Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Immuta provides robust audit logging on actions within the application and on queries in remote technologies like Snowflake, Databricks, and Unity Catalog. Users with the audit permission can view the audit page in Immuta and export audit logs to S3 or ADLS Gen2.
Export audit logs to S3: Use the CLI or GraphQL to export Immuta audit logs to S3. These logs can then be stored long-term, used for compliance, or viewed in analytic platforms.
Export audit logs to ADLS Gen2: Use the CLI or GraphQL to export Immuta audit logs to ADLS Gen2. These logs can then be stored long-term, used for compliance, or viewed in analytic platforms.
Run governance reports: Create a governance report in the Immuta UI to understand the state of your Immuta environment.
Audit overview: This reference guide describes Immuta's universal audit model, the events available in this model, and the recommended audit workflow.
UAM schema reference guide: This reference guide lists the UAM events and examples of the logs.
Query audit logs: These reference guides describe the audit available for the specific integration, details about enabling and configuring audit, and an example schema.
Audit export GraphQL reference guide: This reference guide describes the commands available in the GraphQL for exporting audit logs.
Governance reports: This reference guide describes the different reports available in Immuta.
Unknown users in audit logs: Unity Catalog query audit brings in audit information for all tables and data sources, so some audit logs are created from activity by users not registered in Immuta. These audit records will appear in Immuta, providing valuable information of activity, with the username Unknown
. This guide illustrates how to determine the username of these Unknown
users and register them in Immuta.
Download audit logs: Download Immuta legacy audit logs through the API.
Legacy to UAM Migration: Understand the audit events from UAM that map to legacy audit events.
Immuta reports allow data governors to use a natural language builder to instantly create reports that detail user activity across Immuta.
Click select entity and choose the option you would like the report based on from the dropdown menu. Your options include User, Group, Project, Data Source, Purpose, Policy Type, Connection, or Tag.
After making your selection, type your entity name in the enter name field.
Select the name from the dropdown menu that appears. Once the entity name has been selected, a number of reports will populate the center window.
Click a tile with the description of the report to run that report. You may only see up to 100 rows of output in the UI when you run a report. To see the full results of your report, follow the step below to export to CSV.
Once you've run the report, you can click the Export to CSV button to download the report.
If you would like to switch reports from this page, you can make changes by clicking the dropdown menu and then Refresh to run a new report. Otherwise, click Back to Report Builder to return to the full report builder.
Public preview: This feature is public preview and available to all accounts.
Requirements:
Immuta permission AUDIT
If you will use the Immuta CLI instead of GraphQL API, install and configure the Immuta CLI. Must be CLI v1.4.0 or newer.
Before Immuta can export audit events to your Azure Data Lake Storage (ADLS) Gen2 storage account, you need to create a shared access signature (SAS) token that allows the Immuta audit service to add audit logs to your specified ADLS storage account and file system.
Follow the Azure documentation to create the following in Azure:
An ADLS Gen2 storage account with the following settings required for audit export:
Enable hierarchical namespace
Standard performance is adequate, but premium may be used
A shared access signature (SAS) for your dedicated container with at least the following permissions at the storage account or container level:
Create
Write
Save the SAS token to use in the next steps. Do not navigate away from the SAS page unless you have saved the token.
Configure the audit export to ADLS using the Immuta CLI or GraphQL API with the following fields:
interval: The interval at which audit logs will be exported to your ADLS storage. They can be sent at 2-, 4-, 6-, 12-, or 24-hour intervals.
storage account: The name of the storage account you created that your audit logs will be sent to.
file system: The name of the file system (or container) you created that your audit logs will be written to.
path: The name of the path in the file system. This will be a new folder or directory in the container where Immuta will send your audit logs for storage.
SAS token: The previously-generated SAS token.
Run the following command with the above fields in a JSON file:
Example ./your-exportConfig.json
file
For additional CLI commands, see the audit CLI reference guide.
Run the following mutation to this URL, https://your-immuta.com/api/audit/graphql
, with the above fields passed directly:
Example response
For additional GraphQL API commands, see the GraphQL API reference guide.