Audit Log Capture

The Audit Logs Taskflow calls an Application Integration process that extracts audit log information from a specified organization and writes it to a staging file location. By default, this staging location is set to /tmp on the machine where the Secure Agent is running. If log records are extracted, a mapping task subsequently runs to transfer the data from the staging location to the target cloud storage. The taskflow is designed to run once per day to retrieve the previous day’s data.

1Open the Get Audit Log process in Application Integration.

aOn the Start tab of the Start step, select the Secure Agent from the Run On list.
bOn the Temp Fields tab of the Start step, enter the target organization's base URL in the baseOrgUrl field. For example, if you have logged in using https://dm-us.informaticacloud.com/identity-service/home, set this field value to https://dm-us.informatica.cloud.com/saas.
cSave and publish the process.

2Open the Load Cloud Storage Audit Mapping mapping in Data Integration.

aOn the Source tab of the srcReadAuditLogStage step, select the flat file connection that points to your staging directory and the object as shown in the following image:

This image shows the flat file connection and the object selected in the Source tab of the srcReadAuditLogStage step.

bOn the Target tab of the tgtCloudStorage step, select the cloud storage connection that points to your cloud storage location as shown in the following image:

This image shows the cloud storage connection selected on the Target tab of the tgtCloudStorage step.

cSave and run the mapping.

3Open the Load Audit Logs Mapping Task mapping task in Data Integration.

aClick Edit.
bFrom the Runtime Environment list, select the Secure Agent.
cSave and run the mapping task.

4Open the Audit Logs Taskflow taskflow in Data Integration.

aOn the Start tab of the Start step, enter a valid user ID and/or group for the organization in the Allowed Users and/or Allowed Groups fields.
bOn the IntegrationOps Task tab of the Get Audit Logs step, reselect the Get Audit Log process and click Save.
cOn the Input Fields tab of the Get Audit Logs step, add all the input fields and assign field values as shown in the following image:

The image shows the input fields configured for the Get Audit Logs step in the Audit Logs Taskflow taskflow.

dSave and publish the taskflow.
eTest the audit log using the Run Using option in Data Integration or with Postman.

To test with the Run Using option, perform the following steps:

aOn the Actions menu, click Run Using.
bProvide inputs using the following JSON format:

{
"username": "<user name for org to get log files>",
"password": "<password for org to get log files>",
"startDateTime": "",
"in_tgtPath": "<full path to cloud storage, including file name>",
"batchSize":"500"
}

Note: You might get the log files from a different organization than where you installed the package.

cSave and run the taskflow.

To test using Postman, perform the following steps:

aOn the Actions menu, click Properties Details > Copy Service URL.
bOpen Postman.
cSelect the HTTP verb as POST and specify the generated REST service URL.
dOn the Authorization tab, select Basic Auth and enter the user account details same as provided in the taskflow.
eOn the Body tab, select the body type as raw and provide the following JSON snippet for the HTTPS request:

fSend the POST request.

You will receive the taskflow run ID as a response.