Audit logs
important
Anyscale doesn't enable audit logs by default.
Audit logs are only available on customer-hosted clouds. Reach out to support@anyscale.com for more information.
Audit logs enables Anyscale to export logs for select user actions to an AWS S3 or GCP GCS bucket.
The following configurations are supported:
| Name | Values |
|---|---|
| Export location |
|
| Upload frequency |
|
| File format |
|
Examples
| AWS | GCP | |
|---|---|---|
| Files |  |  |
| Folders |  |  |
Log contents
Anyscale uploads one file per entity on the configured frequency schedule. The files are outputted to the following path within the bucket:
/<org_id>/audit_logs/<entity>/<timestamp>.log.<file_format>
For example:
/org_123/audit_logs/cluster/1690300746.log.jsonl
The file consists of user action records. Each record conforms to the following schema:
{
"timestamp": string,
"user_id": string,
"source_ip": string,
"action": Action (enum), // see "Supported User Actions"
"entity": Entity (enum), // see "Supported User Actions"
"metadata": nullable object,
"user": {
"name": string,
"email": string
}
}
For example:
// User logged in
{
"timestamp": "2023-08-01 01:04:05.073682+00:00",
"user_id": "usr_123",
"source_ip": "1.2.3.4",
"action": "LOGIN",
"entity": "ACCESS",
"metadata": null,
"user": {
"name": "Jane",
"email": "jane@company.com"
}
}
// Cluster started
{
"timestamp": "2023-08-02 04:17:02.152921+00:00",
"user_id": "usr_123",
"source_ip": "1.2.3.4",
"action": "START",
"entity": "CLUSTER",
"metadata": {
"id": "ses_123"
},
"user": {
"name": "Bill",
"email": "bill@company.com"
}
}
Supported user actions
The full list of logged user actions are below:
| Entity | Action | Metadata |
|---|---|---|
| USER | INVITE | invitee_email: string |
| JOIN | ||
| REMOVE | removee_id: string | |
| MODIFY | modifee_id: stringold_role: stringnew_role: string | |
| PAYMENT | ADD | |
| ACCESS | LOGIN | |
| LOGOUT | ||
| SUPPORT_ACCESS | LOGIN | |
| REQUEST |
| |
| CLUSTER | CREATE | id: string |
| START | ||
| TERMINATE | ||
| ARCHIVE | ||
| CLOUD | CREATE | name: string |
| DELETE | ||
| CLUSTER_ENV | CREATE | |
| DELETE | ||
| COMPUTE_CONFIG | CREATE | |
| JOB | CREATE | |
| TERMINATE | ||
| ARCHIVE | ||
| SERVICE | CREATE | |
| TERMINATE | ||
| WORKSPACE | CREATE | |
| START | ||
| TERMINATE | ||
| DELETE |
Setup
Contact your Anyscale account team.