Activity tracking events for IBM Cloud Activity Tracker Event Routing
IBM Cloud® services, such as IBM Cloud Activity Tracker Event Routing, generate activity tracking events.
Activity tracking events report on activities that change the state of a service in IBM Cloud. You can use the events to investigate abnormal activity and critical actions and to comply with regulatory audit requirements.
You can use IBM Cloud Activity Tracker Event Routing, a platform service, to route auditing events in your account to destinations of your choice by configuring targets and routes that define where activity tracking events are sent. For more information, see About IBM Cloud Activity Tracker Event Routing.
You can use IBM Cloud Logs to visualize and alert on events that are generated in your account and routed by IBM Cloud Activity Tracker Event Routing to an IBM Cloud Logs instance.
Locations where activity tracking events are generated
IBM Cloud Activity Tracker Event Routing sends activity tracking events by IBM Cloud Activity Tracker Event Routing in the regions that are indicated in the following table.
Dallas (us-south) |
Washington (us-east) |
Toronto (ca-tor) |
Sao Paulo (br-sao) |
|---|---|---|---|
| Yes | Yes | Yes | Yes |
Tokyo (jp-tok) |
Sydney (au-syd) |
Osaka (jp-osa) |
Chennai (in-che) |
|---|---|---|---|
| Yes | Yes | Yes | Yes |
Frankfurt (eu-de) |
London (eu-gb) |
Madrid (eu-es) |
|---|---|---|
| Yes | Yes | Yes |
Viewing activity tracking events for IBM Cloud Activity Tracker Event Routing
You can use IBM Cloud Logs to visualize and alert on events that are generated in your account and routed by IBM Cloud Activity Tracker Event Routing to an IBM Cloud Logs instance.
Launching IBM Cloud Logs from the Observability page
For information on launching the IBM Cloud Logs UI, see Launching the UI in the IBM Cloud Logs documentation.
Management events
Targets
The following table lists the auditing events that are generated when you manage targets:
| Action | Description |
|---|---|
atracker.target.create |
This event is generated when an administrator creates a new Cloud Object Storage (COS) target with specified COS endpoint information and credentials. |
atracker.target.list |
This event is generated when an administrator lists all Cloud Object Storage (COS) targets defined under a region. |
atracker.target.get |
This event is generated when an administrator retrieves a target and its details by specifying the ID of the target. |
atracker.target.update |
This event is generated when an administrator updates a target details by specifying the ID of the target. |
atracker.target.delete |
This event is generated when an administrator deletes a target by specifying the ID of the target. |
Routes
The following table lists the auditing events that are generated when you manage routes:
| Action | Description |
|---|---|
atracker.route.create |
This event is generated when an administrator creates a route with rules defined how to route auditing events to targets for a region. |
atracker.route.list |
This event is generated when an administrator lists routes defined under this region. |
atracker.route.get |
This event is generated when an administrator retrieves a route and its details by specifying the ID of the route. |
atracker.route.update |
This event is generated when an administrator replaces a route details by specifying the ID of the route. You can also get this event when you validate a target by checking the credentials to write to the bucket. |
atracker.route.delete |
This event is generated when an administrator deletes a route by specifying the ID of the route. |
Settings
The following table lists the auditing events that are generated when you manage settings:
| Action | Description |
|---|---|
atracker.setting.set |
This event is generated when an administrator configures the Activity Tracker Event Routing settings for an account. |
atracker.setting.get |
This event is generated when an administrator gets information about the Activity Tracker Event Routing settings for an account. |