OCI Audit Service
- OCI Audit Service
The Oracle Cloud Infrastructure Audit service automatically records calls to all supported Oracle Cloud Infrastructure public application programming interface (API) endpoints as log events. Currently, all services support logging by Audit. Object Storage service supports logging for bucket-related events, but not for object-related events. Log events recorded by the Audit service include API calls made by the Oracle Cloud Infrastructure Console, Command Line Interface (CLI), Software Development Kits (SDK), your own custom clients, or other Oracle Cloud Infrastructure services
Each log event includes a header ID, target resource(s), time stamp of the recorded event, request parameters, and response parameters. You can view events logged by the Audit Service by using the Console,API, or the Java SDK. You can view events, copy the details of individual events, as well as analyze events or store them separately. Data from events can be used to perform diagnostics, track resource usage, monitor compliance, and collect security-related events.
The purpose of this lab is to give you an overview of the Audit Service and an example scenario to help you understand how the service works. You can view a video recording of this lab at Youtube
Oracle Cloud Infrastructure account credentials (User, Password, Tenant, and Compartment)
Before You Begin
We recommend using Chrome, Firefox, Safari or Internet Explorer as the browser. Please do not use the MS Edge browser. Also set your browser zoom to 80%
Note: The OCI UI is frequently updated thus some screenshots in the instructions might be different than actual UI
Practice-1: Sign in to OCI Console and Create Object Storage Bucket
Sign in using your tenant name, user name and password.
Once signed in select the compartment assigned to you from drop down menu on left part of the screen
From the OCI Services menu,click Object Storage then Create Bucket
NOTE: Ensure the correct Compartment is selected under COMPARTMENT list
Fill out the dialog box:
- Bucket Name: Provide a name (Test-Bucket in this lab)
- Storage Tier: STANDARD
Click Create Bucket
Practice-2: Upload Object and Check Audit logs
Open a terminal window.
Change directory to your Downloads folder Enter command: Mac or Linux
Create a sample file, Enter command:
This should create a file by the name “samplefile” in the Downloads folder
Switch to OCI window and click the Bucket Name.
Bucket detail window should be visible. Click Upload Object
Click on the select files link. Navigate to the samplefile that you created a moment ago.
Select the file, then click Upload Object in the Dialog box.
Using the main OCI menu, select Governance -> Audit. Scroll down or type the bucket name in Keyword section. You can choose other options such as dates and Request Action Type. For this lab we will leave them as default. Audit logs for the Storage bucket should be visible.
You have utilized OCI’s Audit service to extract events specific to Storage bucket created. Audit service can be used to monitor operations performed on OCI resources and can assist in trouble shooting your OCI environment.
You can learn more about the Audit Service here To see more about the log events in the Audit Service, click this link