There is a service in OCI known as Audit service which records calls to all supported Oracle Cloud Infrastructure public application programming interface (API) endpoints as log events. By default, Audit logs are retained for 365 days. Retention period is a tenancy-level setting. The value of the retention period setting affects all regions and all compartments. The retention period cannot be changed. Currently, all services support logging by Audit.
Information in the logs includes the following:
Time the API activity occurred
Source of the activity
Target of the activity
Type of action
Type of response
In this post, we will stop the instance and through audit service, we will find the details on who did what.
We will open the compute instance and choose the Audit option
.png)
Once we click on apply, the results will be displayed in below format
Now filter with "POST"
Click on the drop down option on the right most side,
Expand the "StatusChange" option
Now to know who did it, click on the identity option
Thus in an environment, where you have many users accessing console and doing the activities, the OCI Audit Service helps us to know the details in a much granular manner. I hope this post will be helpful for someone. Till then, happy learning cloud
No comments:
Post a Comment