How to use Audit Logging in Apache Pulsar

Introduction

In a shared Apache Pulsar environment, many users can create topics, update schemas or modify configurations. While this flexibility is powerful, it can also make it hard to know who changed what and when. That's where the built-in Audit Log in Streamvisor comes in. It let's you track all kinds of actions across your Pulsar environments, making it easy to troubleshoot issues or investigate security incidents.

In this quick guide, we’ll show you how to use the audit log to find the information you need.

Viewing the Audit Log

To get started, open the Audit Log from the sidebar.

This opens a table listing all recorded actions across your environments.
For each entry you can see:

• Timestamp → When the action happened‍
• Environment → What Pulsar environment it happened in‍
• User → Which user made the action‍
• Action → What was done or changed‍
• Resource → What was affected, e.g. a topic or namespace

This centralized overview makes it simple to keep track of activity in your Pulsar setup.

Filtering and Investigating Changes

To better find what you are looking for, the audit log includes some powerful tools. You can:

• Search through the entries
• Filter by user to see just their actions
• Filter by environment to focus on a specific Pulsar instance

For example, filtering for a user like "Steve", shows his full sequence of actions: browsing messages, creating a topic, setting a schema and updating partitions. This makes it easy to trace the exact series of changes leading up to an issue.

Wrapping Up

The Audit Log adds crucial visibility to your Pulsar deployments. By keeping a complete record of user actions, it helps you maintain control, improve security and speed up troubleshooting. Try it out next time you need to track down a change, investigate an incident, or just want to keep a closer eye on what's happening in your Pulsar clusters!