Skip to content

Audit

Access Management stores audit records for all data access and key portal activity. Audit records are retained for 90 days.

The Audit page includes information under the following categories:

  • Access: Each access (or denial) to a managed data repository.
  • Admin: Portal Administrative activity including revisions to policies.
  • Login Sessions: Logins to your PrivaceraCloud account web portal.
  • Plugin: Logged status for each synchronization exchange with a data access 'plugin' component.
  • Plugin Status: Logged updates with each data access 'plugin' component.
  • UserSync: Logged user updates from LDAP/AD directory service.
  • PolicySync: Logged queries to data resources integrated using 'policy sync' method.

View Audit Logs#

  1. From the home page, click Access ManagementAudit.

  2. Select a tab to see events in the associated category.

    • Access
    • Admin
    • Login Sessions
    • Plugin
    • Plugin Status
    • User Sync
    • Policy Sync
  3. (Optional) Select a time range for the events you want to see. Default is seven days.

About PolicySync Access Audit Records and Policy ID

For datasources where Ranger plug-ins make policy decisions, those plug-ins can log the specific policy that was enforced, and the Policy ID column is populated with a link to the relevant policy.

For datasources where enforcement is provided by PolicySync, individual access control decisions are enforced by native database permissions, secure views, and other native application security mechanisms. It is not feasible to trace back from the interaction of those mechanisms to an individual Privacera access control policy. In such cases, the policy ID is set to zero.

PEG API Access#

On the Access tab, use the search filter pulldown menu to see Service is PEG (Privacera Encryption Gateway).

<img src="../assets/audit_page_apikey.png" />

This shows access to a PEG encryption key when a PEG REST API request specifies an encryption scheme.

For more information about PEG, see the Privacera Encryption Guide.

Enable Reason Setting#

The "reason" setting shows error codes and error messages on the Audit page that caused an audit record.

Set the following properties.

 ```bash
 vi rangerproperties
 ```

 ```bash
 ranger.policysync.connector.0.enable.audit=true 
 ranger.policysync.connector.0.audit.source.simple=true 
 ranger.policysync.connector.0.audit.source.advance=false 
 ranger.policysync.connector.0.custom.audit.db.name=${Database_Name} 
 ranger.policysync.connector.0.audit.initial.pull.min=30
 ```

Last update: October 5, 2021