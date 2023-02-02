PreviewYandex Audit Trails
A service for collecting and exporting audit logs about events in Yandex Cloud resources.
This service is at the Preview stage and can be used free of charge.
Flexible audit log collection settings
Choose which resources to collect logs from: an organization and all of its clouds, a specific cloud, or certain folders within a cloud.
Integration with Object Storage
Export audit logs to an encrypted Object Storage bucket. Store logs for further analysis or export them to a third-party system.
Integration with Cloud Logging
Export events to Cloud Logging to view and analyze events from the last few days.
Functions triggered by security events
Integration with Cloud Logging and Cloud Functions lets you set up triggers for events collected by Audit Trails to promptly respond to these events or notify users.
Online monitoring
Use the Yandex Monitoring service dashboard to display the frequency of events by service or event type and create alerts for them.
Use Audit Trails in your projects
Investigating incidents
All information about actions with key resources is available in one place. Quickly get all the information there is about actions with specific resources.
Audits and certification
Yandex Audit Trails simplifies the process of confirming compliance with security requirements and providing information for internal and external audits. The service logs all security events at the cloud platform level and lets you store them in an encrypted bucket and export them to third-party systems.
User action control
All events are registered in the monitoring system: set up alerts to not miss a thing. Use Yandex Cloud Functions to set up triggers for Audit Trails events and set preventive actions.
Which events does Yandex Audit Trails log?
Getting started
Create an audit log and check its status and indicators in the monitoring system.
FAQ
What are the Yandex Audit Trails entities?
A trail is the main Yandex Audit Trails resource responsible for collecting and delivering audit logs of Yandex Cloud resources to Object Storage buckets or Cloud Logging log groups.
In the trail settings, you can choose where to collect audit logs from:
- Organization: Audit logs from all of an organization’s resources in all of its clouds.
- Cloud: Audit logs from resources in all the folders of a specific cloud.
- Individual folders: Audit logs from resources in a specific folder in one cloud.
For which Yandex Cloud services are audit logs collected?
- Audit Trails
- Cloud Logging
- Certificate Manager
- Compute Cloud
- Identity and Access Management (IAM)
- Key Management Service (KMS)
- Network Load Balancer
- Lockbox
- Managed Service for ClickHouse
- Managed Service for MongoDB
- Managed Service for MySQL®
- Managed Service for PostgreSQL
- Managed Service for Redis™
- Managed Service for YDB
- Object Storage
- Resource Manager
- Virtual Private Cloud
How do I set up service access permissions?
You need to create a separate service account for a trail under which all actions for exporting logs to other services will be performed. You can grant access to this service account and manage it in IAM.
How do I export Audit Trails logs to third-party systems?
We have created a solution library with instructions you can use to continuously transfer Audit Trails logs to external monitoring systems, databases, and SIEM systems.
