cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Audit logs in SaaS

I know there is auditing in Managed, via CMC, but is there an equivalent in SaaS? Perhaps I'm just being slow on this Monday morning, but I cannot find anything. One of our client's is using SaaS and wants to know if they can track which of their users made configuration changes to their SaaS tenant.


8 REPLIES 8

Nope, you are correct and it's driving me crazy 🙂

It seems there are many things missing in the SaaS version VS managed to the point I am starting to wish we would have went managed. We have the exact same need as your client.


yasmeen_hazy1
Dynatrace Helper
Dynatrace Helper

My client is also frustrated by this, so I created an RFE:
https://answers.dynatrace.com/spaces/483/dynatrace-product-ideas/idea/218461/rfe-auditing-for-dynatrace-saas.html


I have asked for an update around this in another post. Still waiting to hear anything on this from Dynatrace.


Dynatrace Managed audit trail only provide who log in and log out, is there a roadmap to add in more eventType on CRUD application setting such as naming rules, key user action and etc ?

Next, Dynatrace Mobile App audit trail is missing too, is there a way to track who had used the QR code to register to view the Problem via Mobile App ? This is critical from security audit perspective.


Events (Informational) show user login/logout, Audit logs provide detail on e.g. config changes, what the change entailed, the user that performed the change, which environment, timestamp.

How would you know who scanned the code using their mobile device? Closest you'll get, is to track who browsed to the page where the QR code is displayed?


Michael_Plank
Dynatrace Contributor
Dynatrace Contributor

Hi everybody,

please see my comment here for an update on the audit logging for SaaS feature:

https://answers.dynatrace.com/spaces/483/dynatrace-product-ideas/idea/201601/rfe-view-audit-logs-for...


ctturner
Inactive

You can now audit the following:

- Login events

- Logout events

- Any change to a configuration

- Any change to API tokens

To enable and use the new environment Audit logs API

  1. Go to Settings > Preferences > Data privacy and security and enable Log all audit-related system events.

2. Go to Settings > Integration > Dynatrace API > Generate token. Give the token a name and enable Read audit logs. Alternatively, use an existing API token by adding this access scope.

3. Copy the Generated token value.

4. The /auditlogs API endpoint is available in the Dynatrace Environment API v2


5. Use the copied API token within the Authorization header to get the audit logs for a given timeframe.

Environment audit logs are stored once the audit feature is enabled, as explained in the first step of the setup above. Events that occur before the feature is enabled aren’t stored!

Audit logs are retained for 30 days and then automatically deleted.

Note: If you need to store audit logs for a longer period of time, for example, to meet compliance standards, we recommend that you set up an automated process that downloads audit logs every day and stores them in your own infrastructure.

A full article of this can be found on:

https://www.dynatrace.com/news/blog/easily-check-configuration-changes-or-environment-sign-ins-with-...


Thanks, Great Answer.

The true delight is in the finding out rather than in the knowing.