Audit Trails¶
Overview¶
Audit trails provide a comprehensive record of all platform operations for compliance and security review. Each audit trail captures a defined time range of events including signing operations, certificate issuance, approvals, configuration changes, and administrative actions.
The Audit Trails page in the GUI allows administrators to create, view, and download audit reports. Audit trails are a critical compliance tool that provides tamper-evident documentation of platform activity.
Regular auditing
Establish a regular schedule for generating audit trails (e.g., weekly or monthly). This ensures you have continuous coverage and can quickly provide records during compliance reviews or security investigations.
Trail States¶
Audit trails move through a series of states during their lifecycle:
| State | Description |
|---|---|
| New | The trail request has been submitted and is waiting to be processed by the platform. |
| InProcess | The platform is generating the audit trail, collecting and compiling all events within the specified time range. |
| Ready | The trail has been successfully generated and is available for viewing and download. |
| Failed | An error occurred during trail generation. Check the error details and retry if necessary. |
State Transitions¶
graph LR
A[New] --> B[InProcess]
B --> C[Ready]
B --> D[Failed]Processing time
Trail generation time depends on the volume of events in the specified time range. Trails covering extended periods with high activity may take longer to process.
Creating Audit Trails¶
To create a new audit trail, specify the time range you want to audit. The platform will generate a comprehensive report of all operations within that period.
Steps¶
- Navigate to Audit Trails from the main navigation.
- Click New Audit Trail (or the equivalent action button).
- Specify the start date and time for the audit period.
- Specify the end date and time for the audit period.
- Click Create to submit the trail request.
Trail Contents¶
The generated audit trail includes:
| Event Type | Description |
|---|---|
| Signing Operations | All signing requests and their outcomes (success, failure, rejection) |
| Certificate Issuance | Certificates issued by any CA during the period |
| Approvals | Approval and rejection actions for change requests, client registrations, and other approval-gated operations |
| Configuration Changes | Modifications to system configuration, security groups, and product settings |
| Revocations | Certificate revocation and unrevocation actions |
| Client Activity | Client registration and deletion events |
Viewing and Downloading¶
Once a trail reaches the Ready state:
- Click on the trail to view its details and event summary.
- Use the Download action to export the trail as a file for offline review or archival.
Immutability
Audit trails are immutable once generated. They provide a tamper-evident record of platform activity and cannot be modified or deleted after creation.
Troubleshooting¶
| Issue | Possible Cause | Resolution |
|---|---|---|
| Trail stays in New state | The audit processing service may be under heavy load | Wait for processing to begin; check system status if the delay is excessive |
| Trail generation fails | The specified time range may be invalid or the audit data store may be temporarily unavailable | Verify the time range is valid and retry the trail creation |
| Trail appears empty | No platform operations occurred during the specified time range | Verify the time range covers a period with known activity |
| Cannot download a trail | The trail is not yet in Ready state | Wait for processing to complete before attempting download |