-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathaudit-appendix.html
314 lines (299 loc) · 9.61 KB
/
audit-appendix.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<title>OTM Appendix - Audit Events</title>
<script
src='https://www.w3.org/Tools/respec/respec-w3c'
class='remove'></script>
<script class='remove'>
var respecConfig = {
specStatus: "base",
editors: [{
name: "Mike Ritter",
company: "Chronopolis",
companyURL: "http://libraries.ucsd.edu/chronopolis/"
},{
name: "Sibyl Schaefer",
company: "University of California, San Diego",
companyURL: "https://ucsd.edu"
}],
gitHub: "ucsdlib/otm-specs",
shortName: "audit-appendix",
wg: "One to Many Working Group",
wgURI: "https://wiki.lyrasis.org/display/OTM",
edDraftURI: "https://github.com/ucsdlib/otm-specs/blob/master/audit-appendix.html",
maxTocLevel: 3,
otherLinks: [{
key: "OTM Specifications",
data: [{
value: "One to Many (OTM) Specifications Overview",
href: "."
},
{
value: "OTM Preservation Workflow",
href: "preservation-workflow.html"
},
{
value: "OTM Bridge API Specification",
href: "otm-bridge.html"
},
{
value: "OTM Gateway API Specification",
href: "otm-gateway.html"
},
{
value: "OTM Appendix - Hyrax Workflow",
href: "hyrax-workflow.html"
}]
}]
};
</script>
<link rel="stylesheet" href="otm-styles.css">
</head>
<body>
<p class='copyright'>This document is licensed under a
<a class='subfoot' href='https://creativecommons.org/licenses/by/4.0/' rel='license'>
Creative Commons Attribution 4.0 License
</a>.
</p>
<section id='abstract'>
<p>
This document defines a set of events that can be used and extended to communicate status about content that has been
deposited into a DDP through the OTM Bridge. Each event describes an action which has occurred within the DDP and is
associated with content that has been deposited through the OTM Bridge. The set of all events associated with one
deposited entity (filegroup or file) is considered to be that entity's audit log. This audit log is available for each
deposit via the OTM Bridge <a href="otm-bridge.html#get-audit-log">Get Audit Log</a> endpoint.
</p>
</section>
<section>
<h2>Status of This Document</h2>
<p>This document is an appendix to a specification, created as part of the One to Many grant, funded by the Andrew W.
Mellon Foundation.</p>
</section>
<section>
<h2>Audit Log Events</h2>
<p class="note">
The audit log events listed in this document are based on initial discussions between representatives from Chronopolis
and APTrust and should be considered in draft form as additional discussions with other DDPs may uncover differences in
auditing practices.
</p>
<section>
<h3>Ingest</h3>
<p>The Ingest event represents the ingestion of content from an OTM Gateway by a DDP. This event can represent either a
filegroup being ingested or a file being ingested.<p>
<table id="ingest-fields" class="simple">
<thead>
<tr>
<th>Field Name</th>
<th>Note</th>
</tr>
</thead>
<tbody>
<tr>
<td>Identifier</td>
<td>Identifier associated with the filegroup or file</td>
</tr>
<tr>
<td>Version</td>
<td>The version identifier of the filegroup or file which was ingested</td>
</tr>
<tr>
<td>Timestamp</td>
<td>The timestamp of when the Ingest event completed</td>
</tr>
<tr>
<td>Checksum</td>
<td>The checksum recorded by the DDP at Ingest</td>
</tr>
<tr>
<td>Checksum Algorithm</td>
<td>The algorithm used to generate the checksum</td>
</tr>
<tr>
<td>Bytes Ingested</td>
<td>The number of bytes ingested for the filegroup or the file</td>
</tr>
<tr>
<td>Files Ingested</td>
<td>The number of files ingested</td>
</tr>
</tbody>
</table>
</section>
<section>
<h3>Replication</h3>
<p>The Replication event represents the distribution of a filegroup or a file to a single location within a DDP. This
should occur for each copy of the filegroup regardless of whether or not it is the primary copy.</p>
<table id="replication-fields" class="simple">
<thead>
<tr>
<th>Field</th>
<th>Note</th>
</tr>
</thead>
<tbody>
<tr>
<td>Identifier</td>
<td>Identifier associated with the filegroup or file</td>
</tr>
<tr>
<td>Version</td>
<td>The version identifier of the filegroup or file which was replicated</td>
</tr>
<tr>
<td>Timestamp</td>
<td>The timestamp of when the Replication event completed</td>
</tr>
<tr>
<td>Replicated To</td>
<td>The location where filegroup or file was replicated</td>
</tr>
</tbody>
</table>
</section>
<section>
<h3>Fixity</h3>
<p>The Fixity event represents an action taken by a DDP to validate that a deposited file received as part of a
filegroup has not been changed. This can occur at any point in the lifecycle of the file.</p>
<table id="fixity-fields" class="simple">
<thead>
<tr>
<th>Field</th>
<th>Note</th>
</tr>
</thead>
<tbody>
<tr>
<td>Identifier</td>
<td>Identifier associated with the file</td>
</tr>
<tr>
<td>Version</td>
<td>The version identifier of the filegroup or file which was checked</td>
</tr>
<tr>
<td>Timestamp</td>
<td>The timestamp of when the Fixity event occurred</td>
</tr>
<tr>
<td>Checksum</td>
<td>The checksum calculated according to the algorithm used</td>
</tr>
<tr>
<td>Checksum Algorithm</td>
<td>The algorithm used to validate the file</td>
</tr>
<tr>
<td>Fixity Result</td>
<td>Boolean value indicating success or failure of the event</td>
</tr>
</tbody>
</table>
</section>
<section>
<h3>Deletion</h3>
<p>A Deletion event represents the removal of one or more files from DDP storage.</p>
<table id="delete-fields" class="simple">
<thead>
<tr>
<th>Field</th>
<th>Note</th>
</tr>
</thead>
<tbody>
<tr>
<td>Identifier</td>
<td>Identifier associated with the filegroup or file</td>
</tr>
<tr>
<td>Version</td>
<td>The version identifier of the filegroup or file which was deleted</td>
</tr>
<tr>
<td>Timestamp</td>
<td>The timestamp of when the Delete event occurred</td>
</tr>
<tr>
<td>Checksum</td>
<td>The checksum value of the file which was deleted</td>
</tr>
<tr>
<td>Checksum Algorithm</td>
<td>The algorithm used to generate the checksum</td>
</tr>
</tbody>
</table>
</section>
<section>
<h3>Repair</h3>
<p>A Repair event occurs when a DDP resolves any file corruption. Although this is internal to the DDP, it is
considered to be an event that may be auditable.</p>
<table id="repair-fields" class="simple">
<thead>
<tr>
<th>Field</th>
<th>Note</th>
</tr>
</thead>
<tbody>
<tr>
<td>Identifier</td>
<td>Identifier associated with the filegroup or file</td>
</tr>
<tr>
<td>Version</td>
<td>The version identifier of the filegroup or file which was repaired</td>
</tr>
<tr>
<td>Timestamp</td>
<td>The timestamp of when the Repair event occurred</td>
</tr>
<tr>
<td>Repair Outcome</td>
<td>The result of the Repair</td>
</tr>
</tbody>
</table>
</section>
<section>
<h3>Restoration</h3>
<p>Restoration is an event which occurs when the Repository requests a filegroup be retrieved from a DDP.</p>
<table id="restore-fields" class="simple">
<thead>
<tr>
<th>Field</th>
<th>Note</th>
</tr>
</thead>
<tbody>
<tr>
<td>Identifier</td>
<td>Identifier associated with the filegroup or file</td>
</tr>
<tr>
<td>Version</td>
<td>The version identifier of the filegroup or file which was restored</td>
</tr>
<tr>
<td>Timestamp</td>
<td>The timestamp of when the Restore event occurred</td>
</tr>
<tr>
<td>Expiration</td>
<td>The expiration timestamp for the Restore</td>
</tr>
<tr>
<td>Success</td>
<td>The result of the Restoration: true or false</td>
</tr>
<tr>
<td>From</td>
<td>The location in the DDP where the filegroup or file came from</td>
</tr>
</tbody>
</table>
</section>
</section>
</body>
</html>