Slack 审计日志和异常
Like many Software as a Service (SaaS) offerings, Slack provides audit logs to Enterprise Grid customers that record when entities take an action on the platform. For example, when a user logs in, when a user updates their profile, when an app downloads a file, etc. The actual list of actions that are captured in the audit logs is quite extensive and it is worth perusing periodically for any new additions. The documentation also presents an example audit log and discusses the fields in detail. We suggest reviewing this documentation before proceeding further, and we’ve included an aesthetically pleasing example audit log that you can use to test your newfound audit log expertise:
像许多软件即服务(SaaS)产品一样,Slack为企业网格客户提供审计日志,记录实体在平台上采取行动的时间。例如,当用户登录时,当用户更新其个人资料时,当应用程序下载文件时,等等。实际捕获在审计日志中的操作列表非常广泛,值得定期浏览以了解任何新添加的内容。文档还提供了一个审计日志示例并详细讨论了字段。在进一步操作之前,我们建议先查看此文档,我们还包括了一个美观的审计日志示例,您可以用来测试您新获得的审计日志专业知识:
Where are Slack Audit Logs Available?
Slack审计日志在哪里可用?
Slack audit logs are available to Org Admins, Owners, and those with the Audit Logs Admin role via the Audit Log Dashboard by clicking Tools and Settings → Manage Audit Logs . We will go over a more detailed example of using the UI to interact with audit logs in a subsequent section. The audit logs are also available via an API, and many vendors have connectors available to ingest the audit logs into their platforms. A few examples include:
Slack审计日志可通过点击工具和设置 → 管理审计日志,供组织管理员、所有者和具有审计日志管理员角色的人通过审计日志仪表板访问。我们将在后续部分详细介绍使用UI与审计日志交互的示例。审计日志也可以通过API访问,许多供应商提供了将审计日志导入其平台的连接器。几个示例包括:
The Audit Log API allows for filtering by attributes like when the logs were generated, the action (up to 30 actions may be specified), actor, and entity. For example, if an enterprise was only interested in consuming the user login events from the audit logs, they could specify user_login for the action parameter when calling the API. Please see the API documentation for more detail.
审计日志 API 允许通过过滤属性来筛选日志生成的时间、操作(最多可指定 30 个操作)、执行者...