vRealize Automation offers audit logging to support collection and retention of important system events.
Currently, vRealize Automation supports audit logging as an extension of event logging. This functionality provides basic auditing information, and retention settings are configurable only using the appropriate vRealize Automation REST API event broker service calls. Audit logging is currently available to tenant administrators and system administrators who can log on to tenants. It provides search and filter capabilities for events.
By default, vRealize Automation supports audit logging for workflow subscription, endpoint, and fabric group create, update, and delete events. vRealize Automation also supports audit logging customization for a variety of IaaS events as well.
vRealize Automation audit logging is disabled by default. You can switch it on or off by toggling the Enabled check box in the Audit Log Integration section on the page of the virtual appliance management interface.
Audit log information appears on the standard Event Logs page. As a tenant admin, selectto view this page. Audit events are identified in the event log table with the designation Audit in the Event Type field. Each entry shows an Event Description for each event as well as the Tenant, Time, User, and related Service Name.
Enabling audit logging for any other IaaS events requires a custom configuration file and running the appropriate commands on your IaaS host machine. Contact VMware Professional Services for assistance.
You can configure vRealize Automation to export events to an external syslog server, specifically VMware Log Insight.