Trail

A trail is to Audit Trails resource responsible for collecting and delivering audit logs of Nebius Israel resources to an Object Storage bucket.

Audit log collection scopeAudit log collection scope

In the trail settings, you can choose where to collect audit logs from:

• Organization: Collect audit logs from all resources in all clouds of the organization.
• Cloud: Collect audit logs from the resources hosted in the selected folders of the cloud.
• Folder: Collect audit logs from the folder hosting the trail.

A trail will collect the audit logs of all the resources found in a specified area, including resources added to this area after the trail was created, and upload them to a bucket.

If resources are added to the audit log collection scope after a trail is created, the trail will automatically start collecting audit logs for them.

Destination objectDestination object

Each trail only loads audit logs to a single destination object, such as a bucket.

When uploading audit logs to a bucket, Audit Trails generates audit log files approximately once every 5 minutes. The trail will write all the events that occurred to the cloud resources during that period to one or more files. If no events occurred during the period, no files are generated.

Each trail runs independently of one another. Using multiple trails, you can differentiate access to various log groups for users and services according to your information security policy.

Trail settingsTrail settings

The trail contains all the audit log settings:

• Name: Required parameter.
• Description: Optional parameter.
• Filter section:
  • Resource: This field can take on the values Organization, Cloud, or Folder.
  • For the Organization value:
    • Organization: The name of the current organization. The value is populated automatically.
  • For the Cloud value:
    • Cloud: The name of the cloud hosting the current trail. The value is populated automatically.
    • Folders are the folders for whose resources the trail will collect audit logs. If you don't specify any folder, the trail will collect audit logs from all resources in the cloud.
  • For the Folder parameter:
    • Folder is the name of the folder hosting the trail. The value is populated automatically.
• Destination section:
  • Destination: Value of Object Storage.
  • For the Object Storage value:
    • Bucket: The name of the bucket.
    • Object prefix: An optional parameter used in the full name of the audit log file.
• Service account section: Service account to use for uploading audit logs to a bucket. If the account needs more roles, a warning with a list of roles will show up.

What's nextWhat's next

• Learn more about the audit log format.
• See trail diagnostic logs.
• Learn about events.