Audit Logs

Introduction

The Audit Logs section displays the logs of all the projects of your Catalyst account. It enables you to keep track of a host of different activities performed in your projects by various collaborators.

Access to the audit logs is based on the permissionsgranted to a project member’s profile. That is, if the permission to access the Audit Logs is granted in the Editor or Viewer access type for a project member, they will be able to view the logs in the console. An admin of a Catalyst account can access all audit logs by default.

Audit Logs include two different types of logs:

  • Console Logs: Includes the logs of activities performed in various components and the configurations of metadata. For example, if a new column is added in the Data Store, a rule is updated in Event Listeners, or a cron job is deleted in your project, the details of these activities will be displayed in this section.
  • Application Logs: Includes the logs of activities performed at the application level, that is the addition, modification, and deletion of sensitive data in the Data Store and File Store components. For example, if data is inserted or updated into a column that is marked as sensitive, or a file is deleted from a folder marked as sensitive, the details of these activities will be displayed in this section.
Note: Catalyst enables you to mark columns in the DataStore or folders in the File Store as "sensitive" while creating or updating them to adhere to all relevant and applicable data protection laws and privacy guidelines, such as GDPR and HIPAA regulations, because user data can contain sensitive information. The application logs display all activities performed in these sensitive columns or folders to be in compliance with these data protection regulations.

Catalyst displays the logs of the last one year for all projects in the console. However, you can fetch logs from upto six years ago by exporting them. This will generate a downloadable ZIP file that will contain logs of the last six years.

Console Logs

You can access Audit Logs from the settings in your Catalyst console. As mentioned earlier, the console logs will only include logs of component configurations such as cache, cron, or API Gateway configurations, and logs of metadata activities, such as the creation or deletion of Data Store columns, Folder role permissions.

catalyst_console_audit

You can select the project for the console logs to be displayed from the Project drop-down.

The Features drop-down shows the features that you can filter the logs based on, such as, Datastore Table, Datastore Column, Cache, Sign-in Method, Email Domain, Table Row Permissions, etc.

You can filter the logs based on one of the three operations: Create, Update, or Delete, from the Operations drop-down. Click Apply after you select the filters to view the results.

The logs display details such as the date and time of the activity and the collaborator that performed the activity besides the operation, feature, and project name.

Note: The console logs will only be applicable to the development environment as component configurations cannot be performed in the production environment.

Application Logs

The application logs enable admins, and project members with the necessary permissions, to keep a track of all sensitive user data, to comply with standard data protection laws and privacy guidelines.

These logs will therefore only display the following activities:

  • Any creation, updation, or deletion of rows in a column marked as “sensitive” in the Data Store
  • Any creation or deletion of files in a folder marked as “sensitive” in the File Store catalyst_console_audit_application

Similar to the Console Logs, you can select the project for the application logs to be displayed from the Project drop-down.

You can filter the feature as “Datastore Row” or “File” from the Features drop-down, and the operation as Create, Update, or Delete, from the Operations drop-down to display only relevant results.

Application logs are available in both development and production environments as sensitive data can be added, modified, or removed in both. You can therefore also filter the logs based on the environment from the Environment drop-down. Click Apply after you select the filters to view the results.

The logs display details such as the date and time of the activity and the collaborator that performed the activity besides the operation, feature, and project name.

Export Logs

You can export the logs of all projects in your account from upto six years ago and download a ZIP file of these logs into your local system.

Note: Only Catalyst account admins will be able to view the Export Logs link in their console, and be able to export audit logs and download them. This feature will not be available to project members.
  1. Click Export Logs to begin exporting.
    catalyst_console_audit_export_1

  2. You can choose to export the Console Logs or Application Logs, or both, and click Export.
    catalyst_console_audit_export_2
    Catalyst will then begin the export process.
    catalyst_console_audit_export_3

  3. You will receive a notification when the export is done. You will find an info at the bottom of your screen with the download link. You can download the logs from it.
    catalyst_console_audit_export_4
    You can also open the Export Logs pop-up window again to access the download link.
    catalyst_console_audit_export_5

The downloaded ZIP file will contain individual CSV files of each year from the last six years, with 2 files per year indicating the first half and second half of the year respectively, of the console logs or application logs or both based on your choice.

catalyst_console_audit_exported

For the current year, there will be separate CSV files of both the development and production environments for the application logs, and a single file for the console logs.

After you export logs for the first time, the download link of the last exported logs will always be shown in the Export Logs pop-up window anytime you open it. You can download them again, if required.

Last Updated 2023-05-02 13:30:19 +0530 +0530