0
0
Apache Airflowdevops~10 mins

Audit logging in Apache Airflow - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Process Flow - Audit logging
User triggers action
Airflow intercepts event
Create audit log entry
Store log in audit database/file
Admin reviews logs for security/compliance
Audit logging in Airflow captures user actions and system events, storing them for review and compliance.
Execution Sample
Apache Airflow
from airflow.utils.log.logging_mixin import LoggingMixin
logger = LoggingMixin().log
logger.info('User X triggered DAG run')
This code logs an audit message when a user triggers a DAG run in Airflow.
Process Table
StepActionEvent CapturedLog Entry CreatedStorage Location
1User triggers DAG runDAG run request by user XLog entry with timestamp and user infoAudit log file or DB
2Airflow processes DAG runDAG execution startedLog entry with DAG id and start timeAudit log file or DB
3Task completesTask success/failure statusLog entry with task id and statusAudit log file or DB
4Admin queries logsAudit log retrievalNo new log createdLogs displayed to admin
💡 All relevant user and system events are logged for auditing purposes.
Status Tracker
VariableStartAfter Step 1After Step 2After Step 3Final
audit_logemptyentry for DAG run requestentry for DAG startentry for task statusall entries stored
Key Moments - 2 Insights
Why do we log both user actions and system events?
Logging both user actions and system events ensures a complete audit trail, as shown in execution_table rows 1 and 2, capturing who did what and what happened in the system.
Where are audit logs stored in Airflow?
Audit logs are stored in a dedicated file or database, as indicated in the 'Storage Location' column of the execution_table, ensuring logs are safe and accessible.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, what event is captured at Step 3?
AUser triggers DAG run
BTask success/failure status
CDAG execution started
DAudit log retrieval
💡 Hint
Check the 'Event Captured' column for Step 3 in the execution_table.
At which step is no new log entry created?
AStep 4
BStep 2
CStep 1
DStep 3
💡 Hint
Look at the 'Log Entry Created' column in the execution_table for Step 4.
If the user action logging is removed, which step's log entry would be missing?
AStep 2
BStep 3
CStep 1
DStep 4
💡 Hint
Refer to the 'Action' and 'Log Entry Created' columns for Step 1 in the execution_table.
Concept Snapshot
Audit logging in Airflow:
- Captures user actions and system events
- Logs include timestamps, user info, event details
- Stored in files or databases for security
- Enables review and compliance checks
- Essential for tracking changes and troubleshooting
Full Transcript
Audit logging in Airflow works by capturing every important action and event. When a user triggers a DAG run, Airflow creates a log entry with the user and timestamp. As the DAG runs, system events like task starts and completions are also logged. These logs are saved in a secure location such as a file or database. Admins can later review these logs to check for security or compliance. This process ensures a full record of what happened and who did it, helping with troubleshooting and audits.