Audit logs
These docs are for the new Anyscale design. If you started using Anyscale before April 2024, use Version 1.0.0 of the docs. If you're transitioning to Anyscale Preview, see the guide for how to migrate.
Anyscale doesn't enable audit logs by default.
Audit logs are only available on customer-hosted clouds. Reach out to preview-help@anyscale.com
for more information.
Audit logs enables Anyscale to export logs for select user actions to an AWS S3 or GCP GCS bucket.
The following configurations are supported:
Name | Values |
---|---|
Export location |
|
Upload frequency |
|
File format |
|
Examples
AWS | GCP | |
---|---|---|
Files | ![]() | ![]() |
Folders | ![]() | ![]() |
Log contents
Anyscale uploads one file per entity on the configured frequency schedule. The files are outputted to the following path within the bucket:
/<org_id>/audit_logs/<entity>/<timestamp>.log.<file_format>
For example:
/org_123/audit_logs/cluster/1690300746.log.jsonl
The file consists of user action records. Each record conforms to the following schema:
{
"timestamp": string,
"user_id": string,
"source_ip": string,
"action": Action (enum), // see "Supported User Actions"
"entity": Entity (enum), // see "Supported User Actions"
"metadata": nullable object,
"user": {
"name": string,
"email": string
}
}
For example:
// User logged in
{
"timestamp": "2023-08-01 01:04:05.073682+00:00",
"user_id": "usr_123",
"source_ip": "1.2.3.4",
"action": "LOGIN",
"entity": "ACCESS",
"metadata": null,
"user": {
"name": "Jane",
"email": "jane@company.com"
}
}
// Cluster started
{
"timestamp": "2023-08-02 04:17:02.152921+00:00",
"user_id": "usr_123",
"source_ip": "1.2.3.4",
"action": "START",
"entity": "CLUSTER",
"metadata": {
"id": "ses_123"
},
"user": {
"name": "Bill",
"email": "bill@company.com"
}
}
Supported user actions
The full list of logged user actions are below:
Entity | Action | Metadata |
---|---|---|
USER | INVITE | invitee_email: string |
JOIN | ||
REMOVE | removee_id: string | |
MODIFY | modifee_id: string old_role: string new_role: string | |
PAYMENT | ADD | |
ACCESS | LOGIN | |
LOGOUT | ||
SUPPORT_ACCESS | LOGIN | |
REQUEST |
| |
CLUSTER | CREATE | id: string |
START | ||
TERMINATE | ||
ARCHIVE | ||
CLOUD | CREATE | name: string |
DELETE | ||
CLUSTER_ENV | CREATE | |
DELETE | ||
COMPUTE_CONFIG | CREATE | |
JOB | CREATE | |
TERMINATE | ||
ARCHIVE | ||
SERVICE | CREATE | |
TERMINATE | ||
WORKSPACE | CREATE | |
START | ||
TERMINATE | ||
DELETE |
Setup
Contact your Anyscale account team.