Some work to make sure the user agent and ip address are always passed correctly to audit logs.

packages/backend-core/src/events/events.ts

@@ -1,4 +1,10 @@
-import { AuditLogFn, Event, IdentityType, HostInfo } from "@budibase/types"
+import {
+  AuditLogFn,
+  Event,
+  IdentityType,
+  AuditedEventFriendlyName,
+  AuditLogQueueEvent,
+} from "@budibase/types"
 import { processors } from "./processors"
 import identification from "./identification"
 import { getAppId } from "../context"
@@ -6,24 +12,17 @@ import * as backfill from "./backfill"
 import { createQueue, JobQueue } from "../queue"
 import BullQueue from "bull"
 
-type AuditLogEvent = {
-  event: Event
-  properties: any
-  opts: {
-    timestamp?: string | number
-    userId?: string
-    appId?: string
-    hostInfo?: HostInfo
-  }
+export function isAudited(event: Event) {
+  return !!AuditedEventFriendlyName[event]
 }
 
 let auditLogsEnabled = false
-let auditLogQueue: BullQueue.Queue<AuditLogEvent>
+let auditLogQueue: BullQueue.Queue<AuditLogQueueEvent>
 
 export const configure = (fn: AuditLogFn) => {
   auditLogsEnabled = true
   const writeAuditLogs = fn
-  auditLogQueue = createQueue<AuditLogEvent>(JobQueue.AUDIT_LOG)
+  auditLogQueue = createQueue<AuditLogQueueEvent>(JobQueue.AUDIT_LOG)
   return auditLogQueue.process(async job => {
     await writeAuditLogs(job.data.event, job.data.properties, {
       userId: job.data.opts.userId,
@@ -46,11 +45,11 @@ export const publishEvent = async (
   // no backfill - send the event and exit
   if (!backfilling) {
     await processors.processEvent(event, identity, properties, timestamp)
-    if (auditLogsEnabled) {
+    if (auditLogsEnabled && isAudited(event)) {
       // only audit log actual events, don't include backfills
       const userId =
         identity.type === IdentityType.USER ? identity.id : undefined
-      // add to event queue, rather than just writing immediately
+      // add to the event queue, rather than just writing immediately
       await auditLogQueue.add({
         event,
         properties,
@@ -58,6 +57,7 @@ export const publishEvent = async (
           userId,
           timestamp,
           appId: getAppId(),
+          hostInfo: identity.hostInfo,
         },
       })
     }

packages/backend-core/src/events/identification.ts

@@ -89,7 +89,7 @@ const getCurrentIdentity = async (): Promise<Identity> => {
       installationId,
       tenantId,
       environment,
-      hostInfo: userContext.host,
+      hostInfo: userContext.hostInfo,
     }
   } else {
     throw new Error("Unknown identity type")

packages/backend-core/src/events/index.ts

@@ -3,7 +3,7 @@ export * as processors from "./processors"
 export * as analytics from "./analytics"
 export { default as identification } from "./identification"
 export * as backfillCache from "./backfill"
-export { configure } from "./events"
+export { configure, isAudited } from "./events"
 
 import { processors } from "./processors"
 

packages/types/src/sdk/auditLogs.ts

@@ -12,3 +12,9 @@ export type AuditLogFn = (
   metadata: any,
   opts: AuditWriteOpts
 ) => Promise<any>
+
+export type AuditLogQueueEvent = {
+  event: Event
+  properties: any
+  opts: AuditWriteOpts
+}

packages/types/src/sdk/events/identification.ts

@@ -46,7 +46,7 @@ export interface Identity {
   environment: string
   installationId?: string
   tenantId?: string
-  hostInfo: HostInfo
+  hostInfo?: HostInfo
 }
 
 export interface UserIdentity extends Identity {