Log Types#
The VOSS Automate system can log records of certain types, that can be logged locally or remotely. The log types contain events or transactions that originate from the:
User interface
API
Command Line Interface (CLI)
System activity (for example database connections)
The minimum specifications of the remote system for audit and event logs are:
2 VCPU’s
80 GB HDD
2GB RAM
Log types:
Audit
Important
The available types of audit logs are determined by the audit log rule set that is active - see: Audit Log Rule Sets
The details below show details on the contents of types of audit logs.
On the Admin Portal and Self-Service Portal GUI and API:
login and logout attempts (successful and unsuccessful) and session login time, logout time and expire events using any of the authentication methods:
SSO
LDAP
VOSS Automate
Expired sessions will only be logged at 5 minute intervals.
User account creations, modifications, disabling, and termination events. This means all create, update, delete operations on the
data/User
data model.User modifications include user move operations from one hierarchy to another.
In particular, operations on the list of VOSS Automate models or attributes below, for: add, modify and delete.
data/Role
data/AccessProfile
data/User.role
data/CredentialPolicy
Note that these operations on any created models that refer to these core models are not logged.
On the Command Line Interface (CLI):
login and logout attempts (successful and unsuccessful) and session login time, logout time and expire events; and also including:
root shell login and logout using the nrs script
ssh
scp
sftp
All root shell CLI commands are logged.
All CLI commands are logged. The audit log will show “CLI” or “Cluster” depending on how command was run.
For the creation of schedules (using schedule), these are logged, but the scheduled commands are not logged when they execute.
This includes for example user account creations, modifications, disabling, and termination events commands from the CLI:
user add
user del
user grant
user revoke
user list
voss unlock_sysadmin_account
Event
All transactions, sub-transactions as well as their details as seen when viewing the Transaction Log in the GUI.
Note that the detailed logs are not recorded. In other words, the rows of entries under the Logs table of a transaction as seen in the GUI under Administration Tools > Transaction are not shown in the event log, since the primary purpose of the log is auditing: “who did what”.
Stream
Refers to the method of distribution of selected log files to a syslog server.
See: Log Streaming