Audit Logs
Audit Logs allows Auditors to monitor user operations in
their deployment.
Tracked Events
We track the following resources:
Resource |
|
AuditableGroup |
Field | Tracked |
---|
avatar_url | true | id | true | members | true | name | true | organization_id | false | quota_allowance | true |
|
GitSSHKey |
Field | Tracked |
---|
created_at | false | private_key | true | public_key | true | updated_at | false | user_id | true |
|
Organization |
Field | Tracked |
---|
created_at | false | description | true | id | true | name | true | updated_at | false |
|
OrganizationMember |
Field | Tracked |
---|
created_at | false | organization_id | true | roles | true | updated_at | false | user_id | true |
|
Template |
Field | Tracked |
---|
active_version_id | true | allow_user_cancel_workspace_jobs | true | created_at | false | created_by | true | default_ttl | true | deleted | false | description | true | display_name | true | group_acl | true | icon | true | id | true | is_private | true | min_autostart_interval | true | name | true | organization_id | false | provisioner | true | updated_at | false | user_acl | true |
|
TemplateVersion |
Field | Tracked |
---|
created_at | false | created_by | true | id | true | job_id | false | name | true | organization_id | false | readme | true | template_id | true | updated_at | false |
|
User |
Field | Tracked |
---|
avatar_url | false | created_at | false | deleted | true | email | true | hashed_password | true | id | true | last_seen_at | false | login_type | false | rbac_roles | true | status | true | updated_at | false | username | true |
|
Workspace |
Field | Tracked |
---|
autostart_schedule | true | created_at | false | deleted | false | id | true | last_used_at | false | name | true | organization_id | false | owner_id | true | template_id | true | ttl | true | updated_at | false |
|
WorkspaceBuild |
Field | Tracked |
---|
build_number | false | created_at | false | daily_cost | false | deadline | false | id | false | initiator_id | false | job_id | false | provisioner_state | false | reason | false | template_version_id | true | transition | false | updated_at | false | workspace_id | false |
|
Filtering logs
In the Coder UI you can filter your audit logs using the pre-defined filter or by using the Coder's filter query like the examples below:
resource_type:workspace action:delete
to find deleted workspaces
resource_type:template action:create
to find created templates
The supported filters are:
resource_type
- The type of the resource. It can be a workspace, template, user, etc. You can find here all the resource types that are supported.
resource_id
- The ID of the resource.
resource_target
- The name of the resource. Can be used instead of resource_id
.
action
- The action applied to a resource. You can find here all the actions that are supported.
username
- The username of the user who triggered the action.
email
- The email of the user who triggered the action.
date_from
- The inclusive start date with format YYYY-MM-DD
.
date_to
- The inclusive end date with format YYYY-MM-DD
.
build_reason
- To be used with resource_type:workspace_build
, the initiator behind the build start or stop.
Enabling this feature
This feature is only available with an enterprise license. Learn more