Commit a7e01abb authored by Mike Jang's avatar Mike Jang

Merge branch '250861-doc-add-audit-event-types' into 'master'

Update audit log screenshots and searchable types

See merge request gitlab-org/gitlab!48331
parents c113bfa7 4976fdea
...@@ -133,12 +133,6 @@ recorded: ...@@ -133,12 +133,6 @@ recorded:
- A user's personal access token was successfully created or revoked ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6) - A user's personal access token was successfully created or revoked ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6)
- A failed attempt to create or revoke a user's personal access token ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6) - A failed attempt to create or revoke a user's personal access token ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6)
It's possible to filter particular actions by choosing an audit data type from
the filter dropdown box. You can further filter by specific group, project, or user
(for authentication events).
![audit log](img/audit_log.png)
Instance events can also be accessed via the [Instance Audit Events API](../api/audit_events.md#instance-audit-events). Instance events can also be accessed via the [Instance Audit Events API](../api/audit_events.md#instance-audit-events).
### Missing events ### Missing events
...@@ -180,6 +174,19 @@ the steps bellow. ...@@ -180,6 +174,19 @@ the steps bellow.
Feature.enable(:repository_push_audit_event) Feature.enable(:repository_push_audit_event)
``` ```
## Search
The search filters you can see depends on which audit level you are at.
| Filter | Available options |
| ------ | ----------------- |
| Scope (Project level) | A specific user who performed the action. |
| Scope (Group level) | A specific user (in a group) who performed the action. |
| Scope (Instance level) | A specific group, project, or user that the action was scoped to. |
| Date range | Either via the date range buttons or pickers (maximum range of 31 days). Default is from the first day of the month to today's date. |
![audit log](img/audit_log_v13_6.png)
## Export to CSV **(PREMIUM ONLY)** ## Export to CSV **(PREMIUM ONLY)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1449) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.4. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1449) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.4.
...@@ -193,23 +200,18 @@ This feature might not be available to you. Check the **version history** note a ...@@ -193,23 +200,18 @@ This feature might not be available to you. Check the **version history** note a
If available, you can enable it with a [feature flag](#enable-or-disable-audit-log-export-to-csv). If available, you can enable it with a [feature flag](#enable-or-disable-audit-log-export-to-csv).
Export to CSV allows customers to export the current filter view of your audit log as a Export to CSV allows customers to export the current filter view of your audit log as a
CSV file, CSV file, which stores tabular data in plain text. The data provides a comprehensive view with respect to
which stores tabular data in plain text. The data provides a comprehensive view with respect to
audit events. audit events.
To export the Audit Log to CSV, navigate to To export the Audit Log to CSV, navigate to
**{monitor}** **Admin Area > Monitoring > Audit Log** **{monitor}** **Admin Area > Monitoring > Audit Log**
1. Click in the field **Search**. 1. Select the available search [filters](#search).
1. In the dropdown menu that appears, select the event type that you want to filter by.
1. Select the preferred date range.
1. Click **Export as CSV**. 1. Click **Export as CSV**.
![Export Audit Log](img/export_audit_log_v13_4.png)
### Sort ### Sort
Exported events are always sorted by `ID` in ascending order. Exported events are always sorted by `created_at` in ascending order.
### Format ### Format
...@@ -222,8 +224,8 @@ The first row contains the headers, which are listed in the following table alon ...@@ -222,8 +224,8 @@ The first row contains the headers, which are listed in the following table alon
| Author ID | ID of the author | | Author ID | ID of the author |
| Author Name | Full name of the author | | Author Name | Full name of the author |
| Entity ID | ID of the scope | | Entity ID | ID of the scope |
| Entity Type | Type of the entity (`Project`/`Group`/`User`) | | Entity Type | Type of the scope (`Project`/`Group`/`User`) |
| Entity Path | Path of the entity | | Entity Path | Path of the scope |
| Target ID | ID of the target | | Target ID | ID of the target |
| Target Type | Type of the target | | Target Type | Type of the target |
| Target Details | Details of the target | | Target Details | Details of the target |
...@@ -233,7 +235,7 @@ The first row contains the headers, which are listed in the following table alon ...@@ -233,7 +235,7 @@ The first row contains the headers, which are listed in the following table alon
### Limitation ### Limitation
The Audit Log CSV file size is limited to a maximum of `100,000` events. The Audit Log CSV file is limited to a maximum of `100,000` events.
The remaining records are truncated when this limit is reached. The remaining records are truncated when this limit is reached.
### Enable or disable Audit Log Export to CSV ### Enable or disable Audit Log Export to CSV
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment