Decision Export and User Activity Export Log Files

Decision Export and User Activity Export is configured at the Workspace level. When export options are configured, decision and activity logs are sent to external data sources for analysis.

Configuring Decision and User Activity Export

The following procedure is used to configure Decision and User Activity Export.

1. Login to the Styra DAS UI.

2. Navigate to WORKSPACE >> Settings >> Decision Export Target or User Activity Export Target pane.

3. In Decision Export Target or User Activity Export Target click the drop-down list and select a decision export target.

None

If None is selected, Styra DAS does not export decisions or user activity. None is the default selection.

Amazon S3

If Amazon S3 is selected, Styra DAS exports decisions or user activity to an Amazon S3 bucket.

• Region: Select an AWS Region from the drop-down list.

• Bucket Name (and Path) (required): Type the string representing the bucket name. Enter the bucket name and a path within that bucket. For example, amazon-s3-bucket-testing.

• Endpoint: Type the gateway endpoint. For more information, see Amazon S3 Endpoints.

• AWS IAM Role: (required if using role based access) Type the IAM role. For more information, see Using service-linked roles for Amazon RDS.

• Access Key ID (required if not using role based access): Type the IAM user access key ID. For more information, see AWS IAM User Access Keys.

• Secret Access Key (required if not using role based access): Type the IAM user secret access key. For more information, see AWS IAM User Access Keys page.

• Export Interval: Select the time interval between 30 seconds to 1 hour from the drop-down list.

Azure Blob Storage

If Azure Blob Storage is selected, Styra DAS exports decisions or user activity to Azure Blob Storage.

• Container Name and Path: Type the string representing the bucket name. Enter the bucket name and a path within that bucket. For example, azureblobstorage-bucket-testing.

• Endpoint: Type the gateway endpoint. For more information, see Azure Endpoints.

• Account Name: Type the Azure blob storage account name. For more information, see Create an Azure Blob Storage Account.

• Access Key or SAS Token: Type in the access key ID or SAS Token. For more information, see Azure storage account keys.

• Export Interval: Select the time interval between 30 seconds to 1 hour from the drop-down list.

Google Cloud Storage

If Google Cloud Storage is selected, Styra DAS exports decisions or user activity to Google Cloud Storage (GCS).

• Region (required): Select an GCS Region from the drop-down list.

• Bucket Name (and Path) (required): Type the string representing the bucket name. Enter the bucket name and a path within that bucket. For example, gcs-bucket-testing.

• Endpoint: Type the gateway endpoint. For more information, see Google Cloud Storage Endpoints.

• Access Key ID (required): Type the hash-based message authentication code (HMAC) key. For more information, see hash-based message authentication code keys.

• Secret Access Key (required): The Styra DAS secret is required if you are using a Google Cloud Storage bucket within your own Google Cloud Storage account.

• Export Interval: Select the time interval between 30 seconds to 1 hour from the drop-down list.

Kafka

If Kafka is selected, Styra DAS exports decisions or user activity to Kafka.

• Brokers (required): Type in one or more Kafka brokers.

• Topic (required): Type a Kafka topic. For example, test-topic.

• Required Acks (required): Select WaitForAll or WaitForLocal from the drop- down list.

• Security Protocol: Select PLAINTEXT, SASL-TLS (Server-TLS), or TLS (Mutual-TLS) from the drop down-list.

• Authentication: Select Open, PLAINTEXT, SASL, or TLS from the drop-down list.

• Kafka PLAIN

  • Username: Type the Kafka username.
  • Password: Type the Kafka password.

• Kafka SASL

  • SASL Mechanism: Select PLAIN, SCRAM-SHA-256, SCRAM-SHA-512, or OAUTHBEARER from the drop-down list. If OAUTHBEARER is selected, select the oAuth Bearer Provider (required) from the drop-down list.
  • Username: Type the Kafka username.
  • Password: Type the Kafka password.

• SASL Version: Type the SASL version. The default value is 1. For Azure Event Hub, set to 0.

• Kafka TLS

  • RootCA (required): Provide the root certificate.
  • Client Certificate: Provide the client certificate.
  • Client Key: Provide the client key.
  • Insecure Skip Verify: Configure Skip server certificate chain and host verification through the toggle. The default setting is false.

• Advanced Settings

  • Version: Type the Kafka version, for example 2.0.0.
  • Compression: Select None, GZIP, SNAPPY, LZ4, or ZSTD from the drop-down list.
  • Max Retries: Type the maximum number of retries, for example 3.
  • Max Message Size: Type the maximum message size in bytes, for example 1000000.
  • Timeout: Type the message timeout duration, for example 10s.
  • Idempotent: Enable or Disable Kafka idempotent exactly-once reliability semantics using the toggle switch.

• Export Interval: Select the time interval between 30 seconds to 1 hour from the drop-down list.

System-Level Decision Export Kafka Topics

All systems will by default export decisions to the Kafka topic defined in the Workspace Decision Export settings. Individual systems can be configured to export to separate topics in the same Kafka cluster by setting the kafka_topic parameter in the CreateSystem or UpdateSystem API operations.

Remove Export Configuration

To remove the existing export configuration:

1. Click the drop down menu from the Decision Export Target or User Activity Export Target pane.

2. Select None.

3. Click Save changes.

The existing export configuration is deleted. All saved export information will be removed from Styra DAS.

View Export Status

To view the decision export or user activity export status, hover over User Activity Export to see ✅ for success or ❌ for failure.

Reset Export Configuration

To reset the current export configuration:

1. Click the drop down menu from the Decision Export Target or User Activity Export Target pane.

2. Click Reset.

3. Click Save changes.

The export configuration options are set to Styra DAS default values.

Retention Policy

The retention policy for the User Activity Export Logs is four weeks.