Monitoring Solace Schema Registry
Solace Schema Registry generates audit logs that track all operations performed on the registry, including schema creation, modification, and deletion. Audit logs are included in the application log output from the Solace Schema Registry backend component, registry-backend, and can be accessed through monitoring and observability platforms, such as DataDog or other log aggregation tools.
To monitor audit logs, configure log forwarding from your deployment environment, such as Docker or Kubernetes, to your monitoring platform following that platform's standard documentation. Once logs are flowing to your monitoring tool, use the audit log keys documented on this page to query and filter audit events.
This page covers audit log monitoring only. For information about Prometheus metrics and health monitoring available through the /metrics endpoint, see the deployment documentation for Monitoring and Metrics (Docker/Podman) or Monitoring and Metrics (Kubernetes/Helm).
Audit Log Keys
Audit logs generated by Solace Schema Registry include structured keys that you can use to query and filter operations. These keys enable you to monitor specific types of registry activities, track user actions, and set up alerts for critical operations.
The audit log keys described in this topic are not semantically versioned and may change, be deleted without replacement, or split into multiple keys with different definitions in future releases of Solace Schema Registry. When building monitoring queries or alerts based on these keys, be prepared to update your configurations when upgrading to new versions of the registry.
solace.audit Key
The solace.audit key identifies log entries that describe audit events for Solace Schema Registry operations. Use this key to filter for audit-specific log entries and exclude other operational logs.
Example query:
To filter for all audit logs in DataDog:
solace.audit:*
action Key
The action key specifies the type of operation performed on the Schema Registry. Each action represents a specific API operation that modifies registry content or configuration.
The following table lists all available action values:
| Action Value | Description |
|---|---|
createArtifact
|
A new artifact (schema) was created in the registry |
createArtifactVersion
|
A new version of an existing artifact was created |
deleteArtifact
|
An artifact was deleted from the registry |
deleteArtifactsInGroup
|
All artifacts within a group were deleted |
deleteArtifactVersion
|
A specific version of an artifact was deleted |
updateArtifactMetaData
|
Artifact metadata (such as name or description) was updated |
updateArtifactVersionContent
|
The content of an artifact version was updated |
updateArtifactVersionMetaData
|
Metadata for a specific artifact version was updated |
updateArtifactVersionState
|
The state of an artifact version was changed (for example, enabled or disabled) |
createGroup
|
A new artifact group was created |
deleteGroupId
|
An artifact group was deleted |
updateGroupById
|
Group metadata or properties were updated |
createGroupRule
|
A content rule was created for a group |
deleteGroupRule
|
A specific content rule was deleted from a group |
deleteGroupRules
|
All content rules were deleted from a group |
updateGroupRuleConfig
|
The configuration of a group content rule was updated |
createArtifactRule
|
A content rule was created for a specific artifact |
deleteArtifactRule
|
A specific content rule was deleted from an artifact |
deleteArtifactRules
|
All content rules were deleted from an artifact |
updateArtifactRuleConfig
|
The configuration of an artifact content rule was updated |
addArtifactVersionComment
|
A comment was added to an artifact version |
deleteArtifactVersionComment
|
A comment was deleted from an artifact version |
updateArtifactVersionComment
|
A comment on an artifact version was updated |
createBranch
|
A new branch was created for an artifact |
deleteBranch
|
A branch was deleted from an artifact |
updateBranchMetaData
|
Branch metadata was updated |
addVersionToBranch
|
A version was added to a branch |
replaceBranchVersions
|
The versions in a branch were replaced |
Integrating with Monitoring Tools
You can integrate Solace Schema Registry audit logs with monitoring and observability platforms to track registry operations, set up alerts, and maintain compliance records. The audit logs are structured to work with standard log aggregation and monitoring tools.
DataDog Integration
DataDog and similar monitoring tools can ingest and query Solace Schema Registry audit logs using the keys described in this topic. To integrate with DataDog, follow the standard DataDog documentation for log collection from your deployment environment, such as Docker or Kubernetes.
Once logs are flowing to DataDog, you can use the audit log keys to create queries, dashboards, and alerts.
Example Monitoring Queries
The following examples demonstrate common monitoring queries using the audit log keys. These examples use DataDog query syntax, but similar queries can be constructed for other monitoring platforms.
Monitor All Audit Events
To view all audit log entries:
solace.audit:*
Monitor Schema Deletions
To track when schemas (artifacts) are deleted:
solace.audit:* action:deleteArtifact
Monitor Schema Creation and Updates
To track when new schemas are created or existing schemas are updated:
solace.audit:* (action:createArtifact OR action:createArtifactVersion OR action:updateArtifactVersionContent)
Monitor Rule Changes
To track changes to content rules (validation rules):
solace.audit:* (action:createArtifactRule OR action:createGroupRule OR action:updateArtifactRuleConfig OR action:updateGroupRuleConfig OR action:deleteArtifactRule OR action:deleteGroupRule)
Monitor Group Operations
To track operations on artifact groups:
solace.audit:* (action:createGroup OR action:deleteGroupId OR action:updateGroupById OR action:deleteArtifactsInGroup)
Alerting Recommendations
Consider setting up alerts for the following scenarios to maintain registry health and security:
- Schema deletions—Alert when schemas are deleted (
action:deleteArtifact) to prevent accidental data loss - Rule deletions—Alert when validation rules are removed (
action:deleteArtifactRulesoraction:deleteGroupRules) to maintain data quality standards - Bulk operations—Alert on bulk deletions (
action:deleteArtifactsInGroup) that could indicate unintended changes - High-frequency changes—Alert when the rate of schema updates exceeds normal thresholds, which could indicate automation issues or misconfigurations