This page describes how Rockset provides visibility into your account through the notion of events –
which are stored as documents in a special collection called
_events – and comprehensive audit
logs that we can provide to you on request.
_events collection is created when your organization is initialized and cannot be deleted. All
events exist in the
_events collection as documents containing the following fields:
_id- a unique event identifer
_event_time- the time at which the event occurred, in milliseconds after January 1, 1970 (UTC).
label- one of the labels listed in the table below
kind- can be
USER. Note that events in the
QUERYcategory only apply to queries made from the Rockset Console, and does not include events from queries made via API calls.
type- can be
Events may also have additional fields depending on the specific event. All supported events are listed in the table below, as well as additional fields for each event label:
|API_KEY_CREATED||API_KEY||INFO||api_key_name , user_email , details|
|API_KEY_DELETED||API_KEY||INFO||api_key_name , user_email , details|
|API_KEY_ERROR||API_KEY||ERROR||api_key_name , user_email|
|COLLECTION_CREATED||COLLECTION||INFO||collections , user_email|
|COLLECTION_DROPPED||COLLECTION||INFO||collections , user_email|
|INGEST_WARNING||INGEST||WARNING||collections , details|
|INGEST_ERROR||INGEST||ERROR||collections , details|
|INGEST_INFO||INGEST||INFO||collections , details|
|INTEGRATION_CREATED||INTEGRATION||INFO||integrations , user_email|
|QUERY_COLLECTION_NOT_READY||QUERY||ERROR||user_email , details|
|QUERY_ERROR||QUERY||ERROR||user_email , details|
|QUERY_INVALID||QUERY||ERROR||user_email , details|
|QUERY_SUCCESS||QUERY||INFO||user_email , details|
|QUERY_UNIMPLEMENTED||QUERY||ERROR||user_email , details|
|COLLECTION_READY||COLLECTION||INFO||collections , details|
|COLLECTION_PAUSED||COLLECTION||INFO||collections , details|
Rockset also maintains comprehensive, searchable, and exportable audit logs of all security-related events including authentication, permissions changes, CRUD operations, assumptions of privileges, and more. This feature is not yet generally available. To request early access, please contact firstname.lastname@example.org.