Introduction
The platform's auditing function provides time-ordered operation records related to users and system security. This helps you analyze specific issues and quickly resolve problems that occur in clusters, custom applications, and other areas.
Through auditing, you can track various changes in the Kubernetes cluster, including:
- What changes occurred in the cluster during a specific time period
- Who performed these changes (system components or users)
- Details of important change events (e.g., POD parameter updates)
- Event outcomes (success or failure)
- Operator location (internal or external to the cluster)
- User operation records (updates, deletions, management operations) and their results
TOC
Prerequisites
-
Your account must have platform management or platform auditing permissions.
-
This feature relies on the logging service. Please ensure that the ACP Log Essentails , ACP Log Collector and ACP Log Storage plugins are installed within the platform beforehand.
Procedure
-
In the left navigation bar, click Auditing.
-
Select the auditing scope from the tabs:
- User Operations: View operation records of users who have logged in to the platform
- System Operations: View system operation records (operators start with
system:)
-
Configure query conditions to filter auditing events:
-
Click Search.
- Use the Time Range dropdown to set the audit time range (default:
Last 30 Minutes). You can select a preset range or customize one. - Click the refresh icon to update search results.
- Click the export icon to download results as a
.csvfile.
Search Results
The search results display the following information: