It seems that it is possible to get the Managed "Audit Log" through API, despite still not having used it:
Does anyone know if it's possible to get the "Event Log" from the CSC in Managed?
Solved! Go to Solution.
Audit logs in the environment are not the same as Audit in Cluster Management Console. However they overlap in major part.
There’s no Cluster REST API currently to get cluster changes. To fetch them to an external tool, you can pull and process audit logs from the node. You are interested in :
hope this helps. REST API will be maybe available late this year or early next year.
Adding as a note to Linux users, since filenames are case sensitive, make sure to to search for audit.user and audit config. Especially handy when you have the mlocate package installed.
# locate udit.user
# locate udit.config
Original question was: "it's possible to get the 'Event Log' from the CSC in Managed?"
Although Audit logs have been discussed, the Events log seems yet unanswered.
The Cluster API does not show this information.
Cluster API - Authentication | Dynatrace Docs
The necessity is also indicated in RFE - Managed Cluster - Notification/send alert of cluster severe and warning events - Dynatrace Com...
If somebody has a work around, please share.
Like a (3rd party?) log forwarder to Dynatrace environment. Checking for Cluster Events in the audit.cluster.event.0.0.log, residing in /var/opt/dynatrace-managed/log/server.