OSDU API Logging Requirements

For all OSDU APIs, we need to log a number of attributes in a standard format.

Each log entry should contain:

• The principal from the id_token
• Whether the invocation was allowed/denied
• What resources were involved
• Any API header containing sensitive information such as authorization token should not be logged
• Unambiguous date and time. Preferably in ISO-8601 format
• Origin IP address for caller
• Other information as appropriate to the service being invoked

All OSDU APIs will generate API invocation logs in JSON format. The OSDU data platform will not filter any of the output that is logged. Operators can redact, delete, or retain logs as required.

Operator Input

• Chevron wants JSON format and imported into Azure Log Analytics.
• ConocoPhillips wants CIM (Common Information Model) format to be supported.
• Repsol: any Syslog, CEF, GELF, etc. is suitable.
• Equinor: CEF and JSON formats are acceptable.