Audit

Immuta provides robust audit logging on actions within the application and on queries in remote technologies like Snowflake, Databricks, and Unity Catalog. Users with the audit permission can view the audit page in Immuta. Depending on your configured Immuta deployment, audit logs can also be exported from Elasticsearch or OpenSearch.

How-to guide

• Run governance reports: Create a governance report in the Immuta UI to understand the state of your Immuta environment.

Reference guides

• Audit overview: This reference guide describes Immuta's universal audit model, the events available in this model, and the recommended audit workflow.

  • UAM schema reference guide: This reference guide lists the UAM events and examples of the logs.

• Query audit logs: These reference guides describe the audit available for the specific integration, details about enabling and configuring audit, and an example schema.

  • Snowflake audit logs

  • Databricks Unity Catalog audit logs

  • Databricks Spark audit logs

  • Starburst (Trino) audit logs

• Unknown users in audit logs: Unity Catalog query audit brings in audit information for all tables and data sources, so some audit logs are created from activity by users not registered in Immuta. These audit records will appear in Immuta, providing valuable information of activity, with the username Unknown. This guide illustrates how to determine the username of these Unknown users and register them in Immuta.

• Governance reports: This reference guide describes the different reports available in Immuta.