Preview
Yandex Audit Trails

A service for collecting and exporting audit logs about events in Yandex.Cloud resources.
This service is at the Preview stage and can be used free of charge.

Documentation
Flexible audit log collection settings
Choose which resources to collect logs from: an organization and all of its clouds, a specific cloud, or certain folders within a cloud.
Integration with Object Storage
Export audit logs to an encrypted Object Storage bucket. Store logs for further analysis or export them to a third-party system.
Integration with Cloud Logging
Export events to Cloud Logging to view and analyze events from the last few days.
Functions triggered by security events
Integration with Cloud Logging and Cloud Functions lets you set up triggers for events collected by Audit Trails to promptly respond to these events or notify users.
Online monitoring
Use the Yandex Monitoring service dashboard to display the frequency of events by service or event type and create alerts for them.

Use Audit Trails in your projects

Investigating incidents

All information about actions with key resources is available in one place. Quickly get all the information there is about actions with specific resources.

Audits and certification

Yandex Audit Trails simplifies the process of confirming compliance with security requirements and providing information for internal and external audits. The service logs all security events at the cloud platform level and lets you store them in an encrypted bucket and export them to third-party systems.

User action control

All events are registered in the monitoring system: set up alerts to not miss a thing. Use Yandex Cloud Functions to set up triggers for Audit Trails events and set preventive actions.

Which events does Yandex Audit Trails log?

Event type
Logins by federated users
Creation/deletion of service accounts
Creation/deletion of service account keys
Changing user roles and service accounts
Creation/deletion of resources
Changing to resource settings
Stopping/restarting of a resource
Changes to access policies
Creation/changing of security groups
Actions with encryption keys and secrets

FAQ

What are the Yandex Audit Trails entities?

A trail is the main Yandex Audit Trails resource responsible for collecting and delivering audit logs of Yandex.Cloud resources to Object Storage buckets or Cloud Logging log groups.
In the trail settings, you can choose where to collect audit logs from:

  • Organization: Audit logs from all of an organization’s resources in all of its clouds.
  • Cloud: Audit logs from resources in all the folders of a specific cloud.
  • Individual folders: Audit logs from resources in a specific folder in one cloud.

A trail is the main Yandex Audit Trails resource responsible for collecting and delivering audit logs of Yandex.Cloud resources to Object Storage buckets or Cloud Logging log groups.
In the trail settings, you can choose where to collect audit logs from:

  • Organization: Audit logs from all of an organization’s resources in all of its clouds.
  • Cloud: Audit logs from resources in all the folders of a specific cloud.
  • Individual folders: Audit logs from resources in a specific folder in one cloud.

For which Yandex.Cloud services are audit logs collected?

  • Audit Trails
  • Cloud Logging
  • Compute Cloud
  • Identity and Access Management (IAM)
  • Key Management Service (KMS)
  • Lockbox
  • Object Storage
  • Resource Manager
  • Virtual Private Cloud
  • Yandex Database (YDB)
  • Audit Trails
  • Cloud Logging
  • Compute Cloud
  • Identity and Access Management (IAM)
  • Key Management Service (KMS)
  • Lockbox
  • Object Storage
  • Resource Manager
  • Virtual Private Cloud
  • Yandex Database (YDB)

How do I set up service access permissions?

You need to create a separate service account for a trail under which all actions for exporting logs to other services will be performed. You can grant access to this service account and manage it in IAM.

You need to create a separate service account for a trail under which all actions for exporting logs to other services will be performed. You can grant access to this service account and manage it in IAM.

How do I export Audit Trails logs to third-party systems?

We have created a solution library with instructions you can use to continuously transfer Audit Trails logs to external monitoring systems, databases, and SIEM systems.

We have created a solution library with instructions you can use to continuously transfer Audit Trails logs to external monitoring systems, databases, and SIEM systems.

Get started with Yandex Audit Trails