Audit Logs
Audit Logs records operation logs for products and services on the platform. It supports user behavior analysis, security auditing, resource change tracking, and compliance auditing.
Field descriptions
- Region: Deployment region.
- Stack ID: Stack ID of the deployment environment.
- Username: User who performed the operation.
- Service: Service/module where the operation occurred.
- Operation type: Specific operation, such as creating a backup plan.
- Source IP: Source IP address of the request.
- Operator: User who performed the operation.
- User type: Classifies the operator. For user-created accounts, logs record the actual username. Some operations are triggered automatically by the platform; these are recorded as system user (
system). - Object ID: ID of the target object.
- Object name: Name of the target object.
- Request data: Request payload for the operation.
- Time: Time of the operation.
Recorded operations
HPC clusters
When a cluster performs the following actions, they are recorded in audit logs:
| Operation type |
|---|
| Create cluster |
| Release cluster |
| Delete cluster |
| Create partition |
| Edit partition |
| Release partition |
| Add nodes |
| Edit node |
| Release/remove node |
| Create cluster WebSSH session |
| Disconnect cluster WebSSH session |
| Create cluster WebVNC session |
| Disconnect cluster WebVNC session |
| Create cluster WebRDP session |
| Disconnect cluster WebRDP session |
| Convert global mount to partition mount |
| Create global mount |
| Unbind global mount |
| Create partition mount |
| Unbind partition mount |
Desktop service
When desktops perform the following actions, they are recorded in audit logs:
| Operation type |
|---|
| Create desktop |
| Release desktop |
| Delete desktop |
| Add nodes |
| Edit node |
| Release/remove node |
| Create desktop WebSSH session |
| Disconnect desktop WebSSH session |
| Create desktop WebVNC session |
| Disconnect desktop WebVNC session |
| Create desktop WebRDP session |
| Disconnect desktop WebRDP session |
| Create global mount |
| Unbind global mount |
| Create partition mount |
| Unbind partition mount |
User management
When users/groups perform the following actions, they are recorded in audit logs:
| Operation type |
|---|
| Create user |
| Edit user |
| Add user to group |
| Add user permission |
| Delete user permission |
| Remove user from group |
| Delete user (deleting one or multiple users is logged as this type) |
| Create group |
| Edit group |
| Configure group user environment / edit user home directory |
| Add group permission |
| Delete group permission |
| Delete group (deleting one or multiple groups is logged as this type) |
| Add group member |
| Add WeCom |
| Delete WeCom |
| Add Feishu |
| Delete Feishu |
| User login (only for existing platform users) |
| Change password |
| Edit account |
Data management
When data operations occur, they are recorded in audit logs:
| Operation type |
|---|
| Package and download folder |
| Create folder |
| Copy file |
| Delete file |
| Upload file |
| Download file |
| Move file |
Approval management
When approval management operations occur, they are recorded in audit logs:
| Operation type |
|---|
| Initiate approval |
| Approve |
| Reject |
| Edit approval flow |
Approval policy
When approval policy is changed, it is recorded in audit logs:
| Operation type |
|---|
| Edit approval flow |
Approval data
When approval data operations occur, they are recorded in audit logs:
| Operation type |
|---|
| Delete download area data |
| Delete expired data |
| Delete rejected data |
Billing
When billing operations occur, they are recorded in audit logs:
| Operation type |
|---|
| Export license usage details |
| Download license usage details |
| Export resource usage details |
| Download resource usage details |
License management
When license operations occur, they are recorded in audit logs:
| Operation type |
|---|
| Import license |
| Import service package |