You can track user console and API actions by examining the system audit events that Data Management for VMware Tanzu generates. DMS also generates audit events for actions that it initiates. You monitor these events in the System Audit Events view.
Note: The
System Audit Events view is the only Data Management for VMware Tanzu console location where you can track non-Service-Instance-related operations and tasks.
The System Audit Events view displays the following information:
- The Component identifies the name of the Data Management for VMware Tanzu component performing the operation.
- The Event Type identifies the type of audited event or operation.
- The Event Details column provides operation-specific details related to the audit event.
- The Event Time identifies the time at which the audit event occurred.
- The Status column identifies the status of the audit event.
- The Source column identifies the entity that initiated the operation - a Data Management for VMware Tanzu user identifier (Email ID) or
Auto(DMS-initiated).
About the Audit Event Types
Data Management for VMware Tanzu generates audit events for the following operations:
| Component | Audit Event Type | Operation Description |
|---|---|---|
| AUTHENTICATION | LOGIN | A user logs in to the DMS console or API. |
| AUTHENTICATION | LOGOUT | A user logs out of the DMS console or API. |
| DB MANAGEMENT | CHANGE OF TEMPLATE STATUS | The status of a template changes. |
| DB MANAGEMENT | EULA NOT ACCEPTED | The account associated with the Tanzu Network Refresh Token account did not accept the license. |
| DB MANAGEMENT | NEW DB TEMPLATE | A new database template is available. |
| DB OPERATION | BACKUP DB | DMS or a user initiates a backup of a database Service Instance (manual or automated). |
| DB OPERATION | CHANGE DB OPTIONS | A user updates the database engine-specific options of a database Service Instance. |
| DB OPERATION | CLONE DB | A user clones a database Service Instance. |
| DB OPERATION | CREATE DB | A user creates a database Service Instance. |
| DB OPERATION | CREATE READ REPLICA | A user creates a Read Replica of a database Service Instance. |
| DB OPERATION | DB LOG GENERATION | A user generates a Service Instance log bundle. |
| DB OPERATION | DELETE BACKUP | A user deletes a backup of a database Service Instance. |
| DB OPERATION | DELETE DB | A user deletes a database Service Instance. |
| DB OPERATION | DELETE REPLICA | A user deletes a Read Replica Service Instance. |
| DB OPERATION | DISABLE DB VM SSH | A user disables SSH access to a database Service Instance. |
| DB OPERATION | DISABLE SSL | A user disables a TLS access requirement on a database Service Instance. |
| DB OPERATION | ENABLE DB VM SSH | A user enables SSH access to a database Service Instance. |
| DB OPERATION | ENABLE SSL | A user requires TLS-secured connections to access a database Service Instance. |
| DB OPERATION | EXTEND DB DISK | A user increases the disk resources for a database Service Instance. |
| DB OPERATION | PITR | A user restores a backup from a specific point in time to a new a database Service Instance. |
| DB OPERATION | POWER OFF DB | A user powers off a database Service Instance. |
| DB OPERATION | POWER ON DB | A user powers on a database Service Instance. |
| DB OPERATION | PROMOTE REPLICA | A user promotes a Read Replica to a Primary Service Instance. |
| DB OPERATION | PROTECT DB | DMS or a user enables backups on a database Service Instance. |
| DB OPERATION | RESTORE DB | A user restores a backup to a new a database Service Instance. |
| DB OPERATION | SCALE DB DISK | A user updates the vCPU or memory resources for a database Service Instance. |
| DMS RELEASE | DMS LOAD RELEASES | DMS loads and processes a new software release. |
| EXTERNAL STORAGE | CREATE EXTERNAL STORAGE | The Provider Administrator configures an external storage setting (Provider Repo, Tanzu Network Refresh Token, Provider Log Repo, Provider Backup Repo). |
| EXTERNAL STORAGE | REMOVE EXTERNAL STORAGE | The Provider Administrator removes the Provider Backup Repo external storage setting. |
| EXTERNAL STORAGE | UPDATE EXTERNAL STORAGE | The Provider Administrator updates an external storage setting (Provider Repo, Tanzu Network Refresh Token, Provider Log Repo, Provider Backup Repo). |
| INFRASTRUCTURE | ASSIGN ORG | The Provider Administrator shares infrastucture with a new organization. |
| INFRASTRUCTURE | UNASSIGN ORG | The Provider Administrator removes access to infrastucture from an organization. |
| INSTANCE PLANS | CREATE INSTANCE PLAN | The Provider Administrator configures an instance plan. |
| INSTANCE PLANS | DELETE INSTANCE PLAN | The Provider Administrator deletes an instance plan. |
| INSTANCE PLANS | UPDATE INSTANCE PLAN | The Provider Administrator updates an instance plan. |
| LDAP SETTINGS | CREATE LDAP SETTINGS | The Provider Administrator configures LDAP settings. |
| LDAP SETTINGS | UPDATE LDAP SETTINGS | The Provider Administrator updates LDAP settings. |
| LOG BUNDLE | PROVIDER LOG BUNDLE | The Provider Administrator generates a system log bundle. |
| LOG BUNDLE | AGENT LOG BUNDLE | A user initiates generation of an agent log bundle. |
| ORGANIZATIONS | CREATE ORG | The Provider Administrator creates an organization. |
| ORGANIZATIONS | UPDATE ORG | The Provider Administrator updates an organization. |
| PROVIDER | PROVIDER BACKUP | DMS takes a backup of the Provider internal vPostgres database. |
| PROVIDER | PROVIDER RESTORE | A Provider backup is restored on a Provider VM. |
| PROVIDER HA | DELETE STANDBY FROM PRIMARY | The Provider Administrator deletes a Standby Provider. |
| PROVIDER HA | PROVIDER FAILOVER | The Provider Administrator promotes a Standby Provider to Primary. |
| PROVIDER HA | REGISTER CLUSTER | The Provider Administrator registers a Provider High Availability cluster. |
| PROVIDER HA | REGISTER PRIMARY | The Provider Administrator registers a Primary Provider. |
| PROVIDER HA | DELETE STANDBY FROM PRIMARY | The Provider Administrator deletes a Standby Provider. |
| SMTP SETTINGS | CREATE SMTP SETTINGS | The Provider Administrator configures SMTP settings. |
| SMTP SETTINGS | UPDATE SMTP SETTINGS | The Provider Administrator updates SMTP settings. |
| UPDATE | AGENT UPDATE | An Agent software update is initiated. |
| UPDATE | DB UPDATE | A software update (any component) is initiated on a Service Instance. |
| UPDATE | PROVIDER UPDATE | The Provider Administrator initiates a Provider software update. |
| USER MANAGEMENT | CREATE USER | The Provider Administrator adds a user. |
| USER MANAGEMENT | UPDATE USER | The Provider Administrator updates a user's role or contact number. |
| USER MANAGEMENT | DELETE USER | The Provider Administrator deletes a user. |
| USER MANAGEMENT | PASSWORD CHANGE | A user changes their password. |
| USER MANAGEMENT | PROVIDER FORCE RESET PASSWORD | The Provider Administrator resets a user's password. |
| USER MANAGEMENT | PASSWORD RECOVERY | A user initiates password recovery using the Forgot Password link. |
Purging the System Audit Events
DMS generates system audit events, but does not manage them. You are responsible for manually purging the events that you no longer require using the Data Management for VMware Tanzu API.
API endpoint:
DELETE https://<provider-ip-address>/audit
Provide the time period for which you want DMS to delete the events in the request parameters:
{
fromTime: <date-time-string>
toTime: <date-time-string>
{
