Audits
This page describes how to use Lenses to enable auditing to track every action in Lenses.
Last updated
Was this helpful?
This page describes how to use Lenses to enable auditing to track every action in Lenses.
Lenses audits all user actions. Audit events can be viewed in Lenses and also sent to two channels, Splunk and Webhook.
For version below Lenses 6.0 omit the environment selection.
Audits can also written to a file by setting a file path in the lenses.audit.to.log.file option in lenses.conf. Lenses will then write audit entries to disk as JSON for collection by your log aggregation systems.
Go to Environments->[Your Environment]->Audit Logs. Lenses will display the activity including, who performed the action and when. Details can also be viewed (dependent on the action).
To send audit logs to Splunk, you first need a Splunk connection.
Go to Environments->[Your Environment]->Configuration and select Splunk and enter your required details in the editor.
Go to Environments->[Your Environment]->Audits->Channels and create a new channel with your connection.
First, you need a Webhook connection.
Go to Environments->[Your Environment]->Configuration and select Webhook and enter your required details in the editor.
Go to Environments->[Your Environment]->Audits->Channels and create a new channel with your connection.
Enter:
Choose a name for your Channel instance.
Select your connection.
Set the HTTP method to use.
Set the Request path. A URI-encoded request path, which may include a query string. Supports alert-variable interpolation.
Set the HTTP Headers
Set the Body payload
Lenses can also audit users' access to data and send events to multiple channels at the same time.
Last updated
Was this helpful?
Was this helpful?