.SERVER.AUDIT</activation-config-property-value>
        </activation-config-property>
        <activation-config-property>
          <activation-config-property-name>maxSession</activation-config-property-name>
          <activation-config-property-value>1</activation-config-property-value>
        </activation-config-property>
      </activation-config>
    </message-driven>

  <!---->
  </enterprise-beans>

</ejb-jar>


Configure JMS related config for audit logs

Lastly, go to kie-server.war/WEB-INF/classes and rename the wildfly-jbpm.audit.jms.properties to jbpm.audit.jms.properties

And that's all that is required to make use of JMS audit logging in jBPM. For other applications servers, make sure to create JMS queue (and then refer to it in ejb-jar.xml file) according to application server guides for JMS.