Audit Logs
Audit Logs provide a complete, tamper-evident history of actions performed across all TIR services in your account. They are essential for security reviews, compliance audits, and troubleshooting unexpected changes.
What Audit Logs Track
Audit Logs capture events such as:
- User additions, updates, and removals
- Project creation or deletion
- Resource provisioning and deprovisioning (notebooks, endpoints, datasets, etc.)
- Policy changes and permission updates
- Authentication and access events
Accessing Audit Logs
- In the TIR sidebar, click Audit Logs.
- Use the Service dropdown to filter events by a specific TIR service.
- Use the Period selector to filter by time range.
- The log table will update to show all matching events.
Reading Log Entries
Each log entry typically includes:
| Field | Description |
|---|---|
| Timestamp | When the event occurred |
| User | Who performed the action |
| Service | Which TIR service was involved |
| Action | What operation was performed |
| Status | Whether the action succeeded or failed |
Best Practices
- Review audit logs regularly to detect unauthorized access or unexpected changes.
- Export or archive logs periodically if your compliance policy requires long-term retention.
- Combine audit log reviews with IAM Panel checks to ensure role assignments remain appropriate.