7.15. Query Auditing

GeoMesa provides a Java SPI to audit queries. Auditing can be enabled when creating a DataStore by setting the parameter geomesa.query.audit to true in the connection map. Audits are written to log files under the logger name org.locationtech.geomesa.utils.audit.AuditLogger$. In Accumulo, audits are also written to the <catalog>_queries table.

As GeoMesa can run in many environments, determining who executed a query is delegated to a service class. Services need to implement org.locationtech.geomesa.utils.audit.AuditProvider. Third-party implementations can be enabled by placing them on the classpath and including a special service descriptor file. See the Oracle Javadoc for details on implementing a service provider.

The GeoMesa GeoServer plugins come bundled with an AuditProvider that pulls user credentials from GeoServer’s Spring security framework - org.locationtech.geomesa.security.SpringAuditProvider.