7.8. Audit Event Log #
PPEM logs audit events (also known as audit trails) for troubleshooting, monitoring, accountability, and other purposes.
To view or delete the audit event log, a user role must have the audit_events_view or audit_events_delete privilege, respectively.
PPEM logs the following audit event types:
Table 7.1. Audit event types
Description | Severity | Name (web application interface) | Name (downloadable log) |
|---|---|---|---|
Records were deleted from the audit event log | High | Audit events deleted |
|
An RBAC role was created | Low | Role created |
|
An RBAC role was edited | Low | Role edited |
|
An RBAC role was deleted | Low | Role deleted |
|
A user was created | Low | Use created |
|
A user was edited | Low | User edited |
|
A user was blocked | Medium | User blocked |
|
A user was deleted | Medium | User deleted |
|
A user login was attempted | Low | Login attempted |
|
An instance was started | Medium | Instance started |
|
An instance was restarted | Medium | Instance restarted |
|
An instance configuration was reloaded | Medium | Instance reloaded |
|
An instance was edited | Medium | Instance edited |
|
A database was created | Medium | Database created |
|
A database was edited | Medium | Database edited |
|
A database was deleted | Medium | Database deleted |
|
A backup was created | Medium | Backup created |
|
A backup was restored | Medium | Backup restored |
|
A backup was deleted | Medium | Backup deleted |
|
For every listed event, the name from the last column is used in event log files downloaded as JSON files.