Manage Audit

Use these audit export configuration commands to manage exporting your audit logs to S3 and ADLS Gen2, including intervals the events are exported and the S3 bucket or ADLS container they are exported to.

immuta audit exportConfig {command} <arguments> [flags]

Inspect, disable, enable, and delete configurations for exporting your audit events to S3 and ADLS Gen 2.

The Immuta Audit CLI supports a number of flags for every command.

  • --config string: Specifies the configuration file name and where it will be saved. (The default is $HOME/.immutacfg.yaml.)

  • -h, --help: Gets more information about the command.

  • -p, --profile string: Specifies the profile for what instance the CLI will use.

Commands

Command

Argument

Flags

create <technology> [flags]: Configures a time interval and location to export your audit logs to. Options for <technology> are s3 and adls. Example: $ immuta audit exportConfig create:s3 ./exportConfig.json

The filepath to the JSON or YAML file that configures the location and time interval for exporting your audit logs to S3 and ADLS Gen2.

  • -o, `- -output json

delete <export configuration ID> [flags]: Deletes an audit export configuration based on the provided ID. Example: $ immuta audit exportConfig delete f7f9e289-f37b-4942-a18d-66d6de6e7cb2

The ID of the export configuration.

  • -o, `--output json

disable <export configuration ID> [flags]: Disables an audit export configuration based on the provided ID. Example: $ immuta audit exportConfig disable f7f9e289-f37b-4942-a18d-66d6de6e7cb2

The ID of the export configuration.

  • -o, `--output json

enable <export configuration ID> [flags]: Enables an audit export configuration based on the provided ID. Example: $ immuta audit exportConfig enable f7f9e289-f37b-4942-a18d-66d6de6e7cb2

The ID of the export configuration.

  • -o, `--output json

get <export configuration ID> [flags]: Gets an audit export configuration based on the provided ID. See example below.

The ID of the export configuration.

  • -o, `--output json

list [flags]: Lists all export configurations. Example: $ immuta audit exportConfig list

  • -o, `--output json

Audit Export Configuration Example

$ immuta audit exportConfig get f7f9e289-f37b-4942-a18d-66d6de6e7cb2
$
{
  "id": "f7f9e289-f37b-4942-a18d-66d6de6e7cb2",
  "interval": "EVERY_12_HOURS",
  "enabled": true,
  "endpointConfiguration": {
    "__typename": "S3EndpointConfiguration",
    "bucket": "your-s3-bucket",
    "path": "hr-data",
    "region": "us-east-1",
    "accessKeyId": "accessKey"
  },
  "createdAt": "2022-10-23T23:03:11.466Z",
  "createdBy": {
    "name": "John Doe",
    "identityProvider": "okta",
    "id": "johndoe@example.com",
    "type": "USER"
  },
  "updatedAt": "2022-10-23T23:03:11.466Z",
  "updatedBy": {
    "name": "John Doe",
    "identityProvider": "okta",
    "id": "johndoe@example.com",
    "type": "USER"
  }
}

Copyright © 2014-2024 Immuta Inc. All rights reserved.