
PreviewYandex Audit Trails
A service for collecting and exporting audit logs about events in Yandex Cloud resources.
This service is at the Preview stage and can be used free of charge.
This service is at the Preview stage and can be used free of charge.
Flexible audit log collection settings
Choose which resources to collect logs from: an organization and all of its clouds, a specific cloud, or certain folders within a cloud.
Integration with Object Storage
Export audit logs to an encrypted Object Storage bucket. Store logs for further analysis or export them to a third-party system.
Integration with Cloud Logging
Export events to Cloud Logging to view and analyze events from the last few days.
Functions triggered by security events
Integration with Cloud Logging and Cloud Functions lets you set up triggers for events collected by Audit Trails to promptly respond to these events or notify users.
Online monitoring
Use the Yandex Monitoring service dashboard to display the frequency of events by service or event type and create alerts for them.
Which events does Yandex Audit Trails log?
Getting started
Create an audit log and check its status and indicators in the monitoring system.
FAQ
What are the Yandex Audit Trails entities?
A trail is the main Yandex Audit Trails resource responsible for collecting and delivering audit logs of Yandex Cloud resources to Object Storage buckets or Cloud Logging log groups.
In the trail settings, you can choose where to collect audit logs from:
- Organization: Audit logs from all of an organization’s resources in all of its clouds.
- Cloud: Audit logs from resources in all the folders of a specific cloud.
- Individual folders: Audit logs from resources in a specific folder in one cloud.
A trail is the main Yandex Audit Trails resource responsible for collecting and delivering audit logs of Yandex Cloud resources to Object Storage buckets or Cloud Logging log groups.
In the trail settings, you can choose where to collect audit logs from:
- Organization: Audit logs from all of an organization’s resources in all of its clouds.
- Cloud: Audit logs from resources in all the folders of a specific cloud.
- Individual folders: Audit logs from resources in a specific folder in one cloud.
For which Yandex Cloud services are audit logs collected?
- Audit Trails
- Cloud Logging
- Certificate Manager
- Compute Cloud
- Identity and Access Management (IAM)
- Key Management Service (KMS)
- Network Load Balancer
- Lockbox
- Managed Service for ClickHouse
- Managed Service for MongoDB
- Managed Service for MySQL®
- Managed Service for PostgreSQL
- Managed Service for Redis™
- Managed Service for YDB
- Object Storage
- Resource Manager
- Virtual Private Cloud
- Audit Trails
- Cloud Logging
- Certificate Manager
- Compute Cloud
- Identity and Access Management (IAM)
- Key Management Service (KMS)
- Network Load Balancer
- Lockbox
- Managed Service for ClickHouse
- Managed Service for MongoDB
- Managed Service for MySQL®
- Managed Service for PostgreSQL
- Managed Service for Redis™
- Managed Service for YDB
- Object Storage
- Resource Manager
- Virtual Private Cloud
How do I set up service access permissions?
You need to create a separate service account for a trail under which all actions for exporting logs to other services will be performed. You can grant access to this service account and manage it in IAM.
You need to create a separate service account for a trail under which all actions for exporting logs to other services will be performed. You can grant access to this service account and manage it in IAM.
How do I export Audit Trails logs to third-party systems?
We have created a solution library with instructions you can use to continuously transfer Audit Trails logs to external monitoring systems, databases, and SIEM systems.
We have created a solution library with instructions you can use to continuously transfer Audit Trails logs to external monitoring systems, databases, and SIEM systems.