Audit Logs
Check your docs version
This version of the Anyscale docs is deprecated. Go to the latest version for up to date information.
note
Audit Logs are not currently enabled by default.
Please contact your Anyscale account team for assistance.
Overview
Audit logs enable logs for select user actions to be exported to an AWS S3 or GCP GCS bucket.
The following configurations are supported:
| Name | Values |
|---|---|
| Export location |
|
| Upload frequency |
|
| File format |
|
Examples
| AWS | GCP | |
|---|---|---|
| Files |  |  |
| Folders |  |  |
Log Contents
Each file uploaded on the frequency schedule will be per entity (see column) and outputted with the following path within the bucket:
/<org_id>/audit_logs/<entity>/<timestamp>.log.<file_format>
For example:
/org_123/audit_logs/cluster/1690300746.log.jsonl
The file will consist of user action records. Each record will map to the following schema:
{
"timestamp": string,
"user_id": string,
"source_ip": string,
"action": Action (enum), // see "Supported User Actions"
"entity": Entity (enum), // see "Supported User Actions"
"metadata": nullable object,
"user": {
"name": string,
"email": string
}
}
For example:
// User logged in
{
"timestamp": "2023-08-01 01:04:05.073682+00:00",
"user_id": "usr_123",
"source_ip": "1.2.3.4",
"action": "LOGIN",
"entity": "ACCESS",
"metadata": null,
"user": {
"name": "Jane",
"email": "jane@company.com"
}
}
// Cluster started
{
"timestamp": "2023-08-02 04:17:02.152921+00:00",
"user_id": "usr_123",
"source_ip": "1.2.3.4",
"action": "START",
"entity": "CLUSTER",
"metadata": {
"id": "ses_123"
},
"user": {
"name": "Bill",
"email": "bill@company.com"
}
}
Supported User Actions
The full list of logged user actions are below:
| Entity | Action | Metadata |
|---|---|---|
| USER | INVITE | invitee_email: string |
| JOIN | ||
| REMOVE | removee_id: string | |
| MODIFY | modifee_id: stringold_role: stringnew_role: string | |
| PAYMENT | ADD | |
| ACCESS | LOGIN | |
| LOGOUT | ||
| SUPPORT_ACCESS | LOGIN | |
| REQUEST |
| |
| CLUSTER | CREATE | id: string |
| START | ||
| TERMINATE | ||
| ARCHIVE | ||
| CLOUD | CREATE | name: string |
| DELETE | ||
| PROJECT | CREATE | |
| DELETE | ||
| CLUSTER_ENV | CREATE | |
| DELETE | ||
| COMPUTE_CONFIG | CREATE | |
| JOB | CREATE | |
| TERMINATE | ||
| ARCHIVE | ||
| SERVICE | CREATE | |
| TERMINATE | ||
| WORKSPACE | CREATE | |
| START | ||
| TERMINATE | ||
| DELETE |
Setup
Please contact your Anyscale account team.