You can track user console and API actions by examining the system audit events that Data Management for VMware Tanzu generates. Data Management for VMware Tanzu also generates audit events for actions that it initiates. You monitor these events in the System Audit Events view.
Note: The
System Audit Events view is the only Data Management for VMware Tanzu console location where you can track non-database-related operations and tasks.
The System Audit Events view displays the following information:
- The Component identifies the name of the Data Management for VMware Tanzu component performing the operation.
- The Event Type identifies the type of audited event or operation.
- The Event Details column provides operation-specific details related to the audit event.
- The Event Time identifies the time at which the audit event occurred.
- The Status column identifies the status of the audit event.
- The Source column identifies the entity that initiated the operation - a Data Management for VMware Tanzu user identifier (Email ID) or
Auto(Data Management for VMware Tanzu-initiated).
About the System Audit Event Types
Data Management for VMware Tanzu generates audit events for the following operations:
| Component | Audit Event Type | Operation Description |
|---|---|---|
| AUTHENTICATION | LOGIN | A user logs in to the Data Management for VMware Tanzu console or API. |
| AUTHENTICATION | LOGOUT | A user logs out of the Data Management for VMware Tanzu console or API. |
| DB MANAGEMENT | CHANGE OF TEMPLATE STATUS | The status of a database template changes. |
| DB MANAGEMENT | EULA NOT ACCEPTED | The account associated with the Tanzu Network Refresh Token account did not accept the license. |
| DB MANAGEMENT | NEW DB TEMPLATE | A new database database template is available. |
| DB OPERATION | BACKUP DB | Data Management for VMware Tanzu or a user initiates a backup of a database (manual or automated). |
| DB OPERATION | CHANGE DB OPTIONS | A user updates the database engine-specific options of a database. |
| DB OPERATION | CLONE DB | A user clones a database. |
| DB OPERATION | CREATE DB | A user creates a database. |
| DB OPERATION | CREATE READ REPLICA | A user creates a Read Replica of a database. |
| DB OPERATION | DB LOG GENERATION | A user generates a database log bundle. |
| DB OPERATION | DELETE BACKUP | A user deletes a backup of a database. |
| DB OPERATION | DELETE DB | A user deletes a database. |
| DB OPERATION | DELETE REPLICA | A user deletes a Read Replica database. |
| DB OPERATION | DISABLE DB VM SSH | A user deactivates SSH access to a database. |
| DB OPERATION | DISABLE SSL | A user deactivates a TLS access requirement on a database. |
| DB OPERATION | ENABLE DB VM SSH | A user enables SSH access to a database. |
| DB OPERATION | ENABLE SSL | A user requires TLS-secured connections to access a database. |
| DB OPERATION | EXTEND DB DISK | A user increases the disk resources for a database. |
| DB OPERATION | MODIFY BACKUP CONFIG | A user modifies the backup configuration for a database. |
| DB OPERATION | MODIFY DB CONFIG | An Organization Administrator modifies monitoring mode or maintenance policy of a database. |
| DB OPERATION | OWNER CHANGE | A user or Organization Administrator changes the owner of a database. |
| DB OPERATION | PITR | A user restores a backup from a specific point in time to a new a database. |
| DB OPERATION | POWER OFF DB | A user powers off a database. |
| DB OPERATION | POWER ON DB | A user powers on a database. |
| DB OPERATION | PROMOTE REPLICA | A user promotes a Read Replica to a Primary database. |
| DB OPERATION | PROTECT DB | Data Management for VMware Tanzu or a user enables backups on a database. |
| DB OPERATION | RECOVER | A Provider Administrator or Organization Administrator recovers a database to a specified backup. |
| DB OPERATION | RESTORE DB | A user restores a backup to a new a database. |
| DB OPERATION | SCALE DB DISK | A user updates the vCPU or memory resources for a database. |
| DMS RELEASE | DMS LOAD RELEASES | Data Management for VMware Tanzu loads and processes a new software release. |
| EXTERNAL STORAGE | CREATE EXTERNAL STORAGE | The Provider Administrator configures an external storage setting (Provider Repo, Tanzu Network Refresh Token, Provider Log Repo, Provider Backup Repo). |
| EXTERNAL STORAGE | REMOVE EXTERNAL STORAGE | The Provider Administrator removes the Provider Backup Repo external storage setting. |
| EXTERNAL STORAGE | UPDATE EXTERNAL STORAGE | The Provider Administrator updates an external storage setting (Provider Repo, Tanzu Network Refresh Token, Provider Log Repo, Provider Backup Repo). |
| ENVIRONMENT | ASSIGN ORG | The Provider Administrator shares environment with a new organization. |
| ENVIRONMENT | FETCH ENVIRONMENT DETAILS | The Organization Administrator fetches vCenter credentials, Application and Control Plane networks, VM Datastores, or Local and Cloud Storage credentials for an organization. |
| ENVIRONMENT | UPDATE ENVIRONMENT DETAILS | The Organization Administrator updates vCenter credentials, Application and Control Plane networks, VM Datastores, or Local and Cloud Storage credentials for an organization. |
| ENVIRONMENT | UNASSIGN ORG | The Provider Administrator removes access to environment from an organization. |
| VM PLANS | CREATE VM PLAN | The Provider Administrator configures an VM plan. |
| VM PLANS | DELETE VM PLAN | The Provider Administrator deletes an VM plan. |
| VM PLANS | UPDATE VM PLAN | The Provider Administrator updates an VM plan. |
| LDAP SETTINGS | CREATE LDAP SETTINGS | The Provider Administrator configures LDAP settings. |
| LDAP SETTINGS | UPDATE LDAP SETTINGS | The Provider Administrator updates LDAP settings. |
| LOG BUNDLE | PROVIDER LOG BUNDLE | The Provider Administrator generates a system log bundle. |
| LOG BUNDLE | AGENT LOG BUNDLE | A user initiates generation of an agent log bundle. |
| ORGANIZATIONS | CREATE ORG | The Provider Administrator creates an organization. |
| ORGANIZATIONS | UPDATE ORG | The Provider Administrator updates an organization. |
| ORGANIZATIONS | ASSIGN TAG | The Organization User or Organization Administrator assigns a tag to a database. |
| ORGANIZATIONS | CREATE TAG | The Organization User or Organization Administrator creates a tag. |
| ORGANIZATIONS | DELETE TAG | The Organization User or Organization Administrator deletes a tag. |
| ORGANIZATIONS | REMOVE TAG | The Organization User or Organization Administrator removes a tag from a database. |
| ORGANIZATIONS | RENAME TAG | The Organization User or Organization Administrator renames the tag. |
| PROVIDER | PROVIDER BACKUP | Data Management for VMware Tanzu takes a backup of the Provider internal vPostgres database. |
| PROVIDER | PROVIDER RESTORE | A Provider backup is restored on a Provider VM. |
| PROVIDER HA | DELETE STANDBY FROM PRIMARY | The Provider Administrator deletes a Standby Provider. |
| PROVIDER HA | PROVIDER FAILOVER | The Provider Administrator promotes a Standby Provider to Primary. |
| PROVIDER HA | REGISTER CLUSTER | The Provider Administrator registers a Provider High Availability cluster. |
| PROVIDER HA | REGISTER PRIMARY | The Provider Administrator registers a Primary Provider. |
| PROVIDER HA | DELETE STANDBY FROM PRIMARY | The Provider Administrator deletes a Standby Provider. |
| SMTP SETTINGS | CREATE SMTP SETTINGS | The Provider Administrator configures SMTP settings. |
| SMTP SETTINGS | UPDATE SMTP SETTINGS | The Provider Administrator updates SMTP settings. |
| UPDATE | AGENT UPDATE | An Agent software update is initiated. |
| UPDATE | DB UPDATE | A software update (any component) is initiated on a database. |
| UPDATE | PROVIDER UPDATE | The Provider Administrator initiates a Provider software update. |
| USER MANAGEMENT | CREATE USER | The Provider Administrator adds a user. |
| USER MANAGEMENT | UPDATE USER | The Provider Administrator updates a user's role or contact number. |
| USER MANAGEMENT | DELETE USER | The Provider Administrator deletes a user. |
| USER MANAGEMENT | PASSWORD CHANGE | A user changes their password. |
| USER MANAGEMENT | PROVIDER FORCE RESET PASSWORD | The Provider Administrator resets a user's password. |
| USER MANAGEMENT | PASSWORD RECOVERY | A user initiates password recovery using the Forgot Password link. |
About the Source Types for System Audit Events
Data Management for VMware Tanzu displays one of the following five types of Source for the audit events listed in the System Audit Events view.
- For the events that Data Management for VMware Tanzu triggers without any user intervention, System is specified as the Source.
- For the events that a Provider user triggers, <provider_email_id> is specified as the Source.
- For the events that a Provider user triggers to configure or manage Provider High Availability (HA) clusters, Provider is specified as the Source.
- For the events that an Organization Administrator triggers, <org_admin_email_id> is specified as the Source.
- For the events that an Organization User triggers, <org_user_email_id> is specified as the Source.
Exporting Information About Audit Events
Data Management for VMware Tanzu allows you to export information about the audit events in the CSV and XLSX file format. You can perform various operations, comparisons, and analysis on the exported data to facilitate decisions, for example, frequency of a particular operation.
The following information is exported in the CSV or XSLX file format, as required:
- Component that represents the component on which the audit event has been performed
- Event Type that represents the type of the audit event
- Event Details that represents more information about the audit event, for example failure or success of the event
- Event Time(UTC) that represents the date of creation of the audit event in UTC
- Status that represents the status of the audit event
- Source that represents user that has performed the audit event
Information about all the audit events that is visible to a particular user, Provider Administrator, Organization Administrator, or Organization User, is exported irrespective of the number of audit events listed on a page.
Procedure
Perform the following steps to export information about the audit events in the CSV and XLSX file format:
Navigate to the System Audit pane at the left of the UI.
Click the ACTIONS drop-down menu in the top right side of the System Audit Events view, and then select Export to CSV or Export to XLSX.
The information about all the audit events is exported in either CSV or XLSX file format, as selected.
Open the exported file, convert the content of the Date column to a custom format (if you have downloaded a CSV file and opened it in an XLSX application), and then save it for further use and analysis.
Purging the System Audit Events
Data Management for VMware Tanzu generates system audit events, but does not manage them. You are responsible for manually purging the events that you no longer require using the Data Management for VMware Tanzu API.
API endpoint:
DELETE https://<provider-ip-address>/audit
Provide the time period for which you want Data Management for VMware Tanzu to delete the events in the request parameters:
{
fromTime: <date-time-string>
toTime: <date-time-string>
{
