Auditing Your Instance (2.13)
Auditing helps you monitor activity in your InterSystems Data Studio instance for security, operational oversight, and compliance reporting. Audit logs record information about system events and user activity so that you can review what happened, when it happened, and which user or process initiated it.
Use the audit log to investigate configuration changes, review system activity, and monitor audited SQL statements and other auditable events.
Viewing the Audit Logs
-
Click the Management
icon in the application menu. -
In the Security section, click View Audit Logs .
Filtering the Audit Logs Display
To filter the display, use the dropdown menu and type-in boxes above the table.
To clear a filter, click the remove 
icon next to the applied filter. To clear all filters, click the clear all filters 
icon.
Understanding the Auditing Interface
The audit log table displays the following information for each event:
The UTC date and time when the event was logged.
The component that generated the event. For system-generated events, this is typically values such as %System or %Ensemble. For application-defined events, this value is defined by the originating component.
The category of the event. This helps distinguish different kinds of audited activity.
For more information on possible system event types, see System Audit Events in the InterSystems IRIS documentation.
The specific event that was logged.
The operating system process ID of the process that logged the event.
The user associated with the action or process that generated the event.
A short, user-readable summary of the audit event.
Additional information associated with the event, including:
-
Identifier — The machine and instance that logged the event.
-
IP Address — The IP address of the client associated with the process.
This field can also include event-specific data recorded at the time of the event.
