X

The latest cloud infrastructure announcements, technical solutions, and enterprise cloud insights.

Gain Visibility Into BMCS Using Audit Service

By Dhananjay Mahajan

Visibility is an important aspect of any cloud implementation. To help you run the most demanding workloads with confidence, we have released the Oracle Bare Metal Cloud Audit Service, which provides a record of events and activities taking place within your BMCS environment.

I’m the lead Product Manager for Bare Metal cloud DevOps & Platform Services, and I’m excited to announce the release of Oracle Bare Metal Cloud Audit Service, the first step in helping you see and understand what is happening in your BMCS tenancy.

The Oracle Bare Metal Cloud Audit Service is a web service that automatically records all control calls to any public application programming interface (API) on your Oracle Bare Metal cloud resources either through Console or API. You can get all the details of the call activity - who did, what action, on what resources, when that happened and what was the outcome of that activity.

Cloud Operations teams use these Audit events to review usage and changes in their tenancy triggered by user activities, and can trouble shoot problems by viewing the activities. Cloud Auditors use the events for security audits and compliance monitoring.

When you log into the Oracle Bare Metal Cloud Console, you will see an Audit section for your tenancy. In the Audit section, you can search for events in each compartment by time range (in UTC). You can inspect the fields in an event to better understand each activity.

Let me share some tips that you will find helpful when using the Audit Service and inspecting the events. For the key questions that Audit Service answers, you will need to inspect each Audit event for specific fields -

What was the activity?

requestAction

requestParameters

requestResource

 

Who did it? from where?

PrincipalID

requestAgent

compartmentId

 

When did it happen?

eventTime

 

What was the outcome?

responseStatus

 

When was the outcome?

responseTime  

 

You can use the text search in the console to filter to the most interesting events. For example, to list all events that experienced failure, you can search for events with failure status codes like “500”, or “404”. You can get more information about the events in the Reference documentation. These events are in standard JSON format so you can easily use them with popular Audit and Security analysis tools.

The access to Audit events is highly secure. Internally, the Audit service performs data integrity checks to make sure that the events are delivered as recorded by the service infrastructure. Only Tenant Administrators of your BMCS tenancy have read access to the Audit events. They can give access to the Audit events to other users using a BMCS policy statement.

The Audit service is available by default as part of your Bare Metal Cloud entitlement at no extra cost. All Audit events are archived for 90 days after they are recorded. If you want to archive the events for a longer period, use the Java SDK to extract these events and store them wherever you like. Please note that the API for Audit is meant to extract a few gigabytes of events at a time and not for streaming large amounts of data.

You can find more information in Documentation here - https://docs.us-phoenix-1.oraclecloud.com/Content/Audit/Concepts/auditoverview.htm

For more information on the Java SDK, you can find it https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/sdks.htm.

We will release more services to simplify operating the BMCS platform efficiently. So please watch this place and send us feedback as it will help us improve the platform.

Dhananjay Mahajan
Product Manager
DevOps & Platform Services

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha