docs/content/product/administration/monitoring/audit-log.mdx
Audit Log collects, stores, and displays security-related events within a Cube Cloud account, across all deployments. You can use it to maintain and review a historical record of activity for compliance purposes.
<InfoBox>Available on the Enterprise Premier plan. You can also choose an Audit Log tier.
</InfoBox>Read below about collected events. Also, see how you can enable Audit Log, view events, and download them.
<YouTubeVideo url="https://www.youtube.com/embed/W7hQzLS3wPc" aspectRatio={4/2.64} />
To enable Audit Log, navigate to the <Btn>Team & Security</Btn> page, open the <Btn>Audit Log</Btn> tab, and turn the <Btn>Enable Audit Log</Btn> switch on.
<InfoBox>If you choose to disable Audit Log, your account will be billed for using it until the end of the month.
</InfoBox>Audit Log displays events in a table with the following information for each event:
You can click on any event to view extended information:
Audit Log uses heuristics to detect sensitive values (e.g., passwords and tokens)
and sanitize them, i.e., replace them with [HIDDEN] in event-specific
attributes. You can see that a password was sanitized on the screenshot above.
If you'd like your custom environment variable to be sanitized, include one of
the following substrings in its name: PASS, SECRET, TOKEN, KEY.
You can also customize the table view with filters on the top and in the right sidebar:
<Screenshot src="https://ucarecdn.com/794dcf79-4268-46ad-8077-f2675dede9d0/" highlight="inset(1% 0.5% 49% 52.5% round 10px)" />
You can use the <Btn>↓ CSV</Btn> button to download a CSV file with all events in the current view:
<Screenshot src="https://ucarecdn.com/794dcf79-4268-46ad-8077-f2675dede9d0/" highlight="inset(1% 50% 92% 43% round 10px)" />
Audit Log collects the following types of events:
| Category | Event type |
|---|---|
| Users | Created user |
Deleted user | |
Invited user | |
Updated user profile | |
Requested password reset | |
Changed password | |
| Custom roles | Created role |
Deleted role | |
Updated role | |
Assigned role to user | |
Assigned roles to user | |
Removed role from user | |
| Authentication | Logged in |
Logged out | |
Redirected to SAML provider for login | |
Logged in via SAML | |
| Account and single sign-on | Updated account settings |
Updated account authentication configuration | |
Updated account SAML configuration | |
Uploaded identity provider metadata file | |
| Deployments | Created deployment |
Deleted deployment | |
Updated deployment configuration | |
Enabled SQL API for deployment | |
Generated data model | |
| Branches and dev mode | Created Git branch |
Deleted Git branch | |
Entered dev mode | |
Exited dev mode | |
Pulled changes to data model | |
Committed and merged changes to data model | |
Merged changes to data model | |
Reverted changes to data model in branch | |
| Continuous deployment | Requested connection of GitHub account |
Connected deployment to GitHub repository | |
Generated SSH key for deployment | |
Connected deployment to Git upstream | |
Generated Git credentials for Cube Cloud repository | |
Generated webhook token for Git repository | |
Received a Git hook | |
Started uploading files | |
Finished uploading files | |
Triggered new build | |
| Budgets | Created budget |
Deleted budget | |
Updated budget |