Skip to main content

Infrastructure prerequisites

The Audit service requires the following components to be set up before it can be started:
  • Docker engine
  • Kafka
  • Elasticsearch

Dependencies

The Audit service is built as a Docker image and runs on top of Kafka and Elasticsearch. Therefore, these services must be set up and running before starting the Audit service.

Configuration

Configuring Kafka

To configure the Kafka server for the Audit service, set the following environment variables:

Connection settings

VariableDescriptionDefault Value
SPRING_KAFKA_BOOTSTRAPSERVERSAddress of the Kafka server(s)localhost:9092
SPRING_KAFKA_SECURITY_PROTOCOLProtocol used to communicate with brokersPLAINTEXT
KAFKA_MESSAGE_MAX_BYTESMaximum message size (bytes)52428800 (50 MB)

Consumer configuration

VariableDescriptionDefault Value
SPRING_KAFKA_CONSUMER_GROUPIDConsumer group ID for audit logsaudit-gid
KAFKA_CONSUMER_THREADSNumber of consumer threads1
KAFKA_AUTHEXCEPTIONRETRYINTERVALRetry interval after auth failure (seconds)10

OAuth authentication (when using SASL_PLAINTEXT)

VariableDescriptionDefault Value
KAFKA_OAUTH_CLIENT_IDOAuth client IDkafka
KAFKA_OAUTH_CLIENT_SECRETOAuth client secretkafka-secret
KAFKA_OAUTH_TOKEN_ENDPOINT_URIOAuth token endpointkafka.auth.localhost

Topic naming configuration

VariableDescriptionDefault Value
KAFKA_TOPIC_NAMING_PACKAGEPackage prefix for topic namesai.flowx.
KAFKA_TOPIC_NAMING_ENVIRONMENTEnvironment segment for topic names
KAFKA_TOPIC_NAMING_VERSIONVersion suffix for topic names.v1
KAFKA_TOPIC_NAMING_SEPARATORPrimary separator for topic names.
KAFKA_TOPIC_NAMING_SEPARATOR2Secondary separator for topic names-

Kafka topics

VariableDescriptionDefault Value
KAFKA_TOPIC_AUDIT_INTopic for receiving audit logsai.flowx.core.trigger.save.audit.v1

Configuring Elasticsearch

Configure Elasticsearch connection for audit data storage:
VariableDescriptionDefault Value
SPRING_ELASTICSEARCH_REST_PROTOCOLConnection protocolhttps
SPRING_ELASTICSEARCH_REST_URISURL(s) of Elasticsearch nodes (no protocol)-
SPRING_ELASTICSEARCH_REST_DISABLESSLDisable SSL verificationfalse
SPRING_ELASTICSEARCH_REST_USERNAMEAuthentication username-
SPRING_ELASTICSEARCH_REST_PASSWORDAuthentication password-
SPRING_ELASTICSEARCH_INDEXSETTINGS_DATASTREAMAudit data stream nameaudit-logs
SPRING_ELASTICSEARCH_INDEXSETTINGS_SHARDSNumber of primary shards2
SPRING_ELASTICSEARCH_INDEXSETTINGS_REPLICASNumber of replica shards2
The Elasticsearch index settings determine how your audit data is distributed and replicated across the cluster. The number of shards affects search performance and indexing, while replicas provide redundancy.

CAS lib configuration

Environment VariableDescriptionDefault Value
FLOWX_SPICEDB_HOSTSpiceDB server hostnamespicedb
FLOWX_SPICEDB_PORTSpiceDB server port50051
FLOWX_SPICEDB_TOKENSpiceDB authentication tokenspicedb-token

Configuring logging

To control the log levels, set the following environment variables:
VariableDescriptionDefault Value
LOGGING_LEVEL_ROOTLog level for root serviceINFO
LOGGING_LEVEL_APPLog level for applicationINFO

Ingress configuration

The Audit Core service uses the standard FlowX.AI ingress pattern. For complete setup instructions including the full ingress template, CORS configuration, and troubleshooting, see the Ingress Configuration Guide. Service-specific values for Audit Core:
  • Ingress name: audit-core-admin
  • Service path: /audit(/|$)(.*)(/|$)(.*)
  • Service name: audit-core
  • Rewrite target: /$2
  • Fx-Workspace-Id: Required

Complete Ingress Configuration

View the centralized ingress guide for the complete configuration template, annotations reference, and best practices.