Auditing events for context-based restrictions
IBM Cloud® services, such as context-based restrictions rules and network zones in IBM Cloud, generate activity tracking events.
Activity tracking events report on activities that change the state of a service in IBM Cloud. You can use the events to investigate abnormal activity and critical actions and to comply with regulatory audit requirements.
You can use IBM Cloud Activity Tracker Event Routing, a platform service, to route auditing events in your account to destinations of your choice by configuring targets and routes that define where activity tracking events are sent. For more information, see About IBM Cloud Activity Tracker Event Routing.
You can use IBM Cloud Logs to visualize and alert on events that are generated in your account and routed by IBM Cloud Activity Tracker Event Routing to an IBM Cloud Logs instance.
Viewing activity tracking events for context-based restrictions
You can use IBM Cloud Logs to visualize and alert on events that are generated in your account and routed by IBM Cloud Activity Tracker Event Routing to an IBM Cloud Logs instance.
Launching IBM Cloud Logs from the Observability page
For information on launching the IBM Cloud Logs UI, see Launching the UI in the IBM Cloud Logs documentation.
Network zone events
The following table lists the actions that generate nerwork zone events:
| Action | Description |
|---|---|
| context-based-restrictions.zone.create | An event is generated when an initiator creates a CBR zone. |
| context-based-restrictions.zone.list | An event is generated when an initiator lists CBR zones. |
| context-based-restrictions.zone.read | An event is generated when an initiator looks at information that is related with a CBR zone. |
| context-based-restrictions.zone.update | An event is generated when an initiator modifies a CBR zone. Users can identify system initiated updates (vs. user initiated updates) by the initiator name "IBM". |
| context-based-restrictions.zone.delete | An event is generated when an initiator deletes a CBR zone. |
Context-based restrictions rules events
The following table lists the actions that generate context-based restricitons rule events:
| Action | Description |
|---|---|
| context-based-restrictions.policy.create | An event is generated when an initiator creates a CBR rule. |
| context-based-restrictions.policy.list | An event is generated when an initiator lists CBR rules. |
| context-based-restrictions.policy.read | An event is generated when an initiator looks at information that is related with a CBR rule. |
| context-based-restrictions.policy.update | An event is generated when an initiator modifies a CBR rule. |
| context-based-restrictions.policy.delete | An event is generated when an initiator deletes a CBR rule. |
Account settings events
The following table lists the actions that generate account settings events:
| Action | Description |
|---|---|
| context-based-restrictions.account-settings.read | An event is generated when an initiator looks at information that is related with account settings. |