Audit events for Data Virtualization

Audit events for Data Virtualization are generated and forwarded by the Audit Logging Service.

In addition to auditing events in Data Virtualization, you can use the Db2 audit facility to monitor data access. For more information, see Monitoring user activity with auditing in Data Virtualization. To view Db2 audit events for Data Virtualization, see Db2 audit events for Data Virtualization.

To view Data Virtualization REST APIs, see Data Virtualization REST API.

For a list of DVSYS stored procedures, see Data Virtualization procedures.

The events listed here are auditable in Data Virtualization.

Access management
Audit logs for these events are generated only when you run the operation either through the web client or REST API.
  • data-virtualization.user.grant - Grant instance access to users.
  • data-virtualization.user.revoke - Revoke instance access to users.
  • data-virtualization.group.grant - Grant instance access to groups.
  • data-virtualization.group.revoke - Revoke instance access to groups.
Authentication
Audit logs for these events are only generated when you authenticate against Data Virtualization REST APIs.
  • data-virtualization.user.authenticate - Authentication failure (token).
  • data-virtualization.user.authorize - Insufficient access (role).
Caching
Audit logs for these events are generated regardless of whether you ran the operation by using the cache dashboard in the Data Virtualization web client, or through REST APIs.
  • data-virtualization.cache.create – Create a cache.
  • data-virtualization.cache.delete – Delete a cache.
Configuration
Audit logs for these events are generated only when you run the operation by using the DVSYS stored procedures, either directly or through the web client or REST API.
  • data-virtualization.config.delete – Delete the DEFAULT_CATALOG_GUID value or the CATALOG_PUBLISH_SERVICE_ID and CATALOG_PUBLISH_SERVICE_API_KEY values.
  • data-virtualization.config.updateUpdate the value for keys in the INSTANCE_INFO table. This event includes various actions related to the integration with IBM® Knowledge Catalog, such as the selection of a primary catalog to serve as the governed catalog, enablement of policy enforcement, setting of strict virtualization mode, and PEP cache configuration.
  • data-virtualization.config-data.restore – Restore configuration data.
  • data-virtualization.config-properties10.update – Set up to 10 configuration properties.
  • data-virtualization.config-property.update – Set a configuration property.
  • data-virtualization.encrypted-config.update – Encrypt and set the CATALOG_PUBLISH_SERVICE_ID and CATALOG_PUBLISH_SERVICE_API_KEY values.
  • data-virtualization.decrypted-config.get – Decrypt the CATALOG_PUBLISH_SERVICE_ID and CATALOG_PUBLISH_SERVICE_API_KEY values.
Connections
Audit logs for these events are generated only when you run the operation by using the DVSYS stored procedures, either directly or through the web client or REST API.
  • data-virtualization.gateway.create – Define Gateway.
  • data-virtualization.gateway.delete – Remove Gateway.
  • data-virtualization.ccid.update – Update the CCID of all connections.
  • data-virtualization.CIDs-for-virtual-table.list – Retrieve the CID information for virtual tables.
  • data-virtualization.connector-config-hash.create – Generate the configuration.
  • data-virtualization.COS-connection-status.get – Get the object connection details.
  • data-virtualization.data-source-connection.create – Define a new data source connection.
  • data-virtualization.data-source-connection.delete – Remove a data source connection.
  • data-virtualization.object-store-connection.create – Define a cloud object store connection.
  • data-virtualization.object-store-connection.delete – Remove a cloud object store connection.
  • data-virtualization.COS-schema.get – Get cloud object storage schema.
  • data-virtualization.COS-buckets.list – List cloud object storage buckets.
  • data-virtualization.COS-objects.list – List cloud object storage objects.
  • data-virtualization.COS-object.get – Preview cloud object storage objects.
  • data-virtualization.constellation.create – Define a constellation.
  • data-virtualization.manage-certificate.update – Update manage certificate.
  • data-virtualization.connection-privilege.create – Grant connection privilege.
  • data-virtualization.connection-privilege.revoke – Revoke connection privilege.
  • data-virtualization.batch-alter-connection-privilege.create – Batch alter the connection privilege.
  • data-virtualization.transfer-ownership-of-connection.create – Transfer ownership of connection.
Data source management
Audit logs for these events are generated only when you run the operation by using the DVSYS stored procedures, either directly or through the web client or REST API.
  • data-virtualization.datasource.create - Add a data source.
  • data-virtualization.datasource.update - Update a data source.
  • data-virtualization.datasource.delete - Delete a data source.
Governance
Audit logs for these events are generated only when you run the operation either through the web client or REST API.
  • data-virtualization.catalog.publish – Publish an object to a catalog.
  • data-virtualization.project.assign – Assign an object to a project.
Logs
Audit logs for these events are generated only when you run the operation by using the DVSYS stored procedures, either directly or through the web client or REST API.
  • data-virtualization.agent-trace.set– Set Agent Trace.
  • data-virtualization.defaultAuditLoggingSetting.update – Toggle audit logging setting.
  • data-virtualization.log-level.update – Set the log level.
  • data-virtualization.logs-with-marker.backup – Archive the current logs.
  • data-virtualization.performance-metrics.get – Get the performance metrics.
  • data-virtualization.query-stats-cache.backup – Archive the content of the DVSYS.QUERYSTATS view.
  • data-virtualization.RCAC-on-catalog-tables.update – Enable or disable row access control on Db2 catalog tables.
Object management
Audit logs for these events are generated only when you run the operation by using the DVSYS stored procedures, either directly or through a REST API.

  • data-virtualization.objects.export – Export Data Virtualization objects to a file in JSON format.
  • data-virtualization.<object_type>.import – Import objects from JSON format into Data Virtualization.
    Note: Replace <object_type> with a specific object type (NICKNAME, TABLE or VIEW), or with OBJECTS.
  • data-virtualization.Git-configuration-properties.create – Register a Git configuration to your Data Virtualization instance. This is a part of the pre-requisite steps in Migrating Data Virtualization objects by using Git.
Queries
Audit logs for these events are generated only when you run the operation by using the DVSYS stored procedures, either directly or through the web client or REST API.
  • data-virtualization.execution-info.get – Return execution information from the log file on each node in the constellation.
  • data-virtualization.jdbc-url.get – Generate the JDBC URL and JDBC Driver string.
  • data-virtualization.logged-queries.get – Get a result set that lists the query IDs to the query text received at the service node.
Remote connectors
Audit logs for these events are generated only when you run the operation by using the DVSYS stored procedures, either directly or through the web client or REST API.
  • data-virtualization.remote-gaian-node.update – Upgrade the remote connectors.
Virtualization
Audit logs for these events are generated only when you run the operation by using the DVSYS stored procedures, either directly or through the web client or REST API.
  • data-virtualization.nickname.delete– Remove a nickname.
  • data-virtualization.table.delete – Remove a table.
  • data-virtualization.table-statistics.create – Gather statistics on a virtualized table.
  • data-virtualization.view.delete – Remove a view.
  • data-virtualization.virtualized-file.create – Virtualize a table from a file.
  • data-virtualization.virtualized-table.create – Virtualize a table.
  • data-virtualization.virtualizeNativeQuery.create – Create nickname (virtualized table) with appropriate definition for a query.
  • data-virtualization.virtual-object-store.create – Return the schema from an ORC or Parquet file in object storage.
  • data-virtualization.refresh-schema-map.update – Refresh the schema map.
  • data-virtualization.schema-removal-results.update – Remove the schema from assets.