Audit trails are detailed logs about the operations performed on your graph databases by your users. Because they have the potential to take up a substantial amount of memory depending on the number of users and the operations performed, they are disabled by default.
Audit trails can be enabled and configured in
They are found under the
auditTrail key, which contains the following options:
false): Whether to enable audit trail recording.
"audit-trail"): Where to store the results of the audit trail. This path is relative to the
5242880, i.e. 5MB): Maximum size of one log file in bytes. A new file is created when the limit is reached (i.e. the logs are rotated). This avoids the creation of unworkably large log files.
false): Whether to ensure that each operation has been logged before returning its result to the user. By setting it to
true, logging will take place immediately; if
false, the operation will be performed and will not be recorded in the audit trail until it is finished. This can have a substantial effect on the responsiveness of the server if, for example, large queries are run.
"rw", read and write): Which kinds of user operation to log (
"rw"for READ WRITE). Read operations are those that do not make changes to the database. Note that raw queries are considered READ WRITE and will appear in the audit trail whether or not they make changes do the database.
true): Whether to include the result of each operation in the log, i.e. whether to return a JSON representation of each node that has been added, updated, deleted, or simply matched. This can have a huge effect on log size: by setting
logResultto false, the audit trail will only capture the properties of the nodes requested, the changes made to those nodes, or raw queries, and not the nodes themselves.
true): Whether to include all requests and JSON responses to plugins in the audit trail.
false): Whether to include all requests and JSON responses from the search API in the audit trail.
Enabling the audit trail can impact performances negatively.
Here are options to consider to improve performances:
"mode": "w": only log write queries, ignore read queries
"logResult": false: only log the query sent by the user, not the response sent by the server
"strictMode": false: do not strictly wait for the audit-trail log to be written to response to each user request