Yandex Audit Trails

A service for collecting and exporting audit logs about events in Yandex Cloud resources.

The service is offered free of charge and is at the Preview stage.

Flexible audit log collection settings

Choose which resources to collect logs from: an organization and all of its clouds, a specific cloud, or certain folders within a cloud.

Integration with Object Storage

Export audit logs to an encrypted Object Storage bucket. Store logs for further analysis or export them to a third-party system.

Integration with Cloud Logging

Export events to Cloud Logging to view and analyze events from the last few days.

Functions triggered by security events

Integration with Cloud Logging and Cloud Functions lets you set up triggers for events collected by Audit Trails to promptly respond to these events or notify users.

Online monitoring

Use the Yandex Monitoring service dashboard to display the frequency of events by service or event type and create alerts for them.

Service-level events

You can enable collection of events from the service level (data plane) and get information about what is happening with the contents of the resources.

Use Audit Trails in your projects

Investigating incidents

All information about actions with key resources is available in one place. Quickly get all the information there is about actions with specific resources.

Audits and certification

Yandex Audit Trails simplifies the process of confirming compliance with security requirements and providing information for internal and external audits. The service logs all security events at the cloud platform level and lets you store them in an encrypted bucket and export them to third-party systems.

User action control

All events are registered in the monitoring system: set up alerts to not miss a thing. Use Yandex Cloud Functions to set up triggers for Audit Trails events and set preventive actions.

Which events does Yandex Audit Trails log?

Event type
Logins by federated users
Creation/deletion of service accounts
Creation/deletion of service account keys
Changing user roles and service accounts
Creation/deletion of resources
Changing to resource settings
Stopping/restarting of a resource
Changes to access policies
Creation/changing of security groups
Actions with encryption keys and secrets

Getting started

Create an audit log and check its status and indicators in the monitoring system.

Full screen image


What are the Yandex Audit Trails entities?

A trail is the main Yandex Audit Trails resource responsible for collecting and delivering audit logs of Yandex Cloud resources to Object Storage buckets or Cloud Logging log groups.
In the trail settings, you can choose where to collect audit logs from:

  • Organization: Audit logs from all of an organization’s resources in all of its clouds.
  • Cloud: Audit logs from resources in all the folders of a specific cloud.
  • Individual folders: Audit logs from resources in a specific folder in one cloud.

Get started with Yandex Audit Trails

ClickHouse is a registered trademark of ClickHouse, Inc.