Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Audit Logs Overview

An audit log is a record of a sequence of activities that have affected a specific operation or procedure. Audit logs are useful for tracing events and for maintaining historical data.

Audit logs contain information about tasks initiated by using the Juniper Security Director Cloud GUI or APIs. In addition to providing information about the resources that were accessed, audit log entries usually include details about user-initiated operations, such as the name, role, and IP address of the user who initiated an operation, the status of the operation, and date and time of execution.

Note:

  • Juniper Security Director Cloud retains the audit log for 6 months.

  • Device-driven tasks (that is, tasks not initiated by the user) are not recorded in audit logs.

Administrators can use audit logs to review events. For example, administrators can identify the user accounts associated with an event, determine the chronological sequence of events. For audit log entries that have an associated job, you can click the hyperlinked job ID to go to the Jobs page, where you can view the details of the job.

Use the Audit Logs page to view the tasks that you have initiated either by using the Juniper Security Director Cloud GUI or APIs. You can also export audit logs as a comma-separated values (CSV) file or a portable data format (PDF) file.

Table 1 provides description of the fields on the Audit Logs page.

Table 1: Fields on the Audit Logs Page

Field

Description

Username

Displays the username of the user who initiated the task.

Object Name

Displays the name of the object on which the task was initiated. An object can be a tenant, site, device, device image, template, and so on.

Source IP

Displays the IP address of the client from which the user initiated the task. For tasks that do not have an associated user IP address, this field is blank.

Operation

Displays the name of the task that triggered the audit log. For example, create address, delete address, create NAT policy, and so on.

Description

Displays details about the task.

Status

Displays the status of the task that triggered the audit log:

  • Success—Job or task was completed successfully.

  • Failure—Job or task failed and was terminated.

  • Job Scheduled—Job is scheduled but has not yet started.

  • Recurring Job Scheduled—Recurring job is scheduled.

Logged Time

Displays the date and time at which the execution of the task was completed. This timestamp is stored in UTC time in the database, but is mapped to the local time zone of the client computer.

Job ID

For tasks that have associated jobs, displays the ID of the job associated with the task.

You can click the job ID to go to the Jobs page, where you can view the status of the job.

Related Documentation