Overview

You can see downloadable logs of all activity within Dasera by navigating to Administration → Activity Logs. These are divided between User Activity and System Activity tabs, and can be sorted and filtered by activity type. Read below for more information on publishing Activity Logs to your organization's S3 instance within AWS.

Publishing Activity Logs to S3

As an optional feature, you can push Activity Logs from Dasera (Administration → Activity Logs) to your organization's S3 instance within AWS.

All system activities and user activities store in the corresponding AWS S3 bucket as separate .json objects with standard formatting and includes the following information:

• Resource
• Action type
• Timestamp
• User ID
• Description of the activity

The timestamp on each .json record will match the time at which the activity was recorded in Dasera.

{
  "timestamp": "02-15-2023 04:33:13",
  "type": "scan",
  "description": "Dasera completed a scan of data store: 'fp-redshift'\n\nStart time: 2023-02-15 18:48:02.0\nEnd time: 2023-02-15 18:48:45.309\n\nNew queries scanned: 0\nExfiltration alerts generated: 0\nPrivacy alerts generated: 0\nData modification alerts generated: 0\nColumn classification alerts generated: 0\n\n# of new fields detected:  0\n# of new fields classified as sensitive:  0\n# of new fields classified as not sensitive: 0\n"
}

{
  "timestamp": "02-15-2023 04:33:13",
  "type": "create",
  "username": "demo@dasera.com",
  "resource": "User Identity",
  "description": "User configured a new employee directory service with name Dasera Directory"
}

Once you've enabled this feature, Activity Logs will appear in S3 moving forward, but will not show activity retroactively.

The following fields will be required from your organization to enable publishing Activity Logs to S3.