Viewing Yandex Audit Trails resource operations

The system logs all actions with Audit Trails resources as a list of operations. Each operation gets its own unique ID.

Getting a list of operationsGetting a list of operations

yc audit-trails trail list-operations <trail_name_or_ID>

+----------------------+---------------------+----------------------+---------------------+--------+------------------+
|          ID          |     CREATED AT      |      CREATED BY      |     MODIFIED AT     | STATUS |   DESCRIPTION    |
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
| cnpne9jsof71******** | 2024-03-26 16:57:32 | aje9k8luj4qf******** | 2024-03-26 16:57:32 | DONE   | operation_update |
| cnp7308f90cf******** | 2024-03-26 16:50:22 | aje9k8luj4qf******** | 2024-03-26 16:50:23 | DONE   | operation_create |
+----------------------+---------------------+----------------------+---------------------+--------+------------------+

yc audit-trails trail list-operations <trail_name_or_ID> --format yaml

- id: cnpne9jsof71********
  description: operation_update
  created_at: "2024-03-26T16:57:32.085739756Z"
  created_by: aje9k8luj4qf********
  modified_at: "2024-03-26T16:57:32.324291102Z"
  done: true
  metadata:
    '@type': type.googleapis.com/yandex.cloud.audittrails.v1.UpdateTrailMetadata
    trail_id: cnpr443sd0c0********
- id: cnp7308f90cf********
  description: operation_create
  created_at: "2024-03-26T16:50:22.501Z"
  created_by: aje9k8luj4qf********
  modified_at: "2024-03-26T16:50:23.963321235Z"
  done: true
  metadata:
    '@type': type.googleapis.com/yandex.cloud.audittrails.v1.CreateTrailMetadata
    trail_id: cnpr443sd0c0********

Getting operation detailsGetting operation details

1. Get a list of operations for the resource.

2. Copy the operation ID.

3. Get the operation details:

   CLI

   API

   If you do not have the Yandex Cloud CLI yet, install and initialize it.

   The folder used by default is the one specified when creating the CLI profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also specify a different folder for any command using --folder-name or --folder-id. If you access a resource by its name, the search will be limited to the default folder. If you access a resource by its ID, the search will be global, i.e., through all folders based on access permissions.

   Run this command:

   yc operation get <operation_ID>
   

   Result:

   id: cnpne9jsof71********
   description: operation_update
   created_at: "2024-03-26T16:57:32.085Z"
   created_by: aje9k8luj4qf********
   modified_at: "2024-03-26T16:57:32.324Z"
   done: true
   metadata:
     '@type': type.googleapis.com/yandex.cloud.audittrails.v1.UpdateTrailMetadata
     trail_id: cnpr443sd0c0********
   response:
     '@type': type.googleapis.com/yandex.cloud.audittrails.v1.Trail
     id: cnpr443sd0c0********
     folder_id: b1g681qpemb4********
     created_at: "2024-03-26T16:50:22.505Z"
     updated_at: "2024-03-26T16:57:32.111Z"
     name: operat-ions
     destination:
       object_storage:
         bucket_id: for-********
         object_prefix: nuts
     service_account_id: ajeevjv1lv01********
     status: ACTIVE
     filter:
       path_filter:
         root:
           any_filter:
             resource:
               id: b1g681qpemb4********
               type: resource-manager.folder
       event_filter: {}
     cloud_id: b1gia87mbaom********
   

   Use the OperationService/Get gRPC API call.

See alsoSee also

• Working with operations