Audit logs capture administrative actions carried out in the system. These actions are regular CRUD operations, login and logout alerts. The audit logs capture the actions from API, UI, and CLI.
- The audit log feature is always on.
- vRealize Network Insight supports the UTC format in the audit logs.
- The audit log is integrated with the syslog. You can configure the syslog collector to collect all the audit logs.
- You can export all the audit log data in a CSV file.
Currently, the following administrative actions are not captured in audit logs:
- SSH login logs. You can find the SSH logs in /var/log/auth.log.
- Changes in Physical IP and DNS Mapping.
- Changes in Physical Subnets and VLANS.
Procedure
- On the Settings page, click Audit Logs under Logs.
- The following details are shown on the Audit Logs page:
Information |
Description |
Date & Time |
Timestamp of the actual action performed. |
IP Address |
IP address of the client from which the connection is established such as the CLI or the browser. |
User Name |
User who is performing the action. |
Object Type |
Object on which the action is being performed. |
Operation |
Different actions that the user performs on the object. |
Object Identifier |
Unique identifier for that particular object on which the action is being performed. |
Response |
Indicator for success or failure of the operation |
Details |
Details of the settings that have been changed such as the nickname or a property. |
- To allow the collection of information when the user logs in through a browser or CLI, enable Allow collection of Personally Identifiable Information. This option is deactivated by default.
Note: The
IP Address
and the
User Name
columns are blank if this option is deactivated.
- Click Export as CSV to export the audit log data in the CSV format.