Viewing operations with a trail
All actions with Audit Trails resources are logged as a list of operations. Each operation is assigned a unique ID.
Getting a list of operations
-
In the management console, open the folder where the trail resides.
-
Select Audit Trails.
-
In the left-hand panel, select Trails.
-
Select the trail you need.
-
Go to the Operations panel for the selected trail.
You will see a list of operations with the selected trail.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.
To get a list of operations for a trail, run this command:
yc audit-trails trail list-operations <trail_name_or_ID>
Result:
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
| ID | CREATED AT | CREATED BY | MODIFIED AT | STATUS | DESCRIPTION |
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
| cnpne9jsof71******** | 2024-03-26 16:57:32 | aje9k8luj4qf******** | 2024-03-26 16:57:32 | DONE | operation_update |
| cnp7308f90cf******** | 2024-03-26 16:50:22 | aje9k8luj4qf******** | 2024-03-26 16:50:23 | DONE | operation_create |
+----------------------+---------------------+----------------------+---------------------+--------+------------------+
By default, information about operations is provided as text. To get detailed information, specify the yaml or json output data format using the --format flag:
yc audit-trails trail list-operations <trail_name_or_ID> --format yaml
Result:
- id: cnpne9jsof71********
description: operation_update
created_at: "2024-03-26T16:57:32.085739756Z"
created_by: aje9k8luj4qf********
modified_at: "2024-03-26T16:57:32.324291102Z"
done: true
metadata:
'@type': type.googleapis.com/yandex.cloud.audittrails.v1.UpdateTrailMetadata
trail_id: cnpr443sd0c0********
- id: cnp7308f90cf********
description: operation_create
created_at: "2024-03-26T16:50:22.501Z"
created_by: aje9k8luj4qf********
modified_at: "2024-03-26T16:50:23.963321235Z"
done: true
metadata:
'@type': type.googleapis.com/yandex.cloud.audittrails.v1.CreateTrailMetadata
trail_id: cnpr443sd0c0********
Use the listOperations REST API method for the Trail resource or the TrailService/ListOperations gRPC API call.
Getting detailed information about an operation
-
Get a list of operations for the resource.
-
Copy the ID of the operation.
-
Get detailed information about the operation:
CLIAPIIf you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the
--folder-nameor--folder-idparameter.Run this command:
yc operation get <operation_ID>Result:
id: cnpne9jsof71******** description: operation_update created_at: "2024-03-26T16:57:32.085Z" created_by: aje9k8luj4qf******** modified_at: "2024-03-26T16:57:32.324Z" done: true metadata: '@type': type.googleapis.com/yandex.cloud.audittrails.v1.UpdateTrailMetadata trail_id: cnpr443sd0c0******** response: '@type': type.googleapis.com/yandex.cloud.audittrails.v1.Trail id: cnpr443sd0c0******** folder_id: b1g681qpemb4******** created_at: "2024-03-26T16:50:22.505Z" updated_at: "2024-03-26T16:57:32.111Z" name: operat-ions destination: object_storage: bucket_id: for-******** object_prefix: nuts service_account_id: ajeevjv1lv01******** status: ACTIVE filter: path_filter: root: any_filter: resource: id: b1g681qpemb4******** type: resource-manager.folder event_filter: {} cloud_id: b1gia87mbaom********Use the OperationService/Get gRPC API call.