Viewing Yandex Audit Trails resource operations
The system logs all actions with Audit Trails resources as a list of operations. Each operation gets its own unique ID.
Getting a list of operations
-
In the management console, open the folder where the trail resides.
-
Select Audit Trails.
-
In the left-hand panel, select Trails.
-
Select the trail you need.
-
Go to the Operations panel for the selected trail.
You will see a list of operations with the selected trail.
If you do not have the Yandex Cloud CLI installed yet, install and initialize it.
By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.
To get a list of operations for a trail, run this command:
yc audit-trails trail list-operations <trail_name_or_ID>
Result:
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
| ID | CREATED AT | CREATED BY | MODIFIED AT | STATUS | DESCRIPTION |
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
| cnpne9jsof71******** | 2024-03-26 16:57:32 | aje9k8luj4qf******** | 2024-03-26 16:57:32 | DONE | operation_update |
| cnp7308f90cf******** | 2024-03-26 16:50:22 | aje9k8luj4qf******** | 2024-03-26 16:50:23 | DONE | operation_create |
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
By default, operation information is displayed as text. To get more detailed information, specify the yaml or json output data format using the --format parameter:
yc audit-trails trail list-operations <trail_name_or_ID> --format yaml
Result:
- id: cnpne9jsof71********
description: operation_update
created_at: "2024-03-26T16:57:32.085739756Z"
created_by: aje9k8luj4qf********
modified_at: "2024-03-26T16:57:32.324291102Z"
done: true
metadata:
'@type': type.googleapis.com/yandex.cloud.audittrails.v1.UpdateTrailMetadata
trail_id: cnpr443sd0c0********
- id: cnp7308f90cf********
description: operation_create
created_at: "2024-03-26T16:50:22.501Z"
created_by: aje9k8luj4qf********
modified_at: "2024-03-26T16:50:23.963321235Z"
done: true
metadata:
'@type': type.googleapis.com/yandex.cloud.audittrails.v1.CreateTrailMetadata
trail_id: cnpr443sd0c0********
Use the listOperations REST API method for the Trail resource or the TrailService/ListOperations gRPC API call.
Getting operation details
-
Get a list of operations for the resource.
-
Copy the operation ID.
-
Get operation details:
CLIAPIIf you do not have the Yandex Cloud CLI installed yet, install and initialize it.
By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the
yc config set folder-id <folder_ID>command. You can also set a different folder for any specific command using the--folder-nameor--folder-idparameter.Run this command:
yc operation get <operation_ID>Result:
id: cnpne9jsof71******** description: operation_update created_at: "2024-03-26T16:57:32.085Z" created_by: aje9k8luj4qf******** modified_at: "2024-03-26T16:57:32.324Z" done: true metadata: '@type': type.googleapis.com/yandex.cloud.audittrails.v1.UpdateTrailMetadata trail_id: cnpr443sd0c0******** response: '@type': type.googleapis.com/yandex.cloud.audittrails.v1.Trail id: cnpr443sd0c0******** folder_id: b1g681qpemb4******** created_at: "2024-03-26T16:50:22.505Z" updated_at: "2024-03-26T16:57:32.111Z" name: operat-ions destination: object_storage: bucket_id: for-******** object_prefix: nuts service_account_id: ajeevjv1lv01******** status: ACTIVE filter: path_filter: root: any_filter: resource: id: b1g681qpemb4******** type: resource-manager.folder event_filter: {} cloud_id: b1gia87mbaom********Use the OperationService/Get gRPC API call.