Audit logs capture administrative actions carried out in the system. These actions are regular CRUD operations, login and logout alerts. The audit logs capture the actions from API, UI, and CLI.
- The audit log feature is always on.
- vRealize Network Insight supports the UTC format in the audit logs.
- The audit log is integrated with the syslog. You can configure the syslog collector to collect all the audit logs.
- You can export all the audit log data in a CSV file.
- SSH login logs. You can find the SSH logs in /var/log/auth.log.
- Changes in Physical IP and DNS Mapping.
- Changes in Physical Subnets and VLANS.
- On the Settings page, click Audit Logs under Logs.
- The following details are shown on the Audit Logs page:
Date & Time
Timestamp of the actual action performed.
IP address of the client from which the connection is established such as the CLI or the browser.
User who is performing the action.
Object on which the action is being performed.
Different actions that the user performs on the object.
Unique identifier for that particular object on which the action is being performed.
Indicator for success or failure of the operation
Details of the settings that have been changed such as the nickname or a property.
- To allow the collection of information when the user logs in through a browser or CLI, enable Allow collection of Personally Identifiable Information. This option is disabled by default.
IP Addressand the
User Namecolumns are blank if this option is disabled.
- Click Export as CSV to export the audit log data in the CSV format.