Logging & Admin Service

Overview

Centralized logging and administration tools for the platform. Collects log data from all services and provides moderation capabilities for game operators.

Responsibilities

• Aggregate logs and metrics from every microservice
• Offer dashboards and search for operators and moderators
• Enforce moderation actions such as bans via secured APIs
• Record audit trails for feature flag changes and account events

Architecture / Design Notes

Uses the common stack outlined in Logging & Monitoring and exposes admin endpoints for reviewing logs and applying moderation actions. All admin APIs are secured via role-based access control integrated with the Account Service.

• Access to this service is protected by mTLS and JWT validation through the JWKS endpoint provided by the Account Service. See Security Architecture.
• The security model relies solely on JWT roles; there is no additional network-layer isolation for admin endpoints.
• Moderation data and log indices include a tenantId field so administrators only see information for the games they manage. Cross-tenant queries are rejected per the Multi-Tenancy strategy.
• Utilizes the Shared Libraries for DTO definitions, logging interceptors, and Micrometer metrics.

Key Features

• Central log collection and search.
• Basic analytics dashboards for operators.
• Tools for banning or restricting accounts.
• Moderation policy definitions including profanity filters.
• UI and APIs for toggling runtime feature flags. See Versioning & Runtime Configuration.
• Audit trail for account actions and world changes.
• Transaction logs for purchases and subscription events.
• Captures failed login attempts and suspicious activity reported by the Game Session Service for operator review.
• Works with Saga workflows to record state changes across services. See Transaction Strategies.

Data Model

• Log events are stored in Elasticsearch indexes for search.
• moderation_action table records bans and warnings with timestamps.
• feature_flag table mirrors active runtime settings for auditing.

Moderation Workflow

• Operators review flagged logs through the web UI.
• Actions such as bans or warnings are issued via secured API calls.
• Events are forwarded to the Account Service for enforcement and stored for compliance purposes.

gRPC/REST APIs

• QueryLogs – streams filtered log entries for analysis.
• ApplyModerationAction – bans or restricts an account based on policy.
• ToggleFeatureFlag – updates runtime configuration values.

Dependencies

• Internal:
  • Account Service forwards account events and payment notifications.
  • Game Session Service streams session lifecycle metrics.
  • Social & Groups Service delivers chat logs for moderation.
• External: Elasticsearch, Prometheus, Grafana, and Alertmanager for storage, visualization, and alerting.

See Gateway Architecture, Deployment Environments, and Protocol Bridging for details on shared infrastructure components.

Operational Notes

• Deployed as a Kubernetes Deployment with horizontal scaling for log-processing workloads.
• Health endpoints under /actuator/health feed readiness and liveness probes.
• Metrics and OpenTelemetry traces are scraped by Prometheus; Fluent Bit ships structured logs to Elasticsearch for search.
• Environment differences are outlined in Deployment Environments.

Proto Files

API schemas are kept in ../../../../protos/logging-admin/v1. When these change, run ./gradlew generateProto to refresh generated sources.

📚 Related Documentation

See Logging & Monitoring for details on the shared observability stack.

• Security Architecture

• Multi-Tenancy

• Service Responsibility Matrix

• User Journeys – Monitoring and Moderation

• User Journeys – Purchases and Subscriptions

• gRPC API Style & Versioning Guidelines

• Shared Libraries Overview

• Backup & Disaster Recovery

• Authentication & Authorization

• Testing Strategy

• CI/CD Pipeline

• System Architecture Diagram

• System Context Diagram

Future Enhancements

• Role-based admin UI.
• Automated alerting for suspicious activity via Prometheus Alertmanager.
• Real-time analytics on game performance.
• Optional 2FA support for administrator accounts, pending Security Architecture enhancements.