Audit Users and the Environment in VMware Aria Operations

At times, you might need to provide documentation as an evidence of the sequence of activities that took place in your VMware Aria Operations environment. Auditing allows you to view the users, objects, and information that is collected. To meet audit requirements, such as for business critical applications that contain sensitive data that must be protected, you can generate reports on the activities of your users, the privileges assigned to users to access objects, and the counts of objects and applications in your environment.

Auditing reports provide traceability of the objects and users in your environment.

User Activity Audit: Run this report to understand the scope of user activities, such as logging in, actions on clusters and nodes, changes to system passwords, activating certificates, and logging out.
User Permissions Audit: Generate this report to understand the scope of user accounts and their roles, access groups, and access privileges.
System Audit: Run this report to understand the scale of your environment. This report displays the counts of configured and collecting objects, the types and counts of adapters, configured and collecting metrics, super metrics, applications, and existing virtual environment objects. This report can help you determine whether the number of objects in your environment exceeds a supported limit.
System Component Audit: Run this report to display a version list of all the components in your environment.

Reasons for Auditing Your Environment

Auditing in VMware Aria Operations helps data center administrators in the following types of situations.

You must track each configuration change to an authenticated user who initiated the change or scheduled the job that performed the change. For example, after an adapter changes an object, which is associated with a specific object identifier at a specific time, the data center administrator can determine the principal identifier of the authenticated user who initiated the change.
You must track who made changes to your data center during a specific range of time, to determine who changed what on a particular day. You can identify the principal identifiers of authenticated users who were logged in to VMware Aria Operations and running jobs, and determine who initiated the change.
You must determine which objects were affected by a particular user during a time-specific range of time.
You must correlate events that occurred in your data center, and view these events overlayed so that you can visualize relationships and the cause of the events. Events can include login attempts, system start up and shutdown, application failures, watchdog restarts, configuration changes of applications, changes to security policy, requests, responses, and status of success.
You must validate that the components installed in your environment are running the latest version.