Arize Audit Log
Overview
Audit Logs provide a comprehensive record of user activities within your Arize account. They are valuable for:
Security monitoring and compliance
Tracking login attempts
Monitoring data access
Ensuring adherence to internal policies
Investigating suspicious activities
Types of Audit Logs
Arize provides three types of audit logs, each capturing different aspects of user interaction with the platform:
1. Unauthenticated Audit Logs
These logs capture user login attempts, whether successful or unsuccessful. They include:
Email address
IP address
Success/failure status
Timestamp of the login attempt
Example Query
2. Authenticated Audit Logs
These logs record mutations (operations) performed by users after they have successfully logged in. They include:
Email address of the user
Operation name
Operation text (the GraphQL query)
Variables passed to the operation
Timestamp of the operation
Note: The
operationName
field is client-supplied. When using the Arize UI, these will be consistent, but be aware that this field can be manipulated by clients and should not be solely relied upon for security-critical decisions.
Example Query
3. Exporter Audit Logs
These logs track when data is exported from your Arize account, helping you monitor who is downloading data and from which models. They include:
Email address of the user
Model name from which data was exported
Timestamp of the export
Note: Exporter logs are only created when data is actually returned. Export requests that return zero rows will not be logged. Additionally, export requests for demo models are not logged.
Example Query
Query Parameters
All audit log queries accept the following parameters:
num
(required): Number of records to retrieve per pagestartTime
(optional): Start of the time range to query (ISO format). If not provided, defaults to last 30 days.endTime
(optional): End of the time range to query (ISO format). If not provided, defaults to now.cursor
(optional): Pagination cursor for retrieving additional pages of results
Pagination
Pagination is encouraged when working with large volumes of audit logs. Each query response includes a pageInfo
object with:
hasNextPage
: Boolean indicating if more records are availableendCursor
: Cursor to use for fetching the next page of results
Here's an example implementation of pagination for retrieving authenticated audit logs:
Last updated
Was this helpful?