Centralized Auditing

We bring the data, you bring the dashboards

Suggest Edits

We stream structured log data to the reporting destination of your choice. You can rapidly build the dashboards you need and keep the audit data in S3 for safekeeping.

Manage reporting destinations in Terraform

With Sym, you can declare where to send your audit data in Terraform. Here, we send data to DataDog via AWS Kinesis (see full example:

# This module creates a AWS Kinesis Firehose Delivery Stream that pipes logs to Datadog
module "datadog_connector" {
  source  = "symopsio/datadog-connector/aws"
  version = ">= 2.0.0"

  environment = "main"

  # This variable should NOT be checked into version control!
  # Set it in an untracked tfvars file (e.g. `secrets.tfvars`)
  # or as an environment variable: `export TF_VAR_datadog_access_key="my-access-key"`
  datadog_access_key = var.datadog_access_key
}

resource "sym_log_destination" "datadog" {
  type = "kinesis_firehose"

  # The Runtime Permission Context has Kinesis Firehose permissions
  integration_id = sym_integration.runtime_context.id

  settings = {
    # The firehose stream name is outputted by the datadog_connector module
    stream_name = module.datadog_connector.firehose_name
  }
}

Send rich data about each Sym Event to your log destination

Each step in the Sym flow produces a structured log event with all the data you need to build reports and save for audit:

{
    "id": "f1e0b0fe-a1cd-46f2-9772-7ded922d26d1",
    "meta": {
        "schema_version": 4
    },
    "state": {
        "status": "completed",
        "errors": []
    },
    "run": {
        "srn": "healthy-health:run:approval-flow-sandbox:4.0.0:4e41814e-34b2-418c-9582-2d8bc610ea2a",
        "parent": "healthy-health:run:flow_selection:1.0.0:0e6dda1c-f6ad-47ac-9e51-b068dd6f901d",
        "flow": "healthy-health:flow:approval-flow-sandbox:4.0.0",
        "actors":  {
            "prompt": {
               "user": "healthy-health:user:4f36af92-f3a6-4476-b7d4-f7ee82efe088:latest",
               "name": "Ben Bitdiddle",
               "username": "[email protected]",
               "identity": {
                   "service": "slack",
                   "external_id": "TABC123",
                   "user_id": "UABC123"
                }
            }
        }
    },
    "event": {
        "srn": "sym:event-spec:approval:1.0.0:request",
        "type": "request",
        "template": "sym:template:approval:1.0.0",
        "timestamp": "2022-02-15T15:43:45.309236+00:00",
        "channel": "slack"
    },
    "actor": {
        "user": "healthy-health:user:4f36af92-f3a6-4476-b7d4-f7ee82efe088:latest",
        "name": "Ben Bitdiddle",
        "username": "[email protected]",
        "identity": {
            "service": "slack",
            "external_id": "TABC123",
            "user_id": "UABC123"
        }
    },
    "fields": {
        "reason": "foobar",
        "duration": 30,
        "target": {
            "name": "test-target",
            "srn": "healthy-health:target:sandbox-leslielam:latest:request",
            "type": "aws_iam_group",
            "label": "Test Target",
            "settings": {
                "iam_group": "prod-break-glass"
            }
        },
        "urgency": "low",
        "target_id": "1c621be7-8531-4200-a0d3-841e1c88e28b"
    },
    "type": "event"
}

Updated 5 months ago