Contents x
    Audit Log Function
      • Print
      • PDF
      Contents

      Audit Log Function

        • Print
        • PDF
        Article summary

        Help page about the audit log function.

        summary

        Audit logs are log data that record "who," "when," and "what" actions were taken on the system.
        It is mainly used to perform system audits.
        TROCCO's Audit Log feature records TROCCO users' actions and provides the recorded audit logs in a CSV file.

        Plan Restrictions

        Audit logs are available only for accounts subscribed to the Advanced plan or higher.

        precautions

        Audit log retention period and audit log acquisition start date
        • The audit log function allows the user to review audit logs for the past year.
          • Audit log data recorded prior to the past year will be deleted sequentially and cannot be checked.
        • The audit log function will begin recording audit logs from the date you subscribe to the audit log function.
          • Audit logs for users performed while not subscribed to the audit log function are not recorded and cannot be checked.

        Audit Log File Specifications

        Audit logs can be downloaded as CSV files.
        Below are the specifications of the CSV file to be downloaded.

        List of columns in CSV file

        The CSV file of the audit log consists of the following columns

        column nameValue Description
        User IDThe ID of the user who performed the action.
        The value is guaranteed to be unique for each user.
        It is automatically set when a user is invited to TROCCO and will not be changed thereafter.
        EmailThe email address of the user who performed the action.
        Email addresses are subject to change.
        IP AddressThe IP address of the user who performed the action.
        User AgentThe OS and browser used by the user who performed the action, and its version.
        RoleThe permissions on the TROCCO account of the user who performed the action. It can be one of the following values
      • Account Super Admin
      • Account Admin
      • Account Member

        • For details, please refer to what can be done with each user's privileges.
        Available FeaturesThis is a TROCCO feature available to users who have performed the action.
        Depending on the functions available to the user in question, the following values are included
      • Basic Features: TROCCO's basic features
      • Data Catalog
      • Audit Log: Audit Log

        • For more information, see Functions.
        Restricted FeaturesThe user who performed the action is prohibited from using this feature of TROCCO.
        Depending on the function forbidden to the user in question, the following values are included
      • Connection Modification: Creation, Editing, and Deletion of Connection Configuration

        • For more information, see Functions.
        CategoryThe name of the TROCCO function that was the subject of the action.
        For more information, see the categories below.
        ActionAction Summary.
        See actions below for more information.
        Action DetailsAdditional information about the action.
        Date and Time (TIMEZONE)The date and time when the user performed the action.
        The time zone selected when downloading the audit log file is included in the column name.
        Note that if you select Asia/Tokyo as the time zone, actions taken at 12:00:00 UTC will be converted to 21:00:00 UTC and output.
        Identifier

        See User ID as an identifier to identify a user.
        Email cannot be referenced as an identifier because it may change during the process.

        category

        The category (Category) has as its value the name of the TROCCO function that was the target of the action.
        The values included in the categories are as follows

        Functions not included in the category list

        Actions logged for functions not included in the list of categories below will not be captured.

        Category NameContents
        ETLConfigurationETL Configuration
        ETLJobETL Job
        ManagedETLConfigurationManaged ETL Configuration
        DataMartDefinitionData Mart Configuration
        DataMartJobdata mart job
        DbtGitRepositorydbt Git repository
        DbtJobConfigurationdbt Job Setting
        DbtJobdbt job
        Teamteam
        ResourceGroupResource Group
        ResourceGroupRoleRoles (permission settings) for Resource Groups
        WorkflowDefinitionWorkflow
        WorkflowJobWorkflow Job
        ConnectionConfigurationConnection Configuration
        NotificationNotification to
        LabelLabel
        AccountTROCCO Account
        * This action affects all users belonging to the TROCCO account.
        UserTROCCO Users
        * Actions that affect only each TROCCO user himself/herself.
        APIKeyTROCCO API
        AuditLogaudit log
        PageAccess to TROCCO
        * Log each time a page on TROCCO is accessed.

        action

        In Action, the action name is taken as the value.
        Each action includes a category name as a prefix.
        For a list of actions and their details, please refer to the following csv file.

        audit_log_action_list.csv

        Procedures for Using Audit Logs

        initialization

        To use the audit log, user permissions must be set in advance.
        For more information, see User Permission Settings.

        Download Audit Log File

        1. Click on Audit Log Output in the left sidebar

        2. Select the time period and time zone for the retrieval, then click Output.
          005-p.png
          Preparation for downloading will begin. Please wait a moment.

        3. Click to download
          006-p.png
          A ZIP file will be downloaded.
          The ZIP file contains CSV files separated by month.

        Supplemental information on downloading audit logs
        • Audit logs should be downloaded within 24 hours of output.
          • After 24 hours of output, downloading will no longer be possible.
        • Only the audit logs output by the company itself can be downloaded.
          • Audit logs output by other users cannot be downloaded.
        • The date and time displayed in the Output History > Output Date and Time column is based on Asia/Tokyo (Japan Standard Time).

        Change history of the audit log function

        Date of changeChange SummaryChange Details
        2023/04/10Release of audit log function-
        2023/05/10Time zone can now be specified for audit log outputTime zone can now be specified for audit log output.
        For more information, see the Date and Time (TIMEZONE) row inthe CSV file column list.
        2023/05/10Update audit_log_action_list.csvAlong with the change of the function name from two-step authentication****to two-factor authentication, the wording of the description of the following actions has also been changed.
      • UserTwoFactorAuthenticationEnabled,Enable two-factor authentication
      • UserTwoFactorAuthenticationDisabled,Disable two-factor authentication
        • 2023/09/06Addition of actions to be acquired
        and update audit_log_action_list.csv        		Actions to be retrieved have been added with the addition of the time zone setting.
      • UserUpdatedForTimeZone,UserUpdated (change time zone setting)
        • 2023/09/14Change or add Role column valuesThe values in the Role column were also changed and added along with the change in the TROCCO authority name and the addition of the new authority.
      • Account Super Admin: value added with the addition of a new privilege, Account Privileged Admin.
      • Account Admin: changed from old admin
      • Account Member: Changed from old member

        • For details, see the Role row in the column list of the CSV file.
        2023/10/12Add Restricted Features columnAdded Restricted Features column to User Permissions > Prohibited Features.
        For details, see the Restricted Features row in the column list of the CSV file.
        2024/03/05Deletion of actions to be acquired
        and update audit_log_action_list.csv        		Deleted actions to be retrieved.
      • ETLConfigurationUpdatedFromPastRevision, ETL Configuration Update (restore past revision of changelog)
        • 2024/04/02Addition of actions to be acquired
        and update audit_log_action_list.csv        		Actions to be retrieved have been added to accommodate changes in organization names.
      • AccountOrganizationNameUpdated,OrganizationNameUpdated
        • 2024/05/20Update audit_log_action_list.csvAdded an action when manipulating a Data Mart Configuration using the trocco API.
      • Data Mart DefinitionCreatedFromAPI,Creation of Data Mart Configuration (created using API)
      • Data Mart DefinitionUpdatedFromAPI,Updating Data Mart Configuration (using API)
      • Data Mart DefinitionDeletedFromAPI,Deletion of Data Mart Configuration (using API)
        • 2024/03/05 ETLConfigurationUpdatedFromPastRevision action removed

        The ETL ConfigurationUpdatedFromPastRevision was specified to be retrieved when a restore was clicked from the Revision Details screen in ETL Configuration.
        On the other hand, past revisions are actually restored when they are saved and applied on the Edit ETL Configuration screen that appears after the restore is clicked.
        As mentioned above, we decided to remove this action because the timing at which ETLConfigurationUpdatedFromPastRevision is retrieved and the timing at which past revisions are actually restored are different.

        Was this article helpful?
        What's Next