Skip to content

Audit log

Audit logs help you monitor and record the activities of each user, and provide features for collecting, storing and querying security-related records arranged in chronological order. With the audit log service, you can continuously monitor and retain user behaviors in the global management module, including but not limited to user creation, user login/logout, user authorization, and user operations related to Kubernetes.

Features

The audit log feature has the following characteristics:

  • Out of the box: When installing and using the platform, the audit log feature will be enabled by default, automatically recording various user-related actions, such as creating users, authorization, login/logout, etc. By default, 365 days of user behavior can be viewed within the platform.

  • Security analysis: The audit log will record user operations in detail and provide an export function. Through these events, you can judge whether the account is at risk.

  • Real-time recording: Quickly collect operation events, and trace back in the audit log list after user operations, so that suspicious behavior can be found at any time.

  • Convenient and reliable: The audit log supports manual cleaning and automatic cleaning, and the cleaning strategy can be configured according to your storage size.

View Audit Logs

  1. Log in to DCE 5.0 with a user account that has the admin or Audit Owner role.

    Log in to DCE 5.0

  2. At the bottom of the left navigation bar, click Global Management -> Audit Logs .

    Audit Logs

User operations

On the User Operations tab, you can search for user operation events by time range, or by using fuzzy or exact search.

Click the icon on the right side of an event to view its details.

User audit logs

The event details are shown in the following figure.

User event details

Click the Export button in the upper right corner to export the user operation logs within the selected time range in CSV or Excel format.

Export

System operations

On the System operations tab, you can search for system operation events by time range, or by using fuzzy or exact search.

Similarly, click the icon on the right side of an event to view its details.

System event details

Click the Export button in the upper right corner to export the system operation logs within the selected time range in CSV or Excel format.

Export

Settings

On the Settings tab, you can clean up audit logs for user operations and system operations.

Clean up

You can manually clean up the logs, but it is recommended to export and save them before cleaning. You can also set the maximum retention time for the logs to automatically clean them up.

Note

The audit logs related to Kubernetes in the auditing module are provided by the observability module. To reduce the storage pressure of the audit logs, DCE 5.0 by default does not collect Kubernetes-related logs. If you need to record them, please refer to Enabling K8s Audit Logs. Once enabled, the cleanup function is consistent with the global management cleanup function, but they do not affect each other.

Comments