Audit trails enable organizations to meet data governance and compliance requirements by providing a chronological view of all administrator data activities. With the audit trail, Druva Phoenix maintains the history of all the activities that the administrators perform on the Phoenix Management Console. Cloud-derived administrators and data protection officers can track and monitor all the activities ensuring complete transparency, traceability, and accountability of all the administrators, thereby aiding forensics and compliance initiatives.
Only Druva Phoenix cloud-derived administrators and data protection officers administrators can access and view the trail of activities on the entities performed by all administrators. To access the trail, select Audit Trails on the Manage menu. Note that if organization is enabled, then select All Organizations and then click Manage > Audit Trails. For more information, see Enabling or Disabling Organizations. By default, Druva Phoenix retains the trail of activities for three years. After three years, Druva Phoenix deletes the audit trail records.
Audit trail captures activity details, such as the name of the administrator who accessed the entity, the action performed, the resource and the entity on which the activity was performed, the timestamp of the action performed, and the updated values of the entity. After an activity is completed, there is no latency and Druva Phoenix logs the audit details immediately without any interaction with the administrators.
The following screenshot depicts a sample record of an activity on the console.
Druva Phoenix generates the Admin Audit Trails report and sends an email to all cloud administrators on the first day of every month. The cloud administrators can view the Admin Audit Trails report on the Reports menu. The cloud administrators can also apply filters to generate custom reports for specific operations and download them using the Admin Audit Trails page. For more information about reports, see Admin Audit Trails Report.
Druva Phoenix also enables you to list and ingest the Audit Trails using API and use the data to build customized reports using third-party tools. Detailed information is available at the Developer’s Documentation Portal - https://developer.druva.com.
Apart from the security and compliance reasons, Audit trail enables Druva Phoenix cloud-derived administrators and data protection officers to:
- Control and securely access Druva Phoenix resources and entities
- Monitor and control activities of all administrators on the Phoenix Management Console
- Diagnose erroneous and critical activities performed by administrators.
- Select resources and their specific entities and generate reports for audit
- Audit the activity records for a maximum of three years
Audit trail restricts Druva Phoenix from:
- Recording activities that are not performed on the Phoenix Management Console; for example, the configuration of backup proxy using vCenter and the configuration of DR proxy in AWS
- Configuring the retention setting for audit trails on the Phoenix Management Console