Audit logs
Root users can view application event audit logs from the Admin panel Audit logs tab.
Application event audit logs are retained for 365 days by default. In Platform Enterprise, this retention period can be customized.
Audit log event format
Audit log entries record the following event details:
- Type: A brief event description, such as
user_sign_in,credentials_created, etc. - Target: ID of the resource associated with the event, such as ID of created credentials, etc.
- Principal: ID of the user that performed the action. User IDs for user-initiated events,
systemfor Seqera-initiated events. - Status: Additional event information, such as workflow completion status, user sign-in method, etc.
- Organization ID
- Organization name
- Workspace ID
- Workspace name
- Client IP: IP address of user/client initiating the event. Empty for Seqera-initiated events.
- Creation date: Event timestamp in
YYYY-MM-DD-HH-MM-SSformat.
Audit log events
Audit logs include administration, security, and application resource events.
Resource | Events logged | Note |
|---|---|---|
Access tokens | Add, delete | Log entry includes the access token ID. |
Compute environments | Add, edit, edit primary, delete | Log entry includes the compute environment ID. Edit event entries do not include the edited parameters. An entry is also recorded when workspace compute environments are made primary or removed from primary. |
Credentials | Add, edit, delete, access | Log entry includes the credential ID. A log entry is also created each time the credentials are accessed by the application. |
Data Explorer cloud buckets | Add, edit, remove, hide, show | Events for public and private buckets are logged. |
Data Explorer files | Download, upload, preview | Events for public and private bucket files are logged. |
Labels and resource labels | Add, edit, delete | Log entry includes the label ID. |
Managed identities | Add, edit, delete | Log entry includes the managed identity ID. |
Organizations | Add, edit, delete | Log entry includes the organization ID. |
Organization members | Add, update role, delete | Log entry includes the organization member user ID. The associated organization ID is recorded in the |
Organization settings | Edit | Log entry includes the organization ID. |
Participants | Add, update role, delete | Log entry includes the participant ID. The associated workspace ID is recorded in the |
Pipelines | Add, edit, delete | Edit event entries do not include the edited parameters. Log entry includes the pipeline ID. |
Pipeline actions | Add, edit, pause, unpause, delete | Log entry includes the pipeline action ID. |
Pipeline secrets | Add, edit, delete | Log entry includes the pipeline secret ID. |
Runs | Launch, create, relaunch, resume, status change, complete, delete, drop | Relaunched/resumed runs are stored with the initial launch run ID. Deleted runs are marked for deletion before being dropped from the runs database by the application backend (constituting two events). |
Studios sessions | Add, start, connect, disconnect, stop, delete | Temporary states (starting, stopping, deleting) are not logged. |
Studios custom environments | Build start, build success, build fail | Applies only to Wave-enabled custom environment creation. |
Teams | Add, edit, delete | Log entry includes the team ID. |
Team members | Add, delete | Log entry includes the user ID of the team member. The associated team ID is recorded in the |
Team workspaces | Add, edit, delete | Events are recorded when access to a workspace is granted to or removed from a team. An event is also recorded when a team workspace role is updated. |
Users | Add, edit, delete | Log entry includes the user ID. See user deletion. |
User sessions | Login | Login event entries include the login IP address. |
Workspaces | Add, edit, delete | Log entry includes the workspace ID. |