Activity tracking events for IBM Cloud Monitoring
IBM Cloud services, such as IBM Cloud Monitoring, generate activity tracking events.
Activity tracking events report on activities that change the state of a service in IBM Cloud. You can use the events to investigate abnormal activity and critical actions and to comply with regulatory audit requirements.
You can use IBM Cloud Activity Tracker Event Routing, a platform service, to route auditing events in your account to destinations of your choice by configuring targets and routes that define where activity tracking events are sent. For more information, see About IBM Cloud Activity Tracker Event Routing.
You can use IBM Cloud Logs to visualize and alert on events that are generated in your account and routed by IBM Cloud Activity Tracker Event Routing to an IBM Cloud Logs instance.
Locations where activity tracking events are sent by IBM Cloud Activity Tracker Event Routing
IBM Cloud Monitoring sends activity tracking events by IBM Cloud Activity Tracker Event Routing in the regions that are indicated in the following table.
Dallas (us-south) |
Washington (us-east) |
Toronto (ca-tor) |
Sao Paulo (br-sao) |
|---|---|---|---|
| Yes | Yes | Yes | Yes |
Tokyo (jp-tok) |
Sydney (au-syd) |
Osaka (jp-osa) |
Chennai (in-che) |
|---|---|---|---|
| Yes | Yes | Yes | No |
Frankfurt (eu-de) |
London (eu-gb) |
Madrid (eu-es) |
|---|---|---|
| Yes | Yes | Yes |
Viewing activity tracking events for IBM Cloud Monitoring
You can use IBM Cloud Logs to visualize and alert on events that are generated in your account and routed by IBM Cloud Activity Tracker Event Routing to an IBM Cloud Logs instance.
Launching IBM Cloud Logs from the Observability page
For information on launching the IBM Cloud Logs UI, see Launching the UI in the IBM Cloud Logs documentation.
Alerts: List of management events
| Action | Description |
|---|---|
sysdig-monitor.alert.create |
An event is created when you create an alert definition |
sysdig-monitor.alert.read |
An event is created when you read an alert definition |
sysdig-monitor.alert.update |
An event is created when you update an alert definition |
sysdig-monitor.alert.delete |
An event is created when you delete an alert definition |
sysdig-monitor.alert.list |
An event is created when you view the alerts in the monitoring instance |
Captures: List of management events
| Action | Description |
|---|---|
sysdig-monitor.capture.create |
An event is created when you create a Monitoring capture |
sysdig-monitor.capture.read |
An event is created when you load a Monitoring capture in the dashboard |
sysdig-monitor.capture.update |
An event is created when you update a Monitoring capture |
sysdig-monitor.capture.delete |
An event is created when you delete a Monitoring capture |
Dashboards: List of management events
| Action | Description |
|---|---|
sysdig-monitor.dashboard.create |
An event is created when you create a dashboard |
sysdig-monitor.dashboard.read |
An event is created when you load a dashboard |
sysdig-monitor.dashboard.update |
An event is created when you update a dashboard |
sysdig-monitor.dashboard.delete |
An event is created when you delete a dashboard |
sysdig-monitor.dashboard.list |
An event is created when you view the dashboards in the monitoring instance |
Teams: List of management events
| Action | Description |
|---|---|
sysdig-monitor.team.create |
An event is created when you create a Monitoring team |
sysdig-monitor.team.read |
An event is created when you view a Monitoring team definition |
sysdig-monitor.team.update |
An event is created when you update a Monitoring team definition |
sysdig-monitor.team.delete |
An event is created when you delete a Monitoring team |
sysdig-monitor.team.list |
An event is created when you view the Monitoring teams |