Analysis of Data Use and Access
Audience: Data Owners
Content Summary: All activity in Immuta is audited. This process provides rich audit logs that detail who subscribes to each data source, why they subscribe, when they access data, what SQL queries and blob fetches they run, and which files they access. Audit logs can be used for a number of intentions, including insider threat surveillance and data access monitoring for billing purposes. Audit logs can also be shipped to your enterprise auditing capability.
To view all audit logs, a user must have the
AUDITpermission. However, Data Owners can run audit logs for their own data sources in the Immuta console, even if they don't have the AUDIT permission.
This page discusses the features and concepts associated with audit logs. Navigate to the Data Owner Audit Tutorial for step-by-step instructions on viewing audit logs for your data sources in the console.
For information about audit logs visible to users with the AUDIT permission, navigate to this section of our documentation.
Audit UI Functionality
Immuta provides access to audit logs of your data sources via the Audit page. Data Owners can filter the log entries a variety of ways, including by project purpose, blobId, remote query id, the entry timestamp, data source, project, record type, and user. Logs can also be sorted by ascending (oldest entries first) or descending (latest entries first) order. By default, 50 log entries are displayed to a page, but that can be changed to 100 or 200.
Audit Log Transport Details
Immuta's logging system is designed to easily connect with enterprise log collection and aggregation systems. Please see the Log Aggregation guide for full details.