mirror of https://github.com/coder/coder.git
9.6 KiB
9.6 KiB
Audit Logs
Audit Logs allows Auditors to monitor user operations in their deployment.
Tracked Events
We track the following resources:
Resource | |||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
AuditableGroup create, write, delete |
|
||||||||||||||||||||||||||||||||||||||
GitSSHKey create |
|
||||||||||||||||||||||||||||||||||||||
Template write, delete |
|
||||||||||||||||||||||||||||||||||||||
TemplateVersion create, write |
|
||||||||||||||||||||||||||||||||||||||
User create, write, delete |
|
||||||||||||||||||||||||||||||||||||||
Workspace create, write, delete |
|
||||||||||||||||||||||||||||||||||||||
WorkspaceBuild start, stop |
|
Filtering logs
In the Coder UI you can filter your audit logs using the pre-defined filter or by using the Coder's filter query like the examples below:
resource_type:workspace action:delete
to find deleted workspacesresource_type:template action:create
to find created templates
The supported filters are:
resource_type
- The type of the resource. It can be a workspace, template, user, etc. You can find here all the resource types that are supported.resource_id
- The ID of the resource.resource_target
- The name of the resource. Can be used instead ofresource_id
.action
- The action applied to a resource. You can find here all the actions that are supported.username
- The username of the user who triggered the action.email
- The email of the user who triggered the action.date_from
- The inclusive start date with formatYYYY-MM-DD
.date_to
- The inclusive end date with formatYYYY-MM-DD
.build_reason
- To be used withresource_type:workspace_build
, the initiator behind the build start or stop.
Enabling this feature
This feature is only available with an enterprise license. Learn more