{"id":43491082,"url":"https://github.com/cap-java/cds-feature-auditlog-ng","last_synced_at":"2026-02-03T10:00:51.092Z","repository":{"id":302513710,"uuid":"1011249870","full_name":"cap-java/cds-feature-auditlog-ng","owner":"cap-java","description":"Emit standardized audit log events from Java CAP applications with the Audit Log Service NG Java CAP plugin.  The plugin ensures compatibility with the Audit Log Event Catalog, aligning emitted events with shared semantic conventions for consistency across systems.","archived":false,"fork":false,"pushed_at":"2026-02-01T19:48:37.000Z","size":193,"stargazers_count":1,"open_issues_count":7,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-02T03:53:05.778Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cap-java.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-06-30T14:25:02.000Z","updated_at":"2026-01-20T08:40:07.000Z","dependencies_parsed_at":"2025-07-21T12:03:44.610Z","dependency_job_id":"46279af6-8c8e-4a71-b13a-435e5f82c512","html_url":"https://github.com/cap-java/cds-feature-auditlog-ng","commit_stats":null,"previous_names":["cap-java/cds-feature-auditlog-ng"],"tags_count":3,"template":false,"template_full_name":"cap-java/repository-template","purl":"pkg:github/cap-java/cds-feature-auditlog-ng","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cap-java%2Fcds-feature-auditlog-ng","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cap-java%2Fcds-feature-auditlog-ng/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cap-java%2Fcds-feature-auditlog-ng/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cap-java%2Fcds-feature-auditlog-ng/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cap-java","download_url":"https://codeload.github.com/cap-java/cds-feature-auditlog-ng/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cap-java%2Fcds-feature-auditlog-ng/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29040717,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-03T09:57:37.951Z","status":"ssl_error","status_checked_at":"2026-02-03T09:55:14.920Z","response_time":96,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-02-03T10:00:50.116Z","updated_at":"2026-02-03T10:00:51.084Z","avatar_url":"https://github.com/cap-java.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![REUSE status](https://api.reuse.software/badge/github.com/cap-java/cds-feature-auditlog-ng)](https://api.reuse.software/info/github.com/cap-java/cds-feature-auditlog-ng)\n\n# CDS plugin for SAP Audit Log service\n\n## About this project\n\nThe CDS plugin for SAP Audit Log service enables Java CAP applications to emit audit log events in a standardized way. It is fully compatible with the Audit Log Event Catalog, ensuring standardized event semantics and compatibility.\n\nYou can emit the following types of audit log events:\n- Personal Data Access Event\n- Personal Data Modification Event\n- Configuration Change Event\n- Security Event\n\nOfficial CAP documentation can be found [here](https://pages.github.tools.sap/cap/docs/java/auditlog).\n\n# Testing\n\nFor both local and cloud testing, refer to the [cloud-cap-samples-java](https://github.com/SAP-samples/cloud-cap-samples-java) repository and follow the instructions provided in its README.\n\nFor local testing, make sure to create a default-env.json file at the root of your project. This file should contain the following content:\n\n```json\n{\n  \"VCAP_SERVICES\": {\n    \"application-logs\": [\n      {\n        \"binding_guid\": \"binding_guid\",\n        \"binding_name\": null,\n        \"credentials\": {},\n        \"instance_guid\": \"instance_guid\",\n        \"instance_name\": \"cf-logging\",\n        \"label\": \"application-logs\",\n        \"name\": \"cf-logging\",\n        \"plan\": \"lite\",\n        \"provider\": null,\n        \"syslog_drain_url\": null,\n        \"tags\": [],\n        \"volume_mounts\": []\n      }\n    ],\n    \"user-provided\": [\n      {\n        \"binding_guid\": \"binding_guid\",\n        \"binding_name\": null,\n        \"credentials\": {\n          \"url\": \"als-endpoint\",\n          \"region\": \"als-region\",\n          \"namespace\": \"registered namespace\",\n          \"cert\": \"-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----\",\n          \"key\": \"-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----\",\n          \"passphrase\": \"private key pass phrase\"\n        },\n        \"instance_guid\": \"instance_guid\",\n        \"instance_name\": \"auditlog-ng\",\n        \"label\": \"user-provided\",\n        \"name\": \"auditlog-ng\",\n        \"syslog_drain_url\": null,\n        \"tags\": [\n          \"auditlog-ng\"\n        ],\n        \"volume_mounts\": []\n      }\n    ]\n  },\n  \"VCAP_APPLICATION\": {\n    \"application_id\": \"application_id\",\n    \"application_name\": \"bookshop-srv\",\n    \"application_uris\": [\n      \"application_uris\"\n    ],\n    \"cf_api\": \"cf_api\",\n    \"limits\": {\n      \"fds\": 32768\n    },\n    \"name\": \"bookshop-srv\",\n    \"organization_id\": \"organization_id\",\n    \"organization_name\": \"organization_name\",\n    \"space_id\": \"space_id\",\n    \"space_name\": \"space_name\",\n    \"uris\": [\n      \"application_uris\"\n    ],\n    \"users\": null\n  }\n}\n```\n\nThis file simulates the Cloud Foundry environment variables required for your application to run locally.\n\n\n## Requirements and Setup\n\nTo get your project running, ensure you have the following prerequisites:\n\n- Java 17 or higher installed\n- A user-provided service instance for SAP Audit Log service created in your Cloud Foundry space\n- The Maven dependency for `cds-feature-auditlog-ng` added to your project\n\n## Dynamic Namespace Selection (Optional)\n\nBy default, the namespace used in audit log events is taken from the service binding credentials. This is sufficient for most applications.\n\n**Optional:** For applications that need to route audit events to different namespaces, the namespace can be overridden per-event using the payload.\n\n### Payload-based Namespace\n\nSet the namespace directly in the event payload using the key `auditlog.namespace`. This approach **survives transactional outbox serialization**, ensuring the custom namespace is preserved even when events are processed asynchronously through the outbox.\n\n\u003e **Important:** The key must be exactly `\"auditlog.namespace\"`. You can also use the constant `AuditLogNG.NAMESPACE_ATTRIBUTE`.\n\n#### Examples\n\n```java\n// Security Event\nSecurityLog securityLog = SecurityLog.create();\nsecurityLog.setAction(\"login\");\nsecurityLog.setData(\"User logged in\");\nsecurityLog.put(\"auditlog.namespace\", \"my-custom-namespace\");\nauditLogService.logSecurity(securityLog);\n\n// Data Access Event\nDataAccessLog dataAccessLog = DataAccessLog.create();\ndataAccessLog.setAccesses(List.of(access));\ndataAccessLog.put(\"auditlog.namespace\", \"my-custom-namespace\");\nauditLogService.logDataAccess(dataAccessLog);\n\n// Config Change Event\nConfigChangeLog configChangeLog = ConfigChangeLog.create();\nconfigChangeLog.setConfigurations(List.of(configChange));\nconfigChangeLog.put(\"auditlog.namespace\", \"my-custom-namespace\");\nauditLogService.logConfigChange(configChangeLog);\n\n// Data Modification Event\nDataModificationLog dataModificationLog = DataModificationLog.create();\ndataModificationLog.setModifications(List.of(modification));\ndataModificationLog.put(\"auditlog.namespace\", \"my-custom-namespace\");\nauditLogService.logDataModification(dataModificationLog);\n```\n\n### Resolution Priority\n\nThe namespace is resolved in the following order:\n\n1. **Payload**: `payload.get(\"auditlog.namespace\")`\n2. **Service binding**: Namespace from the service binding credentials\n\n### Behavior\n\n| Scenario | Namespace Used |\n|----------|---------------|\n| `auditlog.namespace` set in payload | Custom namespace from payload |\n| Namespace is empty or whitespace-only | Falls back to service binding |\n| No custom namespace set | Namespace from service binding |\n\n\u003e **Note:** The custom namespace value is trimmed of leading/trailing whitespace before use.\n\n### Error Handling\n\nIf you specify a custom namespace that is not registered in the SAP Audit Log service, the service will reject the event with a 403 Forbidden error. Ensure all custom namespaces are properly registered before use.\n\n## Support, Feedback, Contributing\n\nThis project is open to feature requests/suggestions, bug reports etc. via [GitHub issues](https://github.com/cap-java/cds-feature-auditlog-ng/issues). Contribution and feedback are encouraged and always welcome. For more information about how to contribute, the project structure, as well as additional contribution information, see our [Contribution Guidelines](CONTRIBUTING.md).\n\n## Security / Disclosure\nIf you find any bug that may be a security problem, please follow our instructions at [in our security policy](https://github.com/cap-java/cds-feature-auditlog-ng/security/policy) on how to report it. Please do not create GitHub issues for security-related doubts or problems.\n\n## Code of Conduct\n\nWe as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone. By participating in this project, you agree to abide by its [Code of Conduct](https://github.com/cap-java/.github/blob/main/CODE_OF_CONDUCT.md) at all times.\n\n## Licensing\n\nCopyright 2025 SAP SE or an SAP affiliate company and cds-feature-auditlog-ng contributors. Please see our [LICENSE](LICENSE) for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available [via the REUSE tool](https://api.reuse.software/info/github.com/cap-java/cds-feature-auditlog-ng).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcap-java%2Fcds-feature-auditlog-ng","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcap-java%2Fcds-feature-auditlog-ng","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcap-java%2Fcds-feature-auditlog-ng/lists"}