Audit trails enable organizations to meet data governance and compliance requirements by providing a chronological view of all administrator data activities. With the audit trail, Phoenix maintains the history of all the activities that the Phoenix administrators perform on the Phoenix Management Console. Cloud-derived administrators and data protection officers can track and monitor all the activities ensuring complete transparency, traceability, and accountability of all the administrators, thereby aiding forensics and compliance initiatives.
Only Phoenix cloud-derived administrators and data protection officers administrators can access and view the trail of activities on the entities performed by all Phoenix administrators. To access the trail, on the menu bar, select All Organizations and click Manage > Audit Trails. By default, Phoenix retains the trail of activities for three years. After three years, Phoenix deletes the audit trail records.
Audit trail captures activity details, such as the name of the administrator who accessed the entity, the action performed, the resource and the entity on which the activity was performed, the timestamp of the action performed, and the updated values of the entity. After an activity is completed, there is no latency and Phoenix logs the audit details immediately without any interaction with the administrators.
The following screenshot depicts a sample record of an activity on the console.
Phoenix generates the Admin Audit Trails report and sends an email to all cloud administrators on the first day of every month. The cloud administrators can view the Admin Audit Trails report on the Reports menu. The cloud administrators can also apply filters to generate custom reports for specific operations and download them using the Admin Audit Trails page. For more information about reports, see Admin Audit Trails Report.
Phoenix also enables you to list and ingest the Audit Trails using API and use the data to build customized reports using third-party tools. Detailed information is available at the Developer’s Documentation Portal -https://developer.druva.com.
Apart from the security and compliance reasons, Audit trail enables Phoenix cloud-derived administrators and data protection officers to:
- Control and securely access Phoenix resources and entities
- Monitor and control activities of all administrators on the Phoenix Management Console
- Diagnose erroneous and critical activities performed by administrators.
- Select resources and their specific entities and generate reports for audit
- Audit the activity records for a maximum of three years
Audit trail restricts Phoenix from:
- Recording activities that are not performed on the Phoenix Management Console; for example, the configuration of backup proxy using vCenter and the configuration of DR proxy in AWS
- Configuring the retention setting for audit trails on the Phoenix Management Console