mirror of https://github.com/coder/coder.git synced 2026-06-06 22:48:19 +00:00

Files

T

Kira Pilot e2bea2d20f chore: autogenerate audit log documentation (#5862 )

* added script for table creation

* added tags to audit-logs.md

* removed log

* removed empty block line

* PR feedback

* modify check_unstaged

* third times the charm maybe

* spelling

* relative path

* excluding from the right script this time

* sorted resources to ensure table order

* running make cmd

* running make again

* ensuring order on subtable

2023-01-26 18:12:12 -05:00

11 KiB

Raw Blame History

Audit Logs

Audit Logs allows Auditors to monitor user operations in their deployment.

Tracked Events

We track the following resources:

Resource

AuditableGroup

Field	Tracked
avatar_url	true
id	true
members	true
name	true
organization_id	false
quota_allowance	true

GitSSHKey

Field	Tracked
created_at	false
private_key	true
public_key	true
updated_at	false
user_id	true

Organization

Field	Tracked
created_at	false
description	true
id	true
name	true
updated_at	false

OrganizationMember

Field	Tracked
created_at	false
organization_id	true
roles	true
updated_at	false
user_id	true

Template

Field	Tracked
active_version_id	true
allow_user_cancel_workspace_jobs	true
created_at	false
created_by	true
default_ttl	true
deleted	false
description	true
display_name	true
group_acl	true
icon	true
id	true
is_private	true
min_autostart_interval	true
name	true
organization_id	false
provisioner	true
updated_at	false
user_acl	true

TemplateVersion

Field	Tracked
created_at	false
created_by	true
id	true
job_id	false
name	true
organization_id	false
readme	true
template_id	true
updated_at	false

User

Field	Tracked
avatar_url	false
created_at	false
deleted	true
email	true
hashed_password	true
id	true
last_seen_at	false
login_type	false
rbac_roles	true
status	true
updated_at	false
username	true

Workspace

Field	Tracked
autostart_schedule	true
created_at	false
deleted	false
id	true
last_used_at	false
name	true
organization_id	false
owner_id	true
template_id	true
ttl	true
updated_at	false

WorkspaceBuild

Field	Tracked
build_number	false
created_at	false
daily_cost	false
deadline	false
id	false
initiator_id	false
job_id	false
provisioner_state	false
reason	false
template_version_id	true
transition	false
updated_at	false
workspace_id	false

Filtering logs

In the Coder UI you can filter your audit logs using the pre-defined filter or by using the Coder's filter query like the examples below:

resource_type:workspace action:delete to find deleted workspaces
resource_type:template action:create to find created templates

The supported filters are:

resource_type - The type of the resource. It can be a workspace, template, user, etc. You can find here all the resource types that are supported.
resource_id - The ID of the resource.
resource_target - The name of the resource. Can be used instead of resource_id.
action- The action applied to a resource. You can find here all the actions that are supported.
username - The username of the user who triggered the action.
email - The email of the user who triggered the action.
date_from - The inclusive start date with format YYYY-MM-DD.
date_to - The inclusive end date with format YYYY-MM-DD.
build_reason - To be used with resource_type:workspace_build, the initiator behind the build start or stop.

Enabling this feature

This feature is only available with an enterprise license. Learn more

11 KiB Raw Blame History

Audit Logs

Tracked Events

Filtering logs

Enabling this feature

11 KiB

Raw Blame History