The DatoCMS Blog

Even more control for your sensitive projects: introducing Audit Logs

Posted on August 5th, 2021 by Stefano Verna

Today, we're happy to publicly release another vital feature for our Enterprise customers and fast growing startups: Audit Logs.

The system we developed offers every detail of any action performed inside DatoCMS. It is filterable, exportable, and accessible via API:

Audit Logs interface
The new Audit Log section in the Settings area

What is an Audit Log?

Audit Logs are a valuable resource for admins and auditors who want to examine suspicious activity or diagnose and troubleshoot issues. Also called "audit trail", they take note of just about every change within a system, and provide a complete track record of your system’s operations.

Advantages of Audit Logs

These logs can give both IT teams and businesses invaluable insight into what behaviour is normal and what behaviour isn’t.

Improved Security

Audit logs help with security because they provide records of all IT activity, including suspicious activity. Event log auditing is also important for cybersecurity because it provides records that can serve as evidence. A comprehensive and in-depth log audit can make all the difference in the event of a legal battle and can protect your business from liability.

Proving Compliance

Externally, audit logs are critical for proving compliance with common regulations like HIPAA and PCI DSS and serve as an official record businesses can use to prove they were in compliance with the law. For many businesses, it’s necessary to share logs with auditors on a regular basis, especially if an issue occurs. Using audit logs to comply with regulations can protect businesses from major fines and penalties.

Gaining insight

Audit logs record how often someone accesses a certain record or asset, which can give a company invaluable insight. For example, you can use a log audit to learn about user activity, which could be used to boost efficiency, security and performance.

Network engineers, helpdesk staff, developers, and administrators are likely to use these logs internally to boost performance, increase accountability, and keep the system stable. This is because log files provide historical visibility into activity, so changes won’t go overlooked.

Filterable, exportable format

Events are stored in JSON, and contains the following information:

  • the date of the event;

  • the user who performed the action;

  • its role at that specific point in time;

  • the environment where the action took place;

  • the complete request/response HTTP payload.

Here's an example:

1
{
2
"id": "01FC31EHYYR0MF7J7GEJK2TFM0",
3
"type": "audit_log_event",
4
"attributes": {
5
"action_name": "items.update",
6
"actor": {
7
"type": "account",
8
"name": "servizi@datocms.com",
9
"id": "42011"
10
},
11
"role": null,
12
"environment": {
13
"id": "new-use-cases",
14
"primary": true
15
},
16
"request": {
17
"path": "/items/49955591",
18
"id": "e2b2cceb-a4ff-433f-8726-bf2b4da5b33d",
19
"method": "PUT",
20
"payload": { ... }
21
},
22
"response": {
23
"status": "200",
24
"payload": { ... }
25
}
26
},
27
"meta": {
28
"occurred_at": "2021-08-02T08:59:54.000+00:00"
29
}
30
}

You can easily filter the interesting events via UI using an SQL-like syntax:

1
# Return actions of type 'items.update'
2
action_name = 'items.update'
3
4
# Return actions performed by a collaborator
5
actor.type = 'user'
6
7
# Return actions performed by a specific collaborator
8
actor.type = 'user' AND actor.id = '4845293'
9
10
# Return publishing actions for the record 239408
11
request.path = '/items/239408/publish'
12
13
# Return all record creations for the model 855832
14
action_name = 'items.create' AND request.payload.data.relationships.item_type.data.id = '855832'

Accessible via API

Enterprise admins use specialised tools called SIEM (Security Information and Event Management) to ingest audit logs and provide search, grouping, and visualisation.

For this reason we made our system very easy to plug in any SIEM by providing a complete API that offers the full history of your project's events.

Try Audit Logs now!

Audit Logs is a feature enabled only for Enterprise customers. If your company is interested in this feature, please contact our Sales team for more details on pricing, we'll be happy to offer you a one-month trial.

Start using DatoCMS today
According to Gartner 89% of companies plan to compete primarily on the basis of customer experience this year. Don't get caught unprepared.
  • No credit card
  • Easy setup
Subscribe to our newsletter! 📥
One update per month. All the latest news and sneak peeks directly in your inbox.
support@datocms.com ©2024 Dato srl, all rights reserved P.IVA 06969620480