This page applies to Feast 0.7. The content may be out of date for Feast 0.8+
Feast provides audit logging functionality in order to debug problems and to trace the lineage of events.
Audit Logs produced by Feast come in three favors:
Audit Logs produced by Feast are written to the console similar to normal logs but in a structured, machine parsable JSON. Example of a Message Audit Log JSON entry produced:
Fields common to all Audit Log Types:
Fields in Message Audit Log Type
Fields in Action Audit Log Type
Fields in Transition Audit Log Type
Feast currently only supports forwarding Request/Response (Message Audit Log Type) logs to an external fluentD service with feast.**
Fluentd tag.
The Fluentd Log Forwarder configured with the with the following configuration options in application.yml
:
When using Fluentd as the Log forwarder, a Feast release_name
can be logged instead of the IP address (eg. IP of Kubernetes pod deployment), by setting an environment variable RELEASE_NAME
when deploying Feast.
Audit Log Type
Description
Message Audit Log
Logs service calls that can be used to track Feast request handling. Currently only gRPC request/response is supported. Enabling Message Audit Logs can be resource intensive and significantly increase latency, as such is not recommended on Online Serving.
Transition Audit Log
Logs transitions in status in resources managed by Feast (ie an Ingestion Job becoming RUNNING).
Action Audit Log
Logs actions performed on a specific resource managed by Feast (ie an Ingestion Job is aborted).
Audit Log Type
Description
Message Audit Log
Enabled when both feast.logging.audit.enabled
and feast.logging.audit.messageLogging.enabled
is set to true
Transition Audit Log
Enabled when feast.logging.audit.enabled
is set to true
Action Audit Log
Enabled when feast.logging.audit.enabled
is set to true
Field
Description
logType
Log Type. Always set to FeastAuditLogEntry
. Useful for filtering out Feast audit logs.
application
Application. Always set to Feast
.
component
Feast Component producing the Audit Log. Set to feast-core
for Feast Core and feast-serving
for Feast Serving. Use to filtering out Audit Logs by component.
version
Version of Feast producing this Audit Log. Use to filtering out Audit Logs by version.
Field
Description
id
Generated UUID that uniquely identifies the service call.
service
Name of the Service that handled the service call.
method
Name of the Method that handled the service call. Useful for filtering Audit Logs by method (ie ApplyFeatureTable
calls)
request
Full request submitted by client in the service call as JSON.
response
Full response returned to client by the service after handling the service call as JSON.
identity
Identity of the client making the service call as an user Id. Only set when Authentication is enabled.
statusCode
The status code returned by the service handling the service call (ie OK
if service call handled without error).
Field
Description
action
Name of the action taken on the resource.
resource.type
Type of resource of which the action was taken on (i.e FeatureTable
)
resource.id
Identifier specifying the specific resource of which the action was taken on.
Field
Description
status
The new status that the resource transitioned to
resource.type
Type of resource of which the transition occurred (i.e FeatureTable
)
resource.id
Identifier specifying the specific resource of which the transition occurred.
Settings
Description
feast.logging.audit.messageLogging.destination
fluentd
feast.logging.audit.messageLogging.fluentdHost
localhost
feast.logging.audit.messageLogging.fluentdPort
24224