Audit logs
important
Anyscale doesn't enable audit logs by default.
Audit logs are only available on customer-hosted clouds. Reach out to support@anyscale.com
for more information.
Audit logs enables Anyscale to export logs for select user actions to an AWS S3 or GCP GCS bucket.
The following configurations are supported:
Name | Values |
---|---|
Export location |
|
Upload frequency |
|
File format |
|
Examples
AWS | GCP | |
---|---|---|
Files | ||
Folders |
Log contents
Anyscale uploads one file per entity on the configured frequency schedule. The files are outputted to the following path within the bucket:
/<org_id>/audit_logs/<entity>/<timestamp>.log.<file_format>
For example:
/org_123/audit_logs/cluster/1690300746.log.jsonl
The file consists of user action records. Each record conforms to the following schema:
{
"timestamp": string,
"user_id": string,
"source_ip": string,
"action": Action (enum), // see "Supported User Actions"
"entity": Entity (enum), // see "Supported User Actions"
"metadata": nullable object,
"user": {
"name": string,
"email": string
}
}
For example:
// User logged in
{
"timestamp": "2023-08-01 01:04:05.073682+00:00",
"user_id": "usr_123",
"source_ip": "1.2.3.4",
"action": "LOGIN",
"entity": "ACCESS",
"metadata": null,
"user": {
"name": "Jane",
"email": "jane@company.com"
}
}
// Cluster started
{
"timestamp": "2023-08-02 04:17:02.152921+00:00",
"user_id": "usr_123",
"source_ip": "1.2.3.4",
"action": "START",
"entity": "CLUSTER",
"metadata": {
"id": "ses_123"
},
"user": {
"name": "Bill",
"email": "bill@company.com"
}
}
Supported user actions
The full list of logged user actions are below:
Entity | Action | Metadata |
---|---|---|
USER | INVITE | invitee_email: string |
JOIN | ||
REMOVE | removee_id: string | |
MODIFY | modifee_id: string old_role: string new_role: string | |
PAYMENT | ADD | |
ACCESS | LOGIN | |
LOGOUT | ||
SUPPORT_ACCESS | LOGIN | |
REQUEST |
| |
BUDGET | CREATE | id: string |
DELETE | ||
MODIFY | id: string is_enabled: boolean budget_amount: string evaluation_period: string | |
RESOURCE_QUOTA | CREATE | id: string |
DELETE | ||
MODIFY | id: string is_enabled: boolean updated_resource_quota: dict | |
CLUSTER | CREATE | id: string |
START | ||
TERMINATE | ||
ARCHIVE | ||
CLOUD | CREATE | name: string |
DELETE | ||
CLUSTER_ENV | CREATE | |
DELETE | ||
COMPUTE_CONFIG | CREATE | |
JOB | CREATE | |
TERMINATE | ||
ARCHIVE | ||
SERVICE | CREATE | |
TERMINATE | ||
WORKSPACE | CREATE | |
START | ||
TERMINATE | ||
DELETE |
Setup
Contact your Anyscale account team.