Universal audit model (UAM) is Immuta's consistent structure for all Immuta system and user query audit logs. This reference guide maps the legacy audit events to the new UAM events and provides example schemas of all the UAM events available in Immuta.
To learn more about Immuta's audit, see the
Events and descriptions
Legacy event
UAM event
Description
An audit event for managing a group.
An audit event for managing a user.
An audit event for acknowledging a purpose for a project in Immuta.
An audit event for adding a data source to an Immuta project.
An audit event for when an API key is created or deleted on the Immuta app settings page or from an Immuta user's profile page.
An audit event for a user authenticating in Immuta.
An audit event for a user logging out of Immuta.
An audit event for syncing an external catalog to tag Immuta data sources.
An audit event for updates to the configuration on the Immuta app settings page.
An audit event for creating a domain.
collectionDataSourceAdded
An audit event for updating a domain's data sources.
collectionDataSourceRemoved
An audit event for updating a domain's data sources.
collectionDataSourceUpdated
An audit event for updating a domain's data sources.
An audit event for deleting a domain.
collectionPermissionGranted
An audit event for granting or revoking a user's domain-related permissions.
collectionPermissionRevoked
An audit event for granting or revoking a user's domain-related permissions.
An audit event for updating an Immuta domain.
An audit event for registering a table as an Immuta data source.
An audit event for deleting a data source in Immuta.
An audit event for disabling a data source in Immuta.
An audit event for updating a data source with the new data source details.
The events for data source and project subscriptions.
An audit event for updating a data source with the new data source details.
An audit event for updating user details in Immuta.
An audit event for applying a global policy to a data source.
globalPolicyApprovalRescinded
An audit event for a global policy approval rescinded in the approve to promote workflow.
An audit event for a global policy approved in the approve to promote workflow.
An audit event for a global policy being certified by a data owner for their data source.
An audit event for a global policy being decertified on a data source.
globalPolicyChangeRequested
An audit event for requested edits on a global policy in the approve to promote workflow.
globalPolicyConflictResolved
An audit event for a global policy conflict being resolved on a data source.
An audit event for creating a global policy.
An audit event for deleting a global policy.
An audit event for a data owner disabling a global policy from their data source.
An audit event for when a global policy is fully approved and promoted to production in the approve to promote workflow.
An audit event for a data owner removing a global policy from their data source.
globalPolicyReviewRequested
An audit event for when a global policy is ready and requests a review in the approve to promote workflow.
An audit event for updating a global policy with the new global policy details.
An audit event for creating an Immuta license.
An audit event for deleting an Immuta license.
An audit event for creating a policy adjustment in an Immuta project.
An audit event for deleting a policy adjustment in an Immuta project.
policyCertificationExpired
An audit event for a global policy certification expiring on a data source.
An audit event for creating a local policy for an Immuta data source.
An audit event for updating a local policy on an Immuta data source.
An audit event for creating a project in Immuta.
An audit event for deleting a project in Immuta.
An audit event for disabling a project in Immuta.
An audit event for approving a purpose for a project in Immuta.
An audit event for denying a purpose for a project in Immuta.
The events for data source and project subscriptions.
An audit event for updating a project in Immuta.
An audit event for deleting a purpose in Immuta.
An audit event for updating a purpose in Immuta.
An audit event for creating a purpose in Immuta.
An audit event for removing a data source from a project.
An audit event for creating a sensitive data discovery (SDD) column name regex, regex, or dictionary identifier.
An audit event for deleting a sensitive data discovery (SDD) identifier.
An audit event for updating a sensitive data discovery (SDD) column name regex, regex, or dictionary identifier.
An audit event for the results from a sensitive data discovery (SDD) run that updates the tags on Immuta data sources.
An audit event for applying an identification framework to data sources.
An audit event for creating an identification framework.
An audit event for deleting an identification framework.
An audit event for updating an identification framework.
An audit event for applying a tag to an object in Immuta.
An audit event for creating a tag in Immuta.
An audit event for deleting a tag in Immuta.
An audit event for removing a tag from an object in Immuta.
An audit event for updating a tag in Immuta.
An audit event for creating an Immuta webhook.
An audit event for deleting an Immuta webhook.
ApiKeyCreated event
Description : An audit event for when an API key is created on the Immuta app settings page or from an Immuta user's profile page.
Copy {
"relatedResources": [],
"auditPayload": {
"type": "ApiKeyCreatedAuditPayload",
"apiKeyId": "1112158",
"name": "T1",
"version": 1
},
"action": "CREATE",
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"eventTimestamp": "2024-01-25T18:04:58.368Z",
"actor": {
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR",
"name": "Taylor Smith"
},
"targetType": "APIKEY",
"id": "d9dc3cee-98d0-47d6-ba81-e0b38f9f4014",
"receivedTimestamp": "2024-01-25T18:04:58.505Z",
"actorIp": "xxx.xx.xx.xx",
"targets": [],
"requestId": "60c68659-ac83-5299-bf3e-14856178a0de",
"sessionId": "9c553d7ace0aa3ee735fd3c14f737bc6"
} ApiKeyDeleted event
Description : An audit event for when an API key is deleted on the Immuta app settings page or from an Immuta user's profile page.
Copy {
"id": "fe47ddd1-fd22-4dcf-9648-83950a10ef34",
"targetType": "APIKEY",
"receivedTimestamp": "2024-01-25T18:08:28.891Z",
"actor": {
"type": "USER_ACTOR",
"identityProvider": "bim",
"id": "taylor@immuta.com",
"profileId": "1",
"name": "Taylor Smith"
},
"requestId": "220c7faa-7f56-5d8c-aa31-8ac2212b7707",
"sessionId": "9c553d7ace0aa3ee735fd3c14f737bc6",
"targets": [],
"actorIp": "xxx.xx.xx.xx",
"relatedResources": [],
"auditPayload": {
"type": "ApiKeyDeletedAuditPayload",
"apiKeyId": "1112158",
"version": 1
},
"eventTimestamp": "2024-01-25T18:08:21.319Z",
"action": "DELETE",
"actionStatus": "SUCCESS",
"tenantId": "your-immuta-tenant.com"
} AttributeApplied event
Legacy events : accessUser and accessGroup
Description : An audit event for an attribute applied to a group or user.
Additional parameter details : targetType will specify whether the attribute was added to a USER or GROUP.
Copy {
"actorIp": "xxx.xx.xx.xx",
"targets": [
{
"name": "Deepu Murty",
"id": "deepu@immuta.com",
"identityProvider": "bim",
"profileId": "20",
"type": "USER"
}
],
"requestId": "e45652cd-4d00-5def-8e8c-aca696822fc2",
"sessionId": "cdbffff8804103418350947c6586712c",
"actor": {
"type": "USER_ACTOR",
"profileId": "1",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"name": "Taylor Smith"
},
"id": "63f111a7-0835-4696-8fdb-188130c44fac",
"targetType": "USER",
"receivedTimestamp": "2023-09-13T14:36:02.926Z",
"action": "ATTRIBUTE_APPLY",
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"eventTimestamp": "2023-09-13T14:36:02.688Z",
"relatedResources": [
{
"values": ["Product"],
"name": "Department",
"id": "department",
"type": "ATTRIBUTE"
}
],
"auditPayload": {
"entityType": "USER",
"type": "AttributeAppliedAuditPayload",
"version": 1,
"attributes": [
{
"values": ["Product"],
"attribute": "Department"
}
],
"entityIdProvider": "bim",
"entityId": "deepu@immuta.com"
}
} AttributeRemoved event
Legacy events : accessUser and accessGroup
Description : An audit event for an attribute removed from a group or user.
Additional parameter details : targetType will specify whether the attribute was removed from a USER or GROUP.
Copy {
"relatedResources": [
{
"values": ["UNCLASSIFIED"],
"name": "classification",
"id": "classification",
"type": "ATTRIBUTE"
}
],
"auditPayload": {
"type": "AttributeRemovedAuditPayload",
"entityType": "USER",
"version": 1,
"attributes": [
{
"values": ["UNCLASSIFIED"],
"attribute": "classification"
}
],
"entityIdProvider": "bim",
"entityId": "deepu@immuta.com"
},
"action": "ATTRIBUTE_REMOVE",
"actionStatus": "SUCCESS",
"tenantId": "your-immuta-tenant.com",
"eventTimestamp": "2024-02-20T19:46:50.259Z",
"actor": {
"profileId": "1",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"type": "USER_ACTOR",
"name": "Taylor Smith"
},
"id": "0fd77c61-f08a-488c-9d10-c356ffea0d11",
"targetType": "USER",
"receivedTimestamp": "2024-02-20T19:46:50.426Z",
"targets": [
{
"name": "Deepu Murty",
"type": "USER",
"id": "deepu@immuta.com",
"identityProvider": "bim",
"profileId": "20"
}
],
"actorIp": "xxx.xx.xx.xx",
"requestId": "146ec771-ec2e-5f40-8551-1dbc38e64078",
"sessionId": "893db38b8f1977fda75f60d168c4e74e"
} ConfigurationUpdated event
Event : ConfigurationUpdated
Legacy event : configurationUpdate
Description : An audit event for updates to the configuration on the Immuta app settings page.
Copy {
"eventTimestamp": "2023-12-04T18:38:25.801Z",
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"action": "CONFIGURATION_UPDATED",
"auditPayload": {
"version": 1,
"type": "ConfigurationUpdatedAuditPayload",
"changeSet": {
"plugins": {
"policy": {
"approveToPromote": {
"requiredApprovalCount": [
{
"newValue": 1,
"oldValue": 2
}
]
}
}
}
},
"configurationId": "20"
},
"relatedResources": [],
"sessionId": "aed83ab8b46affcb1169532dada92b72",
"requestId": "c80f510f-3f55-5450-8dea-d5e243708686",
"targets": [
{
"name": "20",
"type": "CONFIGURATION",
"id": "20"
}
],
"actorIp": "xxx.xx.xx.xx",
"receivedTimestamp": "2023-12-04T18:38:26.039Z",
"id": "3989e233-c791-43e9-813f-7738f4c8e26b",
"targetType": "CONFIGURATION",
"actor": {
"identityProvider": "bim",
"id": "taylor@immuta.com",
"profileId": "1",
"type": "USER_ACTOR",
"name": "Taylor Smith"
}
} DatasourceAppliedToProject event
Event : DatasourceAppliedToProject
Legacy event : addToProject
Description : An audit event for adding a data source to an Immuta project.
Copy {
"auditPayload": {
"type": "DatasourceAppliedToProjectAuditPayload",
"errors": [],
"projectId": "2",
"version": 1,
"datasources": [
{
"id": "2",
"name": "Public Case"
}
]
},
"sessionId": "6b928653b1411078647a2764a72beca6",
"targets": [
{
"projectKey": "HumanResources",
"id": "2",
"type": "PROJECT",
"name": "Human Resources"
}
],
"action": "DATASOURCE_APPLY",
"id": "8106b44f-cf56-4ca2-a111-641d0e80e6ff",
"targetType": "PROJECT",
"actionStatus": "SUCCESS",
"relatedResources": [
{
"id": "2",
"technology": "SNOWFLAKE",
"type": "DATASOURCE",
"name": "Public Case"
}
],
"actor": {
"id": "taylor@immuta.com",
"profileId": "1",
"name": "Taylor Smith",
"identityProvider": "bim",
"type": "USER_ACTOR"
},
"eventTimestamp": "2023-10-13T14:08:20.427Z",
"actorIp": "xxx.xx.xx.xx",
"requestId": "8823f3f0-4e46-590c-bbb2-209cce750ff9",
"tenantId": "your-immuta-tenant.com",
"receivedTimestamp": "2023-10-13T14:08:20.660Z"
} DatasourceCatalogSynced event
Event : DatasourceCatalogSynced
Legacy event : catalogUpdate
Description : An audit event for syncing an external catalog to tag Immuta data sources.
Copy {
"tenantId": "your-immuta-tenant.com",
"action": "CATALOG_SYNC",
"actor": {
"type": "USER_ACTOR",
"identityProvider": "bim",
"name": "Taylor Smith",
"profileId": "1",
"id": "taylor@immuta.com"
},
"targetType": "DATASOURCE",
"actionStatus": "SUCCESS",
"eventTimestamp": "2023-04-14T16:48:21.159Z",
"id": "159d4299-fca5-47cb-aa6b-81d93bafa526",
"targets": [
{
"id": "9",
"name": "Public case",
"technology": "SNOWFLAKE",
"type": "DATASOURCE"
}
],
"relatedResources": [],
"receivedTimestamp": "2023-04-14T16:48:21.209Z",
"auditPayload": {
"datasourceId": "9",
"changes": {
"before": {
"catalogId": null,
"documentation": null,
"dictionary": [
{
"tags": [],
"columnName": "country"
},
{
"columnName": "date",
"tags": []
},
{
"tags": [],
"columnName": "fastest_qualifying"
},
{
"columnName": "location",
"tags": []
},
{
"columnName": "round",
"tags": []
},
{
"columnName": "winning_aircraft",
"tags": []
},
{
"tags": [],
"columnName": "winning_pilot"
}
],
"tableTags": null,
"description": null
},
"after": {
"description": "",
"tableTags": null,
"dictionary": [
{
"columnName": "country",
"description": "",
"tags": []
},
{
"tags": [],
"description": "",
"columnName": "date"
},
{
"tags": [],
"columnName": "fastest_qualifying",
"description": ""
},
{
"tags": [],
"columnName": "location",
"description": ""
},
{
"columnName": "round",
"description": "",
"tags": []
},
{
"tags": [],
"description": "",
"columnName": "winning_aircraft"
},
{
"columnName": "winning_pilot",
"description": "",
"tags": []
}
],
"catalogId": "immuta-product_engineering"
}
},
"type": "DatasourceCatalogSyncedAuditPayload"
}
} DatasourceCreated event
Legacy event : dataSourceCreate
Description : An audit event for registering a table as an Immuta data source.
Copy {
"id": "dc0b7313-ecc9-42f1-ba33-df0a1a753c08",
"action": "CREATE",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"tenantId": "your-immuta-tenant.com",
"targetType": "DATASOURCE",
"targets": [
{
"type": "DATASOURCE",
"id": "102",
"name": "Pgboss Job",
"technology": "POSTGRESQL"
}
],
"relatedResources": [
{
"type": "CONNECTION",
"id": "4",
"name": "data-source-connection-name",
"connectionKey": "data-source-connection-key"
}
],
"auditPayload": {
"type": "DatasourceCreatedAuditPayload",
"version": 1,
"description": null,
"documentation": null,
"expiration": null,
"columnDetectionEnabled": true,
"disabled": false,
"technology": "POSTGRESQL",
"connectionId": "4",
"table": "job",
"schema": "pgboss",
"sensitiveDataDiscoveryEnabled": true
},
"eventTimestamp": "2024-02-22T13:59:04.681Z",
"receivedTimestamp": "2024-02-22T13:59:04.715Z"
} DatasourceDeleted event
Legacy event : dataSourceDelete
Description : An audit event for deleting a data source in Immuta.
Copy {
"id": "1403b675-70f6-4833-ab4c-a7486c63f494",
"action": "DELETE",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"tenantId": "your-immuta-tenant.com",
"targetType": "DATASOURCE",
"targets": [
{
"type": "DATASOURCE",
"id": "93",
"name": "Audit",
"technology": "POSTGRESQL"
}
],
"relatedResources": [],
"auditPayload": {
"type": "DatasourceDeletedAuditPayload",
"version": 1,
"datasourceId": "93",
"name": "Audit",
"technology": "POSTGRESQL"
},
"eventTimestamp": "2024-02-22T14:20:42.379Z",
"receivedTimestamp": "2024-02-22T14:20:42.392Z"
} DatasourceDisabled event
Event : DatasourceDisabled
Description : An audit event for disabling a data source in Immuta.
Copy {
"id": "a09b9bc3-3775-4496-87ec-b808cf649794",
"sessionId": "0fcaaf9c074330b4b875746c2e52739c",
"requestId": "153fe145-32a0-5c33-930d-c571c1d7748d",
"action": "DISABLE",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"targetType": "DATASOURCE",
"targets": [
{
"type": "DATASOURCE",
"id": "57",
"name": "Activity",
"technology": "POSTGRESQL"
}
],
"relatedResources": [],
"auditPayload": {
"type": "DatasourceDisabledAuditPayload",
"version": 1,
"datasourceId": "57",
"name": "Activity",
"technology": "POSTGRESQL"
},
"eventTimestamp": "2024-02-22T14:22:20.039Z",
"receivedTimestamp": "2024-02-22T14:22:20.183Z"
} DatasourceGlobalPolicyApplied event
Event : DatasourceGlobalPolicyApplied
Legacy event : globalPolicyApplied
Description : An audit event for applying a global policy to a data source.
Copy {
"receivedTimestamp": "2023-10-24T18:06:27.645Z",
"auditPayload": {
"conflict": null,
"version": 1,
"policy": {
"actions": [
{
"dataPolicyType": "MASKING",
"rules": [
{
"exceptions": null,
"type": "MASKING_HASH",
"fields": ["AWARD_ID"],
"ruleAppliedForUser": false
}
],
"type": "DATA",
"global": false,
"rationale": null
}
],
"type": "DATA"
},
"type": "DatasourceGlobalPolicyAppliedAuditPayload"
},
"relatedResources": [
{
"policyKey": "Mask PII",
"name": "Mask PII",
"type": "GLOBAL_POLICY",
"id": "7"
}
],
"id": "7f57d63a-5db8-412a-ad93-c6baa61384b3",
"targetType": "DATASOURCE",
"actor": {
"profileId": "1",
"identityProvider": "bim",
"id": "taylor@immuta.com",
"type": "USER_ACTOR",
"name": "Taylor Smith"
},
"eventTimestamp": "2023-10-24T18:06:27.617Z",
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"targets": [
{
"id": "47",
"type": "DATASOURCE",
"technology": "SNOWFLAKE",
"name": "Public case"
}
],
"action": "POLICY_APPLIED"
} DatasourceGlobalPolicyConflictResolved event
Event : DatasourceGlobalPolicyConflictResolved
Legacy event : globalPolicyConflictResolved
Description : An audit event for a global policy conflict being resolved on a data source.
Copy {
"actor": {
"name": "Taylor Smith",
"profileId": "1",
"identityProvider": "bim",
"id": "taylor@immuta.com",
"type": "USER_ACTOR"
},
"id": "ac9c699a-aad0-4899-964c-279cd7eba125",
"targetType": "DATASOURCE",
"relatedResources": [],
"auditPayload": {
"type": "DatasourceGlobalPolicyConflictResolvedAuditPayload",
"version": 1
},
"receivedTimestamp": "2023-10-24T18:34:04.330Z",
"action": "POLICY_CONFLICT_RESOLVED",
"targets": [
{
"name": "Public case",
"technology": "SNOWFLAKE",
"id": "47",
"type": "DATASOURCE"
}
],
"actionStatus": "SUCCESS",
"tenantId": "your-immuta-tenant.com",
"eventTimestamp": "2023-10-24T18:34:04.301Z"
} DatasourceGlobalPolicyDisabled event
Event : DatasourceGlobalPolicyDisabled
Legacy event : globalPolicyDisabled
Description : An audit event for a data owner disabling a global policy from their data source.
Copy {
"relatedResources": [
{
"id": "7",
"type": "GLOBAL_POLICY",
"name": "Mask PII",
"policyKey": "mask pii"
}
],
"targetType": "DATASOURCE",
"id": "4853154c-8825-4138-800d-913cbab56af6",
"receivedTimestamp": "2023-10-24T18:13:25.004Z",
"auditPayload": {
"version": 1,
"type": "DatasourceGlobalPolicyDisabledAuditPayload"
},
"actor": {
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR",
"name": "Taylor Smith"
},
"eventTimestamp": "2023-10-24T18:13:24.975Z",
"action": "POLICY_DISABLED",
"targets": [
{
"id": "47",
"type": "DATASOURCE",
"name": "Public case",
"technology": "SNOWFLAKE"
}
],
"actionStatus": "SUCCESS",
"tenantId": "your-immuta-tenant.com"
} DatasourceGlobalPolicyRemoved event
Event : DatasourceGlobalPolicyRemoved
Legacy event : globalPolicyRemoved
Description : An audit event for a data owner removing a global policy from their data source.
Copy {
"actor": {
"name": "Taylor Smith",
"type": "USER_ACTOR",
"identityProvider": "bim",
"id": "taylor@immuta.com",
"profileId": "1"
},
"auditPayload": {
"type": "DatasourceGlobalPolicyRemovedAuditPayload",
"conflict": null,
"policy": {
"type": "DATA",
"actions": [
{
"dataPolicyType": "MASKING",
"rationale": null,
"global": false,
"type": "DATA",
"rules": [
{
"type": "MASKING_HASH",
"exceptions": null,
"ruleAppliedForUser": false,
"fields": ["PII"]
}
]
}
]
},
"version": 1
},
"receivedTimestamp": "2023-10-24T18:06:27.635Z",
"id": "4a27ab2f-156e-4cff-a3bc-65184d74ccd5",
"targetType": "DATASOURCE",
"relatedResources": [
{
"policyKey": "mask pii",
"name": "Mask PII",
"id": "7",
"type": "GLOBAL_POLICY"
}
],
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"targets": [
{
"type": "DATASOURCE",
"id": "47",
"name": "Public case",
"technology": "SNOWFLAKE"
}
],
"action": "POLICY_REMOVED",
"eventTimestamp": "2023-10-24T18:06:27.617Z"
} DatasourcePolicyCertificationExpired event
Event : DatasourcePolicyCertificationExpired
Legacy event : policyCertificationExpired
Description : An audit event for a global policy certification expiring on a data source.
Copy {
"actionStatus": "SUCCESS",
"tenantId": "your-immuta-tenant.com",
"targets": [
{
"technology": "SNOWFLAKE",
"name": "Public case",
"type": "DATASOURCE",
"id": "47"
}
],
"action": "DECERTIFY_POLICY",
"eventTimestamp": "2023-10-16T19:49:25.365Z",
"actor": {
"type": "SYSTEM_ACCOUNT",
"id": "immuta_system_account",
"name": "Immuta System Account"
},
"auditPayload": {
"expirationDate": "2023-10-16T19:49:25.365Z",
"type": "DatasourcePolicyCertificationExpiredAuditPayload",
"version": 1
},
"receivedTimestamp": "2023-10-16T19:49:25.387Z",
"targetType": "DATASOURCE",
"id": "aedc4025-d888-4407-b837-659dca4d0e80",
"relatedResources": [
{
"type": "GLOBAL_POLICY",
"id": "7",
"policyKey": "mask pii",
"name": "Mask PII"
}
]
} DatasourcePolicyCertified event
Event : DatasourcePolicyCertified
Legacy event : globalPolicyCertify
Description : An audit event for a global policy being certified by a data owner for their data source.
Copy {
"receivedTimestamp": "2023-10-03T18:35:32.666Z",
"id": "04947a9b-0206-4c2d-bce0-0d969b68350b",
"targetType": "DATASOURCE",
"actor": {
"type": "USER_ACTOR",
"profileId": "1",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"name": "Taylor Smith"
},
"sessionId": "95ca3d7f5d3d2a2b82cecb3ff1051b63",
"requestId": "bf443424-2e49-5a13-9009-8b527a3f65f3",
"targets": [
{
"id": "44",
"type": "DATASOURCE",
"technology": "SNOWFLAKE",
"name": "Public case"
}
],
"actorIp": "xxx.xx.xx.xx",
"auditPayload": {
"type": "DatasourcePolicyCertifiedAuditPayload",
"columns": [
{
"name": "Full name",
"tags": [
{
"deleted": false,
"id": "23",
"type": "TAG",
"context": "manual",
"source": "curated",
"name": "PII"
}
]
}
],
"certificationDate": "2023-10-03T18:35:32.607Z",
"version": 1
},
"relatedResources": [
{
"type": "GLOBAL_POLICY",
"id": "3",
"name": "Mask PHI",
"policyKey": "Mask PHI"
}
],
"eventTimestamp": "2023-10-03T18:35:32.484Z",
"actionStatus": "SUCCESS",
"tenantId": "your-immuta-tenant.com",
"action": "POLICY_CERTIFY"
} DatasourcePolicyDecertified event
Event : DatasourcePolicyDecertified
Description : An audit event for a global policy being decertified on a data source.
Copy {
"actorIp": "xxx.xx.xx.xx",
"targets": [
{
"id": "44",
"type": "DATASOURCE",
"technology": "SNOWFLAKE",
"name": "Public case"
}
],
"requestId": "270aa26c-e424-53cf-af06-d290c8bfa308",
"sessionId": "95ca3d7f5d3d2a2b82cecb3ff1051b63",
"actor": {
"identityProvider": "bim",
"id": "taylor@immuta.com",
"profileId": "1",
"type": "USER_ACTOR",
"name": "Taylor Smith"
},
"targetType": "DATASOURCE",
"id": "31c902a8-5cbc-4171-baaa-2428080fac91",
"receivedTimestamp": "2023-10-03T19:25:34.166Z",
"action": "DECERTIFY_POLICY",
"actionStatus": "SUCCESS",
"tenantId": "your-immuta-tenant.com",
"eventTimestamp": "2023-10-03T19:25:34.094Z",
"relatedResources": [
{
"name": "Mask PII",
"policyKey": "mask pii",
"id": "7",
"type": "GLOBAL_POLICY"
}
],
"auditPayload": {
"version": 1,
"type": "DatasourcePolicyDecertifiedAuditPayload",
"decertificationDate": "2023-10-03T19:25:34.121Z"
}
} DatasourceRemovedFromProject event
Event : DatasourceRemovedFromProject
Legacy event : removeFromProject
Description : An audit event for removing a data source from a project.
Copy {
"id": "77de32df-1655-4618-b0bf-e6883483a151",
"sessionId": "285574f9f1fd35b1fc7dba060e0786a2",
"requestId": "e35f9736-f206-53fd-ab02-043bce216e52",
"action": "DATASOURCE_REMOVE",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"targetType": "PROJECT",
"targets": [
{
"type": "PROJECT",
"name": "Human Resources",
"id": "13",
"projectKey": "humanresources"
}
],
"relatedResources": [
{
"type": "DATASOURCE",
"id": "54",
"name": "Customers",
"technology": "POSTGRESQL"
}
],
"auditPayload": {
"type": "DatasourceRemovedFromProjectAuditPayload",
"version": 1,
"projectId": "13",
"datasources": [
{
"id": "54",
"name": "Customers"
}
],
"errors": []
},
"eventTimestamp": "2024-02-29T18:19:08.881Z",
"receivedTimestamp": "2024-02-29T18:19:09.071Z"
} DatasourceUpdated event
Legacy events : dataSourceUpdate and dataSourceSave
Description : An audit event for updating a data source with the new data source details.
Copy {
"id": "d6e6115a-e508-4ace-83af-5b6da9a25884",
"action": "UPDATE",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"tenantId": "your-immuta-tenant.com",
"targetType": "DATASOURCE",
"targets": [
{
"type": "DATASOURCE",
"id": "66",
"name": "Public case",
"technology": "POSTGRESQL"
}
],
"relatedResources": [],
"auditPayload": {
"type": "DatasourceUpdatedAuditPayload",
"version": 1,
"name": "Public case",
"description": null,
"documentation": "New documentation to descripe the table.",
"expiration": null,
"columnDetectionEnabled": true,
"disabled": false,
"datasourceId": "66"
},
"eventTimestamp": "2024-02-22T14:24:45.048Z",
"receivedTimestamp": "2024-02-22T14:24:45.069Z"
} DomainCreated event
Legacy event : collectionCreated
Description : An audit event for creating a domain.
Copy {
"sessionId": "227c3dbbbfe78ecd693c84979a930c22",
"actionStatus": "SUCCESS",
"targetType": "DOMAIN",
"actorIp": "xxx.xx.xx.xx",
"receivedTimestamp": "2023-12-20T20:01:03.651Z",
"requestId": "460ce02b-30d5-5e68-bff0-b31e6ea44ba0",
"id": "f99bc30e-13f6-4041-a0ad-20750a27519e",
"actor": {
"id": "taylor@immuta.com",
"name": "Taylor Smith",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"action": "CREATE",
"tenantId": "your-immuta-tenant.com",
"auditPayload": {
"domain": {
"description": "A domain for financial data.",
"name": "Finance Domain",
"domainType": "DOMAIN",
"id": "11e7011d-a365-4933-abcb-d5febc03d310"
},
"version": 1,
"type": "DomainCreatedAuditPayload"
},
"relatedResources": [],
"targets": [
{
"name": "Finance Domain",
"domainType": "domain",
"type": "DOMAIN",
"id": "11e7011d-a365-4933-abcb-d5febc03d310"
}
],
"eventTimestamp": "2023-12-20T20:01:03.065Z"
} DomainDataSourcesUpdated event
Event : DomainDataSourcesUpdated
Legacy events : collectionDataSourceAdded, collectionDataSourceRemoved, and collectionDataSourceUpdated
Description : An audit event for updating a domain's data sources.
Additional parameter details : auditPayload.updateType will specify whether the data source was added to or removed from the domain.
Copy {
"action": "MODIFY_DOMAIN",
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"targetType": "DOMAIN",
"modifiedResourceType": "DATASOURCE",
"actor": {
"type": "USER_ACTOR",
"profileId": "1",
"identityProvider": "bim",
"name": "Taylor Smith",
"id": "taylor@immuta.com"
},
"id": "bef14718-5fa8-4891-bb9e-47f7a332a70b",
"eventTimestamp": "2023-12-20T20:23:14.432Z",
"auditPayload": {
"updateType": "ADD",
"version": 1,
"type": "DomainDataSourcesUpdatedAuditPayload"
},
"receivedTimestamp": "2023-12-20T20:23:14.456Z",
"relatedResources": [
{
"name": "Public case",
"type": "DATASOURCE",
"technology": "POSTGRESQL",
"id": "381"
}
],
"targets": [
{
"id": "11e7011d-a365-4933-abcb-d5febc03d310",
"name": "Finance Domain",
"domainType": "domain",
"type": "DOMAIN"
}
]
} DomainDeleted event
Legacy event : collectionDeleted
Description : An audit event for deleting a domain.
Copy {
"relatedResources": [],
"targets": [
{
"type": "DOMAIN",
"name": "Finance Domain",
"domainType": "DOMAIN",
"id": "6eb5a6df-67d8-4de7-adbd-24eb7271eaea"
}
],
"auditPayload": {
"version": 1,
"domain": {
"id": "6eb5a6df-67d8-4de7-adbd-24eb7271eaea",
"name": "Finance Domain",
"domainType": "DOMAIN"
},
"type": "DomainDeletedAuditPayload"
},
"eventTimestamp": "2023-12-20T20:21:13.981Z",
"actor": {
"id": "kris@immuta.com",
"identityProvider": "bim",
"name": "Taylor Smith",
"profileId": "1",
"type": "USER_ACTOR"
},
"tenantId": "your-immuta-tenant.com",
"action": "DELETE",
"requestId": "7884603d-8911-5f33-a9a7-d8560eb49a89",
"receivedTimestamp": "2023-12-20T20:21:14.077Z",
"id": "3a82ceb6-6592-4ddf-9055-6920d87bba32",
"actionStatus": "SUCCESS",
"targetType": "DOMAIN",
"sessionId": "227c3dbbbfe78ecd693c84979a930c22",
"actorIp": "xxx.xx.xx.xx"
} DomainPermissionsUpdated event
Event : DomainPermissionsUpdated
Legacy events : collectionPermissionGranted and collectionPermissionRevoked
Description : An audit event for granting or revoking a user's domain-related permissions.
Additional parameter details : auditPayload.updateType will specify whether the permission was granted to or revoked from a user.
Copy {
"eventTimestamp": "2023-12-20T20:01:03.065Z",
"relatedResources": [
{
"type": "USER",
"name": "Taylor Smith",
"identityProvider": "bim",
"profileId": "1",
"id": "taylor@immuta.com"
},
{
"type": "USER",
"profileId": "1",
"name": "Taylor Smith",
"identityProvider": "bim",
"id": "taylor@immuta.com"
}
],
"targets": [
{
"name": "Finance Domain",
"domainType": "domain",
"type": "DOMAIN",
"id": "11e7011d-a365-4933-abcb-d5febc03d310"
}
],
"auditPayload": {
"updateType": "GRANT",
"version": 1,
"permissionUpdates": [
{
"permission": "MANAGE_POLICIES",
"profileId": "1"
}
],
"type": "DomainPermissionsUpdatedAuditPayload"
},
"tenantId": "your-immuta-tenant.com",
"action": "MODIFY_DOMAIN",
"actor": {
"identityProvider": "bim",
"name": "Taylor Smith",
"profileId": "1",
"type": "USER_ACTOR",
"id": "taylor@immuta.com"
},
"modifiedResourceType": "USER",
"id": "377ee78b-74da-4466-bdc1-22d531c1f61c",
"requestId": "460ce02b-30d5-5e68-bff0-b31e6ea44ba0",
"receivedTimestamp": "2023-12-20T20:01:03.576Z",
"actorIp": "xxx.xx.xx.xx",
"sessionId": "227c3dbbbfe78ecd693c84979a930c22",
"targetType": "DOMAIN",
"actionStatus": "SUCCESS"
} DomainUpdated event
Legacy event : collectionUpdated
Description : An audit event for updating an Immuta domain.
Copy {
"id": "d61d6ac9-2897-4d34-84f3-16181ddb9212",
"sessionId": "adba345c6949d7f7761367c0769b983d",
"requestId": "9a64147e-5b57-5905-9e7c-54b5a5c461c8",
"action": "UPDATE",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"targetType": "DOMAIN",
"targets": [
{
"type": "DOMAIN",
"id": "69347b14-1cda-41e1-9186-e85853158299",
"name": "Finance Domain v2",
"domainType": "domain"
}
],
"relatedResources": [],
"auditPayload": {
"type": "DomainUpdatedAuditPayload",
"modifiedFields": [
"name",
"description"
],
"domain": {
"id": "69347b14-1cda-41e1-9186-e85853158299",
"name": "Finance Domain v2",
"description": "Only use for finance tables."
},
"version": 1
},
"eventTimestamp": "2023-12-12T18:26:29.618Z",
"receivedTimestamp": "2023-12-12T18:26:32.472Z"
} GlobalPolicyApprovalRescinded event
Event : GlobalPolicyApprovalRescinded
Legacy event : globalPolicyApprovalRescinded
Description : An audit event for a global policy approval rescinded in the approve to promote workflow.
Copy {
"targets": [
{
"id": "12",
"type": "GLOBAL_POLICY",
"name": "Mask PII",
"policyKey": "mask pii"
}
],
"actorIp": "xxx.xx.xx.xx",
"sessionId": "c6eb428b869864f798f17fd7d5d0215a",
"requestId": "10a78dee-6181-52dd-8b68-5461b6172e40",
"actor": {
"name": "Deepu Murty",
"profileId": "999111223",
"identityProvider": "bim",
"id": "deepu@immuta.com",
"type": "USER_ACTOR"
},
"receivedTimestamp": "2023-11-03T18:23:25.966Z",
"id": "5ff5640f-4fc3-4634-a0e2-c625e0ffb447",
"targetType": "GLOBAL_POLICY",
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"action": "GLOBAL_POLICY_APPROVAL_RESCINDED",
"eventTimestamp": "2023-11-03T18:23:25.861Z",
"auditPayload": {
"comment": "This policy isn't ready for production. Please mask PII.",
"type": "GlobalPolicyApprovalRescindedAuditPayload",
"approvalRequestId": "2",
"version": 1
},
"relatedResources": []
} GlobalPolicyApproved event
Event : GlobalPolicyApproved
Legacy event : globalPolicyApproved
Description : An audit event for a global policy approved in the approve to promote workflow.
Copy {
"auditPayload": {
"comment": "This policy looks good for production.",
"approvalRequestId": "2",
"type": "GlobalPolicyApprovedAuditPayload",
"version": 1
},
"relatedResources": [],
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"action": "GLOBAL_POLICY_APPROVED",
"eventTimestamp": "2023-11-03T18:22:12.040Z",
"actor": {
"name": "Deepu Murty",
"type": "USER_ACTOR",
"id": "deepu@immuta.com",
"identityProvider": "bim",
"profileId": "999111223"
},
"receivedTimestamp": "2023-11-03T18:22:12.153Z",
"id": "271dc5ff-b23e-4da6-8066-91a35fda02e4",
"targetType": "GLOBAL_POLICY",
"targets": [
{
"name": "Mask PII",
"policyKey": "mask pii",
"type": "GLOBAL_POLICY",
"id": "12"
}
],
"actorIp": "xxx.xx.xx.xx",
"sessionId": "c6eb428b869864f798f17fd7d5d0215a",
"requestId": "50863cf9-6a8a-5299-89e2-200771eab62c"
} GlobalPolicyChangeRequested event
Event : GlobalPolicyChangeRequested
Legacy event : globalPolicyChangeRequested
Description : An audit event for requested edits on a global policy in the approve to promote workflow.
Copy {
"eventTimestamp": "2023-11-03T18:20:16.483Z",
"action": "GLOBAL_POLICY_CHANGE_REQUESTED",
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"relatedResources": [],
"auditPayload": {
"approvalRequestId": "1",
"type": "GlobalPolicyChangeRequestedAuditPayload",
"comment": "Please add additional controls on personal data.",
"version": 1
},
"requestId": "4afc86e6-dee6-5756-b02e-b22e92d237c4",
"sessionId": "be1e7a02ba2a5e65a6848c752ee0838b",
"targets": [
{
"name": "Mask PII",
"policyKey": "mask pii",
"type": "GLOBAL_POLICY",
"id": "12"
}
],
"actorIp": "xxx.xx.xx.xx",
"id": "77277757-331a-4a13-ba21-cbfeab01d47f",
"targetType": "GLOBAL_POLICY",
"receivedTimestamp": "2023-11-03T18:20:16.581Z",
"actor": {
"profileId": "999111223",
"id": "deepu@immuta.com",
"identityProvider": "bim",
"type": "USER_ACTOR",
"name": "Deepu Murty"
}
} GlobalPolicyCreated event
Event : GlobalPolicyCreated
Legacy event : globalPolicyCreate
Description : An audit event for creating a global policy.
Copy {
"targetType": "GLOBAL_POLICY",
"id": "aac7cb75-c6ec-48ed-a11e-f6d8bf29dfe6",
"relatedResources": [],
"actor": {
"id": "taylor@immuta.com",
"profileId": "1",
"identityProvider": "bim",
"name": "Taylor Smith",
"type": "USER_ACTOR"
},
"actionStatus": "SUCCESS",
"sessionId": "517a11643dcdbba0b5ba30d49ee7a334",
"auditPayload": {
"type": "GlobalPolicyCreatedAuditPayload",
"policy": {
"type": "DATA",
"actions": [
{
"type": "DATA",
"rules": [
{
"type": "MASKING_HASH",
"columnCondition": {
"type": "TAG",
"tags": ["Testing"]
},
"exceptions": null
}
],
"dataPolicyType": "MASKING",
"rationale": null
}
],
"circumstance": {
"conditions": [
{
"type": "TAG",
"tagType": "COLUMN",
"tag": "Testing"
}
],
"operator": "any",
"type": "CONDITIONAL"
}
}
},
"targets": [
{
"policyKey": "mask pii",
"type": "GLOBAL_POLICY",
"name": "Mask PII",
"id": "5"
}
],
"action": "CREATE",
"eventTimestamp": "2023-05-10T18:29:39.438Z",
"actorIp": "xxx.xx.xx.xx",
"requestId": "2b126931-7a15-5678-99c4-11f0c5b40365",
"receivedTimestamp": "2023-05-10T18:29:39.636Z",
"tenantId": "your-immuta-tenant.com"
} GlobalPolicyDeleted event
Event : GlobalPolicyDeleted
Legacy event : globalPolicyDelete
Description : An audit event for deleting a global policy.
Copy {
"requestId": "12674fb7-4b90-5500-906f-7277a240e0f8",
"eventTimestamp": "2023-09-13T19:42:53.029Z",
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"receivedTimestamp": "2023-09-13T19:42:53.157Z",
"id": "d8cb76a2-516d-41f7-98d9-1cb616b759a4",
"targetType": "GLOBAL_POLICY",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"identityProvider": "bim",
"type": "USER_ACTOR",
"id": "taylor@immuta.com",
"profileId": "1"
},
"relatedResources": [],
"auditPayload": {
"version": 1,
"policy": {
"actions": [
{
"subscriptionPolicyType": "AUTOMATIC",
"type": "SUBSCRIPTION",
"rationale": null,
"accessGrant": "READ"
}
],
"type": "SUBSCRIPTION",
"circumstance": {
"type": "WHEN_SELECTED"
}
},
"type": "GlobalPolicyDeletedAuditPayload"
},
"sessionId": "2d48cc8df46b3b3eedf543f4192b6726",
"action": "DELETE",
"targets": [
{
"policyKey": "mask pii",
"type": "GLOBAL_POLICY",
"name": "Mask PII",
"id": "6"
}
]
} Event : GlobalPolicyPromoted
Legacy event : globalPolicyPromoted
Description : An audit event for when a global policy is fully approved and promoted to production in the approve to promote workflow.
Copy {
"sessionId": "89fc6c8f7b6e04d9b9d4f720dbd84890",
"requestId": "6abef8eb-6acb-5364-9a88-7479b03227cf",
"actorIp": "xxx.xx.xx.xx",
"targets": [
{
"name": "Mask PII",
"policyKey": "maks pii",
"type": "GLOBAL_POLICY",
"id": "12"
}
],
"receivedTimestamp": "2023-11-08T14:57:36.465Z",
"targetType": "GLOBAL_POLICY",
"id": "990f260b-eef6-4eed-8f71-f48c8e9b88cb",
"actor": {
"name": "Taylor Smith",
"identityProvider": "bim",
"id": "taylor@immuta.com",
"profileId": "1",
"type": "USER_ACTOR"
},
"eventTimestamp": "2023-11-08T14:57:36.387Z",
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS",
"action": "GLOBAL_POLICY_PROMOTED",
"auditPayload": {
"type": "GlobalPolicyPromotedAuditPayload",
"policyName": "Mask PII",
"version": 1,
"policyId": "12"
},
"relatedResources": []
} GlobalPolicyReviewRequested event
Event : GlobalPolicyReviewRequested
Legacy event : globalPolicyReviewRequested
Description : An audit event for when a global policy is ready and requests a review in the approve to promote workflow.
Copy {
"targetType": "GLOBAL_POLICY",
"id": "a26fa653-e545-4a34-9488-d7f1b92379d0",
"receivedTimestamp": "2023-11-03T18:16:30.588Z",
"actor": {
"name": "Taylor Smith",
"type": "USER_ACTOR",
"profileId": "1",
"identityProvider": "bim",
"id": "taylor@immuta.com"
},
"requestId": "9a03030a-09ef-5d2b-abea-b65305901e9b",
"sessionId": "1f468d12a437bceb59b71054d6ad8bf8",
"actorIp": "xxx.xx.xx.xx",
"targets": [
{
"name": "Mask PII",
"policyKey": "mask pii",
"type": "GLOBAL_POLICY",
"id": "12"
}
],
"relatedResources": [],
"auditPayload": {
"type": "GlobalPolicyReviewRequestedAuditPayload",
"approvalRequestId": "1",
"version": 1
},
"eventTimestamp": "2023-11-03T18:16:30.281Z",
"action": "GLOBAL_POLICY_REVIEW_REQUESTED",
"tenantId": "your-immuta-tenant.com",
"actionStatus": "SUCCESS"
} GlobalPolicyUpdated event
Event : GlobalPolicyUpdated
Legacy event : globalPolicyUpdate
Description : An audit event for a global policy being updated with details about the policy.
Copy {
"tenantId": "your-immuta-tenant.com",
"receivedTimestamp": "2023-10-24T18:06:21.278Z",
"eventTimestamp": "2023-10-24T18:06:21.155Z",
"actorIp": "xxx.xx.xx.xx",
"requestId": "c2554ade-fbea-54b4-bfa5-a652d8a34309",
"actionStatus": "SUCCESS",
"relatedResources": [],
"actor": {
"type": "USER_ACTOR",
"name": "Taylor Smith",
"identityProvider": "bim",
"profileId": "1",
"id": "taylor@immuta.com"
},
"id": "f2346f5b-07b3-4f71-a0e1-9635e3b7cacc",
"targetType": "GLOBAL_POLICY",
"targets": [
{
"id": "7",
"policyKey": "mask pii",
"type": "GLOBAL_POLICY",
"name": "Mask PII"
}
],
"action": "UPDATE",
"auditPayload": {
"version": 1,
"policy": {
"circumstance": {
"type": "WHEN_SELECTED"
},
"actions": [
{
"dataPolicyType": "MASKING",
"type": "DATA",
"rules": [
{
"type": "MASKING_HASH",
"columnCondition": {
"tags": ["AuditTesting"],
"type": "TAG"
},
"exceptions": null
}
],
"rationale": null
}
],
"type": "DATA",
"certification": {
"label": "Personal information certification",
"tags": ["AuditTesting"],
"description": "I certify that I understand this data source contains personally identifiable information and will use the data appropriately and responsibly to the company policies."
}
},
"type": "GlobalPolicyUpdatedAuditPayload"
},
"sessionId": "1a8a16c58f29172d9a59224030617184"
} GroupCreated event
Legacy event : accessGroup
Description : An audit event for a group created in Immuta.
Copy {
"sessionId": "c3e76e5f809b74fabe0975bcac5e0fca",
"auditPayload": {
"version": 1,
"groupIdProvider": "bim",
"name": "HR",
"groupId": "6",
"type": "GroupCreatedAuditPayload"
},
"action": "CREATE",
"targets": [
{
"id": "6",
"identityProvider": "bim",
"name": "HR",
"type": "GROUP"
}
],
"targetType": "GROUP",
"id": "24b9bce7-e255-47ed-8aa1-fefde19be539",
"relatedResources": [],
"actor": {
"type": "USER_ACTOR",
"identityProvider": "bim",
"name": "Taylor Smith",
"profileId": "1",
"id": "taylor@immuta.com"
},
"actionStatus": "SUCCESS",
"eventTimestamp": "2023-12-19T21:18:23.711Z",
"actorIp": "xxx.xx.xx.xx",
"requestId": "a37ee299-cc6b-531b-8af1-891d853af995",
"receivedTimestamp": "2023-12-19T21:18:24.040Z",
"tenantId": "your-immuta-tenant.com"
} GroupDeleted event
Legacy event : accessGroup
Description : An audit event for a group deleted in Immuta.
Copy {
"actorIp": "xxx.xx.xx.xx",
"eventTimestamp": "2023-12-19T21:18:25.891Z",
"requestId": "92e7ba98-144b-502d-beae-48ceb865cdcf",
"receivedTimestamp": "2023-12-19T21:18:26.161Z",
"tenantId": "your-immuta-tenant.com",
"sessionId": "60e86f7be389dc21b11bdc4a5b6d6974",
"auditPayload": {
"name": "HR",
"groupIdProvider": "bim",
"groupId": "6",
"type": "GroupDeletedAuditPayload",
"version": 1
},
"targets": [
{
"id": "6",
"type": "GROUP",
"name": "HR",
"identityProvider": "bim"
}
],
"action": "DELETE",
"targetType": "GROUP",
"id": "45efee34-2147-4ea9-bc3f-9f88addaaa2a",
"relatedResources": [],
"actor": {
"identityProvider": "bim",
"name": "Taylor Smith",
"type": "USER_ACTOR",
"id": "taylor@immuta.com",
"profileId": "1"
},
"actionStatus": "SUCCESS"
} GroupMemberAdded event
Legacy event : accessGroup
Description : An audit event for a member added to a group in Immuta.
Copy {
"sessionId": "5ff64ed8fe0a194b074415a73d4f9201",
"id": "93e2dade-fd6f-4c13-8274-e9dd843bb990",
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"targets": [
{
"name": "HR",
"id": "3",
"identityProvider": "bim",
"type": "GROUP"
}
],
"receivedTimestamp": "2024-01-17T13:32:15.929Z",
"actionStatus": "SUCCESS",
"eventTimestamp": "2024-01-17T13:32:15.755Z",
"relatedResources": [
{
"type": "USER",
"identityProvider": "bim",
"name": "Deepu Murty",
"id": "deepu@immuta.com",
"profileId": "999111223"
}
],
"targetType": "GROUP",
"actor": {
"identityProvider": "bim",
"type": "USER_ACTOR",
"profileId": "1",
"id": "taylor@immuta.com",
"name": "Taylor Smith"
},
"action": "MEMBER_ADD",
"auditPayload": {
"type": "GroupMemberAddedAuditPayload",
"version": 1,
"userIdProvider": "bim",
"groupId": "3",
"userId": "deepu@immuta.com"
},
"requestId": "e12e42ab-5ba5-54f4-9ff9-61e27c131d6d"
} GroupMemberRemoved event
Event : GroupMemberRemoved
Legacy event : accessGroup
Description : An audit event for a group member removed from the group in Immuta.
Copy {
"targetType": "GROUP",
"receivedTimestamp": "2024-01-17T13:27:04.061Z",
"actionStatus": "SUCCESS",
"relatedResources": [],
"eventTimestamp": "2024-01-17T13:27:03.841Z",
"auditPayload": {
"groupId": "3",
"version": 1,
"type": "GroupMemberRemovedAuditPayload"
},
"requestId": "73a295d1-504a-507c-ba6d-9a72f2b34b16",
"actor": {
"identityProvider": "bim",
"type": "USER_ACTOR",
"profileId": "1",
"id": "taylor@immuta.com",
"name": "Taylor Smith"
},
"action": "MEMBER_REMOVE",
"actorIp": "xxx.xx.xx.xx",
"targets": [
{
"id": "3",
"name": "HR",
"type": "GROUP",
"identityProvider": "bim"
}
],
"tenantId": "your-immuta-tenant.com",
"sessionId": "5ff64ed8fe0a194b074415a73d4f9201",
"id": "5201799f-2472-4b9d-ba5c-db32e06a0bfa"
} GroupUpdated event
Legacy event : accessGroup
Description : An audit event for a group updated in Immuta.
LicenseCreated event
Legacy event : licenseCreate
Description : An audit event for creating an Immuta license.
Copy {
"id": "c1a74870-ff01-43bf-8b2e-928b6fccb6ae",
"sessionId": "bdf4e26e67f4e3ceeb93705b639f8768",
"requestId": "4c48deb8-4e4d-5705-be82-fae9e165967a",
"action": "CREATE",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"targetType": "LICENSE",
"targets": [
{
"type": "LICENSE",
"id": "2",
"name": "2"
}
],
"relatedResources": [],
"auditPayload": {
"type": "LicenseCreatedAuditPayload",
"version": 1,
"licenseKey": "a-unique-license-key"
},
"eventTimestamp": "2024-03-08T18:34:30.028Z",
"receivedTimestamp": "2024-03-08T18:34:30.475Z"
} LicenseDeleted event
Legacy event : licenseDelete
Description : An audit event for deleting an Immuta license.
Copy {
"id": "e7a22a3c-8b08-48e7-a648-3b6946b085e4",
"sessionId": "0c52d87dd0437dd90b48bfd66e7cf3dd",
"requestId": "50c29e76-6f24-5a66-9acb-1c298496377e",
"action": "DELETE",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"actorIp": "xxx.xx.xx.xx",
"tenantId": "your-immuta-tenant.com",
"targetType": "LICENSE",
"targets": [
{
"type": "LICENSE",
"id": "2",
"name": "2"
}
],
"relatedResources": [],
"auditPayload": {
"type": "LicenseDeletedAuditPayload",
"version": 1,
"id": "2"
},
"eventTimestamp": "2024-03-08T18:38:12.382Z",
"receivedTimestamp": "2024-03-08T18:38:12.457Z"
} LocalPolicyCreated event
Event : LocalPolicyCreated
Legacy event : policyHandlerCreate
Description : An audit event for creating a local policy for an Immuta data source.
Copy {
"targetType": "LOCAL_POLICY",
"actionStatus": "SUCCESS",
"eventTimestamp": "2023-10-13T18:16:19.643Z",
"relatedResources": [
{
"id": "129",
"name": "Public case",
"type": "DATASOURCE",
"technology": "POSTGRESQL"
}
],
"receivedTimestamp": "2023-10-13T18:16:19.680Z",
"auditPayload": {
"type": "LocalPolicyCreatedAuditPayload",
"policy": {
"actions": [
{
"rationale": null,
"rules": [
{
"exceptions": null,
"type": "MASKING_K_ANONYMIZATION",
"fields": ["c_birth_year", "c_birth_month", "c_birth_day"],
"kLevel": 8,
"ruleAppliedForUser": false
}
],
"type": "DATA",
"global": false,
"dataPolicyType": "MASKING"
}
],
"type": "DATA"
},
"version": 1
},
"action": "CREATE",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"profileId": "1",
"type": "USER_ACTOR",
"identityProvider": "bim"
},
"tenantId": "your-immuta-tenant.com",
"targets": [
{
"type": "LOCAL_POLICY",
"name": "4",
"id": "4",
"datasource": {
"id": "129",
"name": "Public case",
"type": "DATASOURCE",
"technology": "POSTGRESQL"
}
}
],
"id": "761a4044-1dec-4b9b-815f-d83c056ff61e"
} LocalPolicyUpdated event
Event : LocalPolicyUpdated
Legacy event : policyHandlerUpdate
Description : An audit event for updating a local policy on an Immuta data source.
Copy {
"id": "c8066842-4c90-4b12-a108-232c93a5fe63",
"targets": [],
"tenantId": "your-immuta-tenant.com",
"action": "UPDATE",
"actor": {
"profileId": "1",
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"type": "USER_ACTOR"
},
"auditPayload": {
"version": 1,
"policyHandlerUpdateAction": "UPDATE",
"policy": {
"actions": [
{
"subscriptionPolicyType": "AUTOMATIC",
"rationale": null,
"type": "SUBSCRIPTION",
"accessGrant": "READ",
"global": false,
"ruleAppliedForUser": true
}
],
"type": "SUBSCRIPTION"
},
"policyUpdateType": "SUBSCRIPTION",
"type": "LocalPolicyUpdatedAuditPayload"
},
"actionStatus": "SUCCESS",
"eventTimestamp": "2024-02-07T19:26:54.447Z",
"relatedResources": [
{
"id": "1124",
"name": "Public case",
"technology": "SNOWFLAKE",
"type": "DATASOURCE"
}
],
"receivedTimestamp": "2024-02-07T19:26:54.478Z",
"targetType": "LOCAL_POLICY"
} PermissionApplied event
Description : An audit event for a permission applied to an Immuta user.
Copy {
"id": "d18cbe70-a620-4ae4-a82a-a24249832e12",
"sessionId": "86d602c9d57fcc55e103ee7a5fa650dc",
"requestId": "749dd9dd-e06f-5781-ad7e-91c002ed5043",
"action": "PERMISSION_APPLY",
"actionStatus": "SUCCESS",
"actor": {
"name": "Taylor Smith",
"id": "taylor@immuta.com",
"identityProvider": "bim",
"profileId": "1",
"type": "USER_ACTOR"
},
"actorIp": "xxx.xx.x 
