+------------------------+ | Metadata | +----------+-------------+ | Template | guides | +----------+-------------+ | Image | ![][image0] | +----------+-------------+ | Category | resources | +----------+-------------+ +-------------------+ | Section Metadata | +---------+---------+ | style | content | +---------+---------+ # Audit log Admin and indexing operations are recorded in an audit log that can be queried via an [Admin endpoint](https://www.hlx.live/docs/admin.html#tag/log/operation/getLogs). Only users who have the role `admin.role.author` can read the audit logs, see [Admin Roles](http://www.aem.live/docs/authentication-setup-authoring#admin-roles) for more information. There’s also a [handy tool](https://tools.aem.live/log-viewer) to look at the audit logs. ## Admin operations The audit log stores information about the following **successful** Admin operations: +---------------------------------------------------------------------------+ | Table | +---------------------------------------------------------------------------+ | +-----------+-----------------------------------------------------------+ | | | **Name** | **Description** | | | +-----------+-----------------------------------------------------------+ | | | `preview` | When a page is previewed or removed from preview\.. | | | +-----------+-----------------------------------------------------------+ | | | `live` | When a page is published or unpublished. | | | +-----------+-----------------------------------------------------------+ | | | `index` | When a page is indexed or removed from the index.. | | | +-----------+-----------------------------------------------------------+ | | | `cache` | When a page is manually purged from the cache. | | | +-----------+-----------------------------------------------------------+ | | | `code` | When code is synchronized from GitHub. | | | +-----------+-----------------------------------------------------------+ | | | `config` | When the site configuration is modified. | | | +-----------+-----------------------------------------------------------+ | | | `sitemap` | When a sitemap is rebuilt manually. | | | +-----------+-----------------------------------------------------------+ | | | `job` | When a cache purge job is triggered after code | | | | | synchronization . | | | +-----------+-----------------------------------------------------------+ | | | `form` | When a sheet is prepared for data ingestion (deprecated). | | | +-----------+-----------------------------------------------------------+ | +===========================================================================+ The following information about those operations is stored: +--------------------------------------------------------------------------------+ | Table | +--------------------------------------------------------------------------------+ | +----------------+-----------------------------------------------------------+ | | | **Name** | **Description** | | | +----------------+-----------------------------------------------------------+ | | | `timestamp` | Epoch when the operation took place. | | | +----------------+-----------------------------------------------------------+ | | | `duration` | Time in milliseconds the operation took. | | | +----------------+-----------------------------------------------------------+ | | | `method` | HTTP method used (`POST` or `DELETE`) | | | +----------------+-----------------------------------------------------------+ | | | `route` | Operation that took place (see above). | | | +----------------+-----------------------------------------------------------+ | | | `path` | Target path of the operation. | | | +----------------+-----------------------------------------------------------+ | | | `contentBusId` | Internal content bus ID of the project. | | | +----------------+-----------------------------------------------------------+ | | | `org` | Organization name. | | | +----------------+-----------------------------------------------------------+ | | | `site` | Site name. | | | +----------------+-----------------------------------------------------------+ | | | `ref` | GitHub branch or tag affected. | | | +----------------+-----------------------------------------------------------+ | | | `user` | User that made the change, missing if the request was not | | | | | authenticated. | | | +----------------+-----------------------------------------------------------+ | | | `ip` | Originating IP | | | +----------------+-----------------------------------------------------------+ | | | `search` | Query string of the URL requested. | | | +----------------+-----------------------------------------------------------+ | +================================================================================+ ## Indexing operations The audit log stores information about the outcome of background indexing operations, namely: +--------------------------------------------------------------------------------+ | Table | +--------------------------------------------------------------------------------+ | +----------------+-----------------------------------------------------------+ | | | **Name** | **Description** | | | +----------------+-----------------------------------------------------------+ | | | `timestamp` | Epoch when the operation took place. | | | +----------------+-----------------------------------------------------------+ | | | `contentBusId` | Internal content bus ID of the project. | | | +----------------+-----------------------------------------------------------+ | | | `changes` | An array of strings describing what changed in the index. | | | +----------------+-----------------------------------------------------------+ | | | `errors` | An array of strings containing errors that occurred while | | | | | indexing. | | | +----------------+-----------------------------------------------------------+ | | | `unmodified` | Number of index changes that did not change a row in the | | | | | index. | | | +----------------+-----------------------------------------------------------+ | +================================================================================+ ## Examples Here are some examples of how common [operations triggered via Sidekick](https://www.aem.live/docs/sidekick) will be reflected in the audit log: +----------------------------------------------------------------------------------------------+ | Table | +----------------------------------------------------------------------------------------------+ | +---------------+----------------------------------------+---------------------------------+ | | | **Operation** | **Sidekick** | **Audit log** | | | +---------------+----------------------------------------+---------------------------------+ | | | Preview | *Preview* button in editor\ | ``` | | | | | *Reload* button in preview environment | method: POST, route: /preview | | | | | | ``` | | | +---------------+----------------------------------------+---------------------------------+ | | | Publish | *Publish* button in preview, live or | ``` | | | | | production environment | method: POST, route: /live | | | | | | ``` | | | +---------------+----------------------------------------+---------------------------------+ | | | Unpublish | *Unpublish* button in preview, live or | ``` | | | | | production environment | method: DELETE, route: /live | | | | | | ``` | | | +---------------+----------------------------------------+---------------------------------+ | | | Delete | *Delete* button in preview, live or | ``` | | | | | production environment | method: DELETE, route: /preview | | | | | | method: DELETE, route: /live | | | | | | ``` | | | +---------------+----------------------------------------+---------------------------------+ | +==============================================================================================+ ## Retention policy Edge Delivery Services audit logs are kept indefinitely, or as long as the customer wants to keep them. [image0]: https://main--helix-website--adobe.aem.page/media_1f0a20136d57db477c73b7633d273c158825a2056.png#width=1463&height=1097