Set up Audit Logs
Table of contents
- What are audit logs?
- Audit log delivery
- Event details
- Events captured by the audit log
- Requirements
- Audit logs set up
What are audit logs?
Audit logs allow customers to track and view all the changes made in their organization. They provide visibility and are useful for investigating an incident or getting a detailed report on relevant events (such as changes to roles and permissions, users invited, spaces deleted, etc.).
This is only available for Premium and Premium plus customers.
The audit logs feature securely transfers this information to your own storage (an AWS S3 bucket or Azure Blob Store), ensuring that you have a clear and accessible history of actions for monitoring and analysis purposes.
Audit log delivery
During the private early access phase, audit logs are shipped to your AWS S3 Bucket or Azure Blob Store. Storing the audit logs in storage that you own helps you to have control and will allow you to ensure that audit logs are kept for as long as necessary. By storing the data in your own storage you have the following benefits:
- Consistency: This way you can apply the same rules and policies to this as you do for other similar data. You can control who has access to it.
- Data retention: This enables you to store it for as long as you need to maintain compliance for your company.
- Data analysis: And it allows you to serve this data to the tools you already use for analysis.
All delivered audit logs are provided in CSV format for compatibility and ease of analysis. The file format is contentful-audit-unstable-beta-ORGANIZATION-ID-YYYYYYMMDDTHHmmsssssZ.csv
.
Events captured by the audit log
Entities | Actions logged |
|
|
Field | Description |
request_time | The time when the action occurred. |
request_method | The type of HTTP Method used in the request. Included: PUT, DELETE, PATCH. Not included: GET and POST. |
request_path | The full path that was called in the request. |
request_query | The information with which the request was called and can be used to determine how the state was potentially altered. |
response_status | The HTTP response code of the request. Can be used to determine if a request was successful or not. |
content_length | The number of bytes returned in the response. |
space | Space ID this request was send to. |
route | Similar to the request_path except without params, which only includes the route structure. |
referrer | The referrer identifies which url the request came from. |
actor_id | The User or App ID which made the request. Example: `user:2YVRzNgF2sE64ooav1eKSd`,`app:6zsefpijez5t/master/klhjl46h34j5hlh46` |
Requirements
- AWS or Azure account: An active AWS or Azure account is necessary.
For further details, please contact our support
Stopping the audit logs delivery
To stop the delivery of the audit logs, please contact our support
Audit logs set up
To set up your infrastructure to receive Audit Logs, you will need to make some configuration changes and share some information with Contentful.
The exact process is dependant on your storage provider. Please follow the appropriate guide from the list: