How to log information about the user that performed an action on a Service Fabric cluster

Question

Is there any way to log information to Application Insights about the specific user who performed an action on a cluster, e.g. the user that deleted an application? I was wondering if this can be done with an Entra ID/Azure AD enabled cluster since we assign users to admin and read-only roles. Thanks.

Answer 1

Hi @Muriuki, Levi M Welcome to the Microsoft Q&A and thank you for posting your questions here.

You are asking on how to log information about the user that performed an action on a Service Fabric cluster.

Yes, you can log information about the user who performed an action on a Service Fabric cluster, including actions like deleting an application.

The first thing that should come to mind on how to achieve this is Azure Application Insights. Ensure that Application Insights is enabled for your Service Fabric application. You can do this during application setup or by adding it later through Azure portal or ARM templates.

You can also implement Instrumentation in code within your Service Fabric application code.

Thirdly, you can log the user information along with the action details when an action is performed.

Since you're using Azure AD or Entra ID for authentication and assigning roles, you can leverage the claims provided by these identity providers to capture user information.

This is an example of how you might log user information when deleting an application, if you're a developer using C#:

// Example code snippet in C#
// Assuming you have access to the current request's claims principal
var user = ClaimsPrincipal.Current.Identity.Name; // Retrieve user's identity from claims
// Log the user's action along with their identity
TelemetryClient telemetryClient = new TelemetryClient();
telemetryClient.TrackEvent("ApplicationDeleted", new Dictionary<string, string> {
    { "User", user },
    { "ApplicationId", applicationId } // Assuming you have the application ID as well
});
telemetryClient.Flush(); // Ensure logs are sent immediately

Remember, this is a basic example, and you'll need to adapt it to fit your specific application structure and logging requirements. I hope this is helpful! Do not hesitate to let me know if you have any other questions. Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution. Best Regards, Sina

Answer 2

Hello Muriuki, Levi M, Welcome to microsoft Q&A, Thankyou for posting your query here.

1. Integrate your application with application insights. this require adding your SDK/library to your application. 2.Integrating Application Insights with your application typically involves adding the Application Insights SDK or library to your application codebase. 3.This SDK allows your application to send telemetry data (such as logs, metrics, and traces) to Application Insights for monitoring and analysis. 4.The specific steps for integrating the SDK depend on the programming language and framework used in your application. 5.once application SDK is added you can use your code to send telemetry data to Application Insights. 6.Extract the user information from Azure AD claims when a user performs an action ,includes the user's unique identifier and other relevant details. 7.Log the user information along with the action performed and any other relevant data to Application Insights. This creates a record of who did what and when. 8.Use the logged data in Application Insights to query and analyze user actions. This helps in understanding user behavior and troubleshooting issues. 9.Implement RBAC to make sure that only authorized users can perform certain actions. 10.Confirm compliance with security and privacy regulations by only logging necessary information and handling sensitive data. Hope this helps you.