Audit logs are crucial for tracking changes and security-relevant events. Dynatrace can log such events so that you can review important changes: when the change was made, by whom, and what was changed.
The following events are logged:
Audit logs don't include changes to OAuth tokens or changes to Account Management configuration, such as SSO.
Audit logs include personal identifiable information (PII) such as email addresses and IP addresses of Dynatrace users.
🔴 Disabled by default
To enable audit logging
Dynatrace retains audit logs for 30 days and automatically deletes them afterwards.
You can also enable audit logs via Data privacy API.
You can access environment-wide audit logs via the GET audit log API call.
You can access cluster-wide audit logs of Dynatrace Managed clusters by viewing the audit log files stored in the file system. All audit log files are stored in the log folder. The path to the log folder is documented in Managed hardware requirements.
Additionally, Dynatrace Managed offers an audit log viewer in the Cluster Management Console (Audit log in the navigation menu).