Auditing events for Satellite
As a security officer, auditor, or manager, you can use IBM Cloud® Activity Tracker to track how users and applications interact with IBM Cloud Satellite.
IBM Cloud Activity Tracker records user-initiated activities that change the state of a service in IBM Cloud. You can use this service to investigate abnormal activity and critical actions and to comply with regulatory audit requirements. In addition, you can be alerted about actions as they happen. The events that are collected comply with the Cloud Auditing Data Federation (CADF) standard. For more information, see the getting started tutorial for IBM Cloud Activity Tracker.
Events for Satellite clusters
Events for the Satellite Link component
| Action | Description |
|---|---|
satellite.link.create |
A Satellite location and Satellite Link tunnel client are created. |
satellite.link.delete |
A Satellite location and Satellite Link tunnel client are removed. |
satellite.link.get |
Details for a Satellite location are retrieved. |
satellite.link-endpoint-certs.delete |
A TLS certificate for a Satellite endpoint is removed. |
satellite.link-endpoint-certs.get |
A list of TLS certificates that are used for a Satellite endpoint is retrieved. |
satellite.link-endpoint-certs.upload |
A TLS certificate is uploaded for a Satellite endpoint. |
satellite.link-endpoints.create |
A Satellite endpoint is created. |
satellite.link-endpoints.delete |
A Satellite endpoint is removed. |
satellite.link-endpoints.export |
The configuration for a Satellite endpoint is exported to a file. |
satellite.link-endpoints.get |
Details for a Satellite endpoint are retrieved. |
satellite.link-endpoints.import |
The configuration for a Satellite endpoint is imported from a file. |
satellite.link-endpoints.list |
A list of Satellite endpoints is retrieved. |
satellite.link-endpoints.update |
A Satellite endpoint is updated or data for the endpoint is exported. |
satellite.link-source-endpoints.list |
A list of Satellite endpoints that a client (source) is configured for and the enabled status of the client (source) for each endpoint is retrieved. |
satellite.link-source-endpoints.update |
A client (source) is enabled or disabled for one or more Satellite endpoints. |
satellite.link-sources.create |
A client (source) is configured for a Satellite endpoint. |
satellite.link-sources.delete |
A client (source) is removed from a Satellite endpoint. |
satellite.link-sources.list |
A list of clients (sources) that are configured for a Satellite endpoint is retrieved. |
satellite.link-sources.update |
A client (source) configuration is updated for a Satellite endpoint. |
Events for the Satellite Config component
| Action | Description |
|---|---|
satellite.config-cluster.register |
A Satellite or Red Hat OpenShift on IBM Cloud cluster is registered with Satellite Config. |
satellite.config-cluster.update |
A Satellite or Red Hat OpenShift on IBM Cloud cluster is updated with Satellite Config. |
satellite.config-cluster.detach |
A Satellite or Red Hat OpenShift on IBM Cloud cluster is detached from Satellite Config and can no longer receive configuration. |
satellite.config-clusters.detach |
One or more Satellite or Red Hat OpenShift on IBM Cloud clusters are detached from Satellite Config and can no longer receive configuration. |
satellite.config-clusters.group |
One or more Satellite or Red Hat OpenShift on IBM Cloud clusters are added to a cluster group. |
satellite.config-clusters.ungroup |
One or more Satellite or Red Hat OpenShift on IBM Cloud clusters are removed from a cluster group. |
satellite.config-clustergroups.edit |
A Satellite or Red Hat OpenShift on IBM Cloud cluster sets the cluster group or cluster groups of which it is a member. |
satellite.config-clustergroups.assign |
One or more Satellite or Red Hat OpenShift on IBM Cloud clusters are added to one or more cluster groups. |
satellite.config-clustergroups.unassign: |
One or more Satellite or Red Hat OpenShift on IBM Cloud clusters are removed from one or more cluster groups. |
satellite.config-configuration.create |
A Satellite configuration is created. |
satellite.config-configuration.update |
A Satellite configuration is updated. |
satellite.config-configuration.delete |
A Satellite configuration is removed. |
satellite.config-configuration.addversion |
A version is added to a Satellite configuration. |
satellite.config-configuration.removeversion |
A version is removed from a Satellite configuration. |
satellite.config-subscription.create |
A Satellite subscription is created. |
satellite.config-subscription.update |
A Satellite subscription is updated. |
satellite.config-subscription.delete |
A Satellite subscription is removed. |
satellite.config-subscription.setversion |
A Satellite subscription is set to a specific configuration version. |
satellite.config-group.create |
A cluster group is created. |
satellite.config-group.delete |
A cluster group is removed. |
Events for Satellite storage
| Action | Description |
|---|---|
satellite.storage-template.get |
A storage template is retrieved. |
satellite.storage-template.list |
A list of storage templates is retrieved. |
satellite.storage-template.get-changelog |
A storage template's change log is retrieved. |
satellite.storage-configuration.get |
A storage configuration is retrieved. |
satellite.storage-configuration.list |
A list of storage configurations is retrieved. |
satellite.storage-configuration.get-desired |
A desired storage configuration is returned. |
satellite.storage-configuration.set-desired |
A desired storage configuration request is created. |
satellite.storage-configuration.delete-desired |
A storage request is deleted. |
satellite.storage-configuration.expand-desired |
The desired capacity of a storage request is increased. |
satellite.storage-configuration.ack-desired-capacity |
A storage capacity expansion request is acknowledged. |
satellite.storage-configuration.get-assigned |
Assigned storage configuration details is returned. |
satellite.storage-configuration.create |
A storage configuration is created. |
satellite.storage-configuration.delete |
A storage configuration is deleted. |
satellite.storage-configuration.update |
A storage configuration is updated. |
satellite.storage-configuration.get-by-controller |
Lists storage configurations that are created for the given location. |
satellite.storage-configuration.update-revision |
A storage configuration was updated to use the latest template revision. |
Events for Satellite assignments
| Action | Description |
|---|---|
satellite.subscription.get |
The details of assignment are retrieved. |
satellite.subscription.list |
A list of assignments is retrieved. |
satellite.subscription.get-by-name |
An assignment is retrieved. |
satellite.subscription.get-by-config |
An assignment is retrieved by using the associated configuration. |
satellite.subscription.get-by-controller |
A list of assignments is retrieved by using a location. |
satellite.subscription.get-by-clusterid |
A list of assignments is retrieved by using the cluster ID. |
satellite.subscription.create-by-cluster |
An assignment is created for a given cluster. |
satellite.subscription.create |
An assignment is created. |
satellite.subscription.delete |
An assignment is deleted. |
satellite.subscription.update |
An assignment is updated. |
satellite.available.classes.get |
A list of available storage classes for an assignment is retrieved. |
Viewing events for Satellite
Events that are generated by IBM Cloud Satellite are automatically forwarded to the IBM Cloud Activity Tracker service instance in the IBM Cloud region that the Satellite location location is managed from. IBM Cloud Activity Tracker has only one instance per region, which you can use to view events for the IBM Cloud services in that region. For more information, see Navigating to the UI.
IBM Cloud® Identity and Access Management (IAM) events are available in the Frankfurt (eu-de) region. To view these events, you must provision an instance of the IBM Cloud Activity Tracker service in the Frankfurt (eu-de) region. Then navigate to the IBM Cloud Activity Tracker UI.