ListLogGroups API Returns Incomplete Results for VCN/Subnet Audit Log Groups #713
Description
The LoggingManagementClient.listLogGroups() method returns incomplete results, specifically missing log groups associated with VCN/subnet audit logging, despite successful authentication and HTTP 200 responses.
Environment
- OCI Java SDK Version: 3.69.0
- Java Version: 8
- Authentication: User principal with tenancy-wide read permissions
Expected Behavior
Should return all log groups the authenticated principal can access, including VCN Flow Log audit groups.
Actual Behavior
- API returns HTTP 200 with valid response structure and request IDs
(super=com.oracle.bmc.logging.responses.ListLogGroupsResponse@be50ef52,opcNextPage=null,opcPreviousPage=null,opcRequestId=<request_id>,items=[])
- Same log groups are visible and accessible in OCI Console with identical credentials
- No authentication errors or exceptions
- OCI CLI shows identical behavior (missing same log groups)
oci logging log-group list --compartment-id "<compartment-id>" --region us-phoenix-1
Implementation
final LoggingManagementClient client = LoggingManagementClient.builder()
.region(region)
.build(new ConfigFileAuthenticationDetailsProvider(configFilePath, profile))
final ListLogGroupsRequest.Builder builder = ListLogGroupsRequest.builder().compartmentId(compartmentId);
String nextPage = null;
do {
final ListLogGroupsRequest request = builder.page(nextPage).build();
final ListLogGroupsResponse response = client.listLogGroups(request);
response.getItems().forEach(logGroup -> {
// Process discovered log groups - VCN audit log groups missing
});
nextPage = response.getOpcNextPage();
} while (!Strings.isNullOrEmpty(nextPage));Request
Please investigate why the API filters out VCN/subnet audit log groups that are visible in Console with same permissions.
Note: May be related to #668