Skip to content

Universal Audit

Universal Audit allows customers to obtain complete, uniform, and searchable data access audits for all cloud data repositories with full user, access, and data context. Customers can monitor data access, generate compliance reports, investigate incidents, and conduct access reviews for all data stores from the Satori management console.

Screenshot

Features

  • Search and filter - see a list of available filters below
  • Export to CSV - downloads the complete report of audit log for offline analysis or compliance.
  • Share - generates a URL that can be sent to other users of the account in the Satori management console to view the report.
  • Select which columns to show in the table - click on the Settings icon on the top right corner and select which columns to show in the table.
  • Show/hide administrative queries - when using client tools like IDEs or BI tools, not all queries sent by the tool are driven from the user using the tool. For example, the tool might send multiple queries to read the schema of the data store. To filter these "administrative queries" out and focus on queries sent by users, click on the Settings icon on the top right corner and use the toggle button.

Available filters

  • Time frame - only show queries that were sent in the specified time frame.
  • Data store - only show queries that were sent to a particular data store.
  • User name - only show queries that were executed by a particular user.
  • Role - only show queries that were executed using a particular role or IdP group.
  • Client tool - only show queries that were sent from a particular client tool. The complete list of client tools is available here.
  • Data store location - only show queries that accessed a specific table or column.
  • Tags - search for queries by tag. For a complete list of tags, visit the tag reference page.
  • Action type - only show queries that triggered a specific action. More information about actions is available here.
  • Incidents - only show queries that generated an incident
  • Incident ID - search by specific incident ID