search

gchq / event-logging-schema

Event Logging is an XML Schema for describing the auditable events generated by computer systems, hardware devices and access control systems
Apache License 2.0
25 stars 6 forks source link

We need a way to record metadata about the event after receipt #59

Open at055612 opened 4 years ago

at055612 commented 4 years ago

Currently the events are decorated on receipt with identifiers that identify the event within the instance of stroom. We do not want elements/attributes in the schema that are not intended for use by generating systems. Following discussions on slack, the proposed solution is to make use of the existing xs:any part of the Event/Meta element to hold an xml record belonging to a different namespace. This can then be used to hold any data specific to stroom's receipt/storage of the event.

<Event> <!-- Make sure there is never an Id attribute here (it did exist in some versions of the schema) -->
  <Meta>
      <stroom:meta>
         <stroom:id> <!-- the globally unique identifier for the event -->
         <stroom:sourceLocation>
             <stroom:streamId>12345</stroom:streamId>
             <stroom:recordNo>1</stroom:recordNo>
             <stroom:lineFrom>3</stroom:lineFrom>
             <stroom:colFrom>1</stroom:colFrom>
             <stroom:lineTo>4</stroom:lineTo>
             <stroom:colTo>1</stroom:colTo>
         </stroom:sourceLocation>
         <stroom:provenance>
              <!-- the pipeline id + version + input that spawned it, and so on up the chain -->
         </stroom:provenance>
      </stroom:meta>
  </Meta>

stroom:id would probably be a uuid generated when the event was received and translated into xml. This would provide a unique id for the event so it can be referred to or for identifying it if it is stored outside of stroom. This element would replace Event/Id.

This record would be controlled by a separate scheme controlled outside of this repo.