Dashboards Using Audit Logs

Hi Team,

I need to create a cube using Audit logs, can someone help me with how we can connect Logs with Elastic cubes

https://documentation.sisense.com/docs/audit-logs

Thanks

Nazeer

Code-first Analytics

Technology

KatieG
04-05-2022
Hi Nazeer,
The audit logs are located in /opt/sisense/storage/audit
These logs will rotate every 24 hours or when the max file size has been reached:
I've attached a sample model that could be used to get started.
To create the connection from scratch, create an elasticube and add the data as CSV
Choose "Server Access"
Add the input folder path as /opt/sisense/storage/audit
And toggle on "Union Selected"
Select the checkbox next to the file name then hit preview to edit the fields
Toggle off the "First Row Contains Field Names" and set the Delimiter to "None"
Then click 'Done'
This process results in one long string per row. Using custom columns, we can parse the contents of the string into timestamps, users, actions, and action objects.
An example of a dashboard:
Hope that helps!

3 Replies

Replies have been turned off for this discussion

KatieG
Sisense Employee
04-05-2022
Hi Nazeer,
The audit logs are located in /opt/sisense/storage/audit
These logs will rotate every 24 hours or when the max file size has been reached:
I've attached a sample model that could be used to get started.
To create the connection from scratch, create an elasticube and add the data as CSV
Choose "Server Access"
Add the input folder path as /opt/sisense/storage/audit
And toggle on "Union Selected"
Select the checkbox next to the file name then hit preview to edit the fields
Toggle off the "First Row Contains Field Names" and set the Delimiter to "None"
Then click 'Done'
This process results in one long string per row. Using custom columns, we can parse the contents of the string into timestamps, users, actions, and action objects.
An example of a dashboard:
Hope that helps!
Nazeer
Cloud Apps
04-11-2022
Great Thanks for the help, but how to automate the daily files to fetch into Cube ?

Will that UnionSelected Helps me in doing that ?

Nazeer
- KatieG
  Sisense Employee
  04-11-2022
  Hi Nazeer , using the "Union Selected" option on the data connection screen will UNION all of the files in that folder path together - so you don't need to worry about adjusting the connection each day, it will pull all files
  Keep in mind that the default setting is 30 days of data, this can be adjusted to longer periods of time but if you need to keep for example 6 months or more of audit data, we recommend either:
  Create a copy task to copy these files to another location for long term storage
  -OR-
  Use this API to download the audit data: GET /api/v2/audit
  Hope that helps!

Forum Discussion

Dashboards Using Audit Logs

3 Replies

Recent Discussions

Pivot Table widget - column headers and column data out of alignment

Blox conditional formatting up and down indicators

Remove Widget Title Box

Change Legend Category Names

Rename the Pivot Grand Total

Sisense

Support

Resources