Chapter 1. Audit logs in Red Hat Developer Hub
Audit logs are a chronological set of records documenting the user activities, system events, and data changes that affect your Red Hat Developer Hub users, administrators, or components. Administrators can view Developer Hub audit logs in the OpenShift Container Platform web console to monitor scaffolder events, changes to the RBAC system, and changes to the Catalog database. Audit logs include the following information:
- Name of the audited event
- Actor that triggered the audited event, for example, terminal, port, IP address, or hostname
- Event metadata, for example, date, time
-
Event status, for example,
success,failure -
Severity levels, for example,
info,debug,warn,error
You can use the information in the audit log to achieve the following goals:
- Enhance security
- Trace activities, including those initiated by automated systems and software templates, back to their source. Know when software templates are executed, as well as the details of application and component installations, updates, configuration changes, and removals.
- Automate compliance
- Use streamlined processes to view log data for specified points in time for auditing purposes or continuous compliance maintenance.
- Debug issues
- Use access records and activity details to fix issues with software templates or plugins.
Audit logs are not forwarded to the internal log store by default because this does not provide secure storage. You are responsible for ensuring that the system to which you forward audit logs is compliant with your organizational and governmental regulations, and is properly secured.
Additional resources
- For more information about logging in OpenShift Container Platform, see About Logging
- For a complete list of fields that a Developer Hub audit log can include, see Section 3.1, “Audit log fields”
- For a list of scaffolder events that a Developer Hub audit log can include, see Section 3.2, “Scaffolder events”
