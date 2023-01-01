Comparing configuration-level and service-level event logs
Audit Trails audit logs may contain two types of events: configuration-level (Control Plane) and service-level (Data Plane).
Configuration-level events
Configuration-level (Control Plane) events include updates and actions related to Yandex Cloud resource configuration. Audit Trails logs configuration-level events for all supported services in your Yandex Cloud account by default.
Actions such as creating, updating, or deleting services, infrastructure components, users, or policies belong to this type of events. Examples of configuration-level events are creating an instance group, creating a federation in Identity and Access Management, or deleting a database cluster.
Service-level events
Service-level (Data Plane) events include updates and actions related to data and resources inside Yandex Cloud services. By default, Audit Trails does not log Data Plane events. You need to enable service-level audit log collection individually for each supported service.
Data Plane events can be logged for the following services:
- Yandex Cloud DNS
- Yandex Lockbox
- Yandex Key Management Service
- Yandex Object Storage
Examples of service-level events are reading, writing, or deleting objects in Amazon S3 buckets, invoking lambda functions, obtaining access to the contents of a secret, uploading objects to buckets, or encrypting a text string with a key.