Audit

Immuta provides robust audit logging on actions within the application and on queries in native technologies like Snowflake, Databricks, and Unity Catalog. Users with the audit permission can view the audit page in Immuta and export audit logs to S3 or ADLS Gen2.

How-to guides

• Export audit logs to S3: Use the CLI or GraphQL to export Immuta audit logs to S3. These logs can then be stored long-term, used for compliance, or viewed in analytic platforms.

• Export audit logs to ADLS Gen2: Use the CLI or GraphQL to export Immuta audit logs to ADLS Gen2. These logs can then be stored long-term, used for compliance, or viewed in analytic platforms.

Reference guides

• Audit overview: This reference guide describes Immuta's universal audit model, the events available in this model, and the recommended audit workflow.

• Query audit logs: These reference guides describe the audit available for the specific integration, details about enabling and configuring audit, and an example schema.

  • Snowflake audit logs

  • Databricks Unity Catalog audit logs

  • Databricks audit logs

• Unknown users in audit logs: Unity Catalog native query audit brings in audit information for all tables and data sources, so some audit logs are created from activity by users not registered in Immuta. These audit records will appear in Immuta, providing valuable information of activity, with the username Unknown. This guide illustrates how to determine the username of these Unknown users and register them in Immuta.

• Governance reports: This reference guide describes the different reports available in Immuta.

Deprecated audit guides

How-to guide

Download audit logs: Download Immuta legacy audit logs through the API.

Reference guides

• Legacy to UAM migration: Understand the audit events from UAM that map to legacy audit events.

• System audit logs: Understand the legacy audit logs available through the API.