Rockset
Developer Tools
Terraform ProviderRockset CLINode.js ClientPython Client v1Python Client v0 (Deprecated)Java ClientGo ClientVS Code Extension
StatusSupportCommunity
GuidesSQL ReferenceAPI Reference
HomeWhat is Rockset?Trial Evaluation GuideQuick Start
Loading Data
Adding a Data SourceCreating CollectionsIngest TransformationRollupsCDC DataUsing dbtUsing TerraformIngestion Errors
Querying
Writing QueriesQuery PerformanceSpecial FieldsViews and AliasesAsync QueriesPagination
Performance and Scaling
Virtual InstancesSettings and LimitsStorage Architecture
Applications and Dashboards
Query LambdasMonitoring and AlertingVisualization Tools
Administration
WorkspacesIdentity & Access ManagementAWS PrivateLinkAudit LoggingData Encryption PoliciesSecurity Settings
  • Administration

Audit Logging

This page describes how Rockset provides visibility into your account through the notion of events – which are stored as documents in a special collection called _events – and comprehensive audit logs that we can provide to you on request.

The _events Collection

The _events collection is created when your organization is initialized and cannot be deleted. All events exist in the _events collection as documents containing the following fields:

  • _id - a unique event identifer
  • _event_time - the time at which the event occurred, in milliseconds after January 1, 1970 (UTC).
  • label - one of the labels listed in the table below
  • kind - can be API_KEY, COLLECTION, INGEST, INTEGRATION, ORGANIZATION, QUERY, or USER. Note that events in the QUERY category only apply to queries made from the Rockset Console, and does not include events from queries made via API calls.
  • type - can be INFO, WARNING, ERROR, or DEBUG

Events may also have additional fields depending on the specific event. All supported events are listed in the table below, as well as additional fields for each event label:

LabelKindTypeAdditional Fields
API_KEY_CREATEDAPI_KEYINFOapi_key_name , user_email , details
API_KEY_DELETEDAPI_KEYINFOapi_key_name , user_email , details
API_KEY_ERRORAPI_KEYERRORapi_key_name , user_email
COLLECTION_CREATEDCOLLECTIONINFOcollections , user_email
COLLECTION_DROPPEDCOLLECTIONINFOcollections , user_email
INGEST_WARNINGINGESTWARNINGcollections , details
INGEST_ERRORINGESTERRORcollections , details
INGEST_INFOINGESTINFOcollections , details
INGEST_INITIALIZEDINGESTINFOcollections
INTEGRATION_CREATEDINTEGRATIONINFOintegrations , user_email
QUERY_COLLECTION_NOT_READYQUERYERRORuser_email , details
QUERY_ERRORQUERYERRORuser_email , details
QUERY_INVALIDQUERYERRORuser_email , details
QUERY_SUCCESSQUERYINFOuser_email , details
QUERY_UNIMPLEMENTEDQUERYERRORuser_email , details
USER_CREATEDUSERINFOuser_email
COLLECTION_READYCOLLECTIONINFOcollections , details
COLLECTION_PAUSEDCOLLECTIONINFOcollections , details
ORGANIZATION_INGEST_DISABLEDORGANIZATIONWARNINGdetails
ORGANIZATION_INGEST_ENABLEDORGANIZATIONINFOdetails

Audit Logs

Rockset also maintains comprehensive, searchable, and exportable audit logs of all security-related events including authentication, permissions changes, CRUD operations, assumptions of privileges, and more. This feature is not yet generally available. To request early access, please contact support@rockset.com.

Ask the CommunityContact SupportReport Docs Issue
Copyright © 2023 Rockset