Learn how to stream Infisical Audit Logs to external logging providers.
Navigate to Organization Settings in your sidebar.
Select Audit Log Streams Tab.
Select Connect Source
Provide a name and select platform
Provide Audit Log Stream inputs
Navigate to API Keys section
Select New Key and provide a key name
Find your Datadog region specific logging endpoint.
Provide audit log stream inputs
User Metadata
Identity Metadata
Service Token Metadata
actor
field is set to platform
, scimClient
, or unknownUser
, the actorMetadata
field will be an empty object.get-secrets
, delete-secrets
, get-secret
, create-secret
, update-secret
, delete-secret
, get-workspace-key
, authorize-integration
, update-integration-auth
, unauthorize-integration
, create-integration
, delete-integration
, add-trusted-ip
, update-trusted-ip
, delete-trusted-ip
, create-service-token
, delete-service-token
, create-identity
, update-identity
, delete-identity
, login-identity-universal-auth
, add-identity-universal-auth
, update-identity-universal-auth
, get-identity-universal-auth
, create-identity-universal-auth-client-secret
, revoke-identity-universal-auth-client-secret
, get-identity-universal-auth-client-secret
, create-environment
, update-environment
, delete-environment
, add-workspace-member
, remove-workspace-member
, create-folder
, update-folder
, delete-folder
, create-webhook
, update-webhook-status
, delete-webhook
, webhook-triggered
, get-secret-imports
, create-secret-import
, update-secret-import
, delete-secret-import
, update-user-workspace-role
, update-user-workspace-denied-permissions
, create-certificate-authority
, get-certificate-authority
, update-certificate-authority
, delete-certificate-authority
, get-certificate-authority-csr
, get-certificate-authority-cert
, sign-intermediate
, import-certificate-authority-cert
, get-certificate-authority-crl
, issue-cert
, get-cert
, delete-cert
, revoke-cert
, get-cert-body
, create-pki-alert
, get-pki-alert
, update-pki-alert
, delete-pki-alert
, create-pki-collection
, get-pki-collection
, update-pki-collection
, delete-pki-collection
, get-pki-collection-items
, add-pki-collection-item
, delete-pki-collection-item
, org-admin-accessed-project
, create-certificate-template
, update-certificate-template
, delete-certificate-template
, get-certificate-template
, create-certificate-template-est-config
, update-certificate-template-est-config
, get-certificate-template-est-config
, update-project-slack-config
, get-project-slack-config
, integration-synced
, create-shared-secret
, delete-shared-secret
, read-shared-secret
.createdAt
field, as we do not update log entries after they’ve been created.projectId
field will only be present if the event occurred at the project level, not the organization level.projectName
field will only be present if the event occurred at the project level, not the organization level.