Audit Logs centralizes information about the changes suffered by the DNS Zones belonging to all the client accounts that have the appropriate permission enabled. These records track the actions performed either by the system administrator or by the client account owner on the DNS Zones, offering you a detailed overview of the changes that took place.
The Audit Logs management page has two sections:
Clear Logs
You can remove the stored audit logs from the database using one of the two available options:
Clear logs starting from {date} To {date} - Select this radio button if you want to clear the logs recorded in a certain period of time. Use the available text boxes or the calendar buttons to specify the interval's starting and end date. The accepted date format is yyyy-mm-dd.
Clear logs older than {number} {period} - Select this radio button if you want to clear the logs older than the specified {number} of days/weeks/months/years. Use the drop-down list to select the {period}.
Audit Log Records
Using the available controls, you can:
Visualize all the events that took place.
Obtain detailed information on a specific event.
Search for certain logs.
Remove unuseful DNS Zone logs.
displays the following information about the available Audit Log Records:
Client - The client on behalf which the event was performed. Not only the client account owner can manage its Zones, but the system administrator as well.
The displayed format is client_login (userID), for example joedoe (2748).
Have in mind that the actions can be performed from three different environments:
The web interface.
SystemAPI.
The command line.
Event - The audited event. records 12 different event types:
- Zone Add - A new DNS Zone was added to the client account.
Zone Delete - One of the existing DNS Zones was removed from the client account.
Zone Record Edit - The Zone record's preferences were modified (this includes both enabling and disabling the record).
Zone Record Delete - One of the existing records was removed from an existing DNS Zone.
Zone Record Add - A new record was added to one of the existing DNS Zones.
Zone Change Type - The DNS Zone type was changed either form Master to Slave or from Slave to Master.
Zone Change Status - The DNS Zone was either enabled or disabled.
Zone SOA Change - The SOA (Start of Authority) record that defines the global parameters for a DNS Zone was modified.
Zone Slave Transfer IP Added - A new IP address allowed to transfer the Zone information from the server (master or slave for the zone) was added.
Zone Slave Transfer IP Deleted - A transfer IP address for one of the available Zones was removed.
Zone Master IP Added - Each Slave Zone must have defined a master IP address. Therefore, each time the Zone type is changed from Master to Slave, if the master IP address does not exist, you will be required to provide one. This event is displayed in pair with Zone Change Type.
Zone Master IP Deleted - The master IP address defined for a Slave Zone was removed.
Description - The name of the Zone, followed by several details about the Event that took place. The displayed information depends on the Event type:
For Zone Add and Zone Delete:
{zone_name}
Example: foo.com
On click, a pop-up panel with detailed information about the audited event is displayed:
The following details are available:
Record Info
Performed by - The user that performed the audited action. It can be both the system administrator who added/removed the client's DNS Zone or the client account owner himself. The displayed format is client_login (userID), for example admin(1) or joedoe (12).
Performed in - The environment used to perform the action:
web interface
command line
SystemAPI
Operation - The performed action's descriptive name.
Zone name - The name of the DNS Zone the action was performed on, for example foo.com.
For Zone Record Edit:
{zone_name} {record_type} {record_name_old} {record_name_new}
Example: foo.com MX record mail.foo.com changed to internmail.foo.com
On click, a pop-up panel with detailed information about the audited event is displayed:
The following details are available:
Record Info
Old Record - Details about the record that was modified:
Record type - The type of the DNS record the action was performed on.
supports the following DNS records types:
For E.164 Zones (used for mapping telephone numbers into DNS, for example a Zone in the e164.arpa domain):
NS and NAPTR
For Froward Zones (regular Zones):
A, NS, AAAA, CNAME, MX, TXT, NAPTR, SRV, CAA
For Reverse Zones (used for reverse DNS lookup, for example a Zone in the in-addr.arpa domain):
PTR, NS, CNAME and TXT
In the given example, the DNS Zone name was changed from mail.foo.com to internmail.foo.com, which implied the modification of an A record type (it returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but also used for DNSBLs, storing subnet masks, etc.).
Status - Displays if the record type is enabled or disabled.
Value - The record's given value that depends on the DNS Zone type,
Host - The DNS record's hostname (e.g.: mail.foo.com.).
New Record
The same fields as for the Old Record section are displayed, except the cases when one of the record's preferences was removed.
For Zone Record Delete and Zone Record Add:
{zone_name} {record_type} {record_name}
Example: mail.foo.com MX 10 externallink.com.
The following details are available:
Record Info
Record Details - The details about the removed Zone record are similar to the ones displayed for the previous event.
For Zone Change Type:
{zone_name} {record_old_type} {record_new_type}
Example: foo.com changed to slave zone
On click, a pop-up panel with detailed information about the audited event is displayed:
The following details are available:
Record Info
Old Record
Status - The DNS Zone can be enabled or disabled.
Type - Displays if the DNS Zone was either master or slave.
New Record
The new DNS Zone Type is displayed with red characters.
For Zone Change Status:
{zone_name} {old_status} {new_status}
Example: foo.com status changed to enabled
On click, a pop-up panel with detailed information about the audited event is displayed:
The following details are available:
Record Info
Old Record
Type - Displays if the DNS Zone was either master or slave.
Status - The DNS Zone was either enabled or disabled.
New Record
The new DNS Zone Status is displayed with red characters.
For Zone SOA Change:
{zone_name}
Example: foo.com SOA records edited
On click, a pop-up panel with detailed information about the audited event is displayed:
The following details are available:
Record Info
Old Record
TTL
Expire
Refresh
Minimum TTL
The order these fields are displayed varies, as the preference that was modified is displayed on the last position.
New Record
The same fields as for the Old Record section are displayed.
The updated preference is displayed with red characters.
For Zone Master IP Added and Zone Master IP Deleted:
{zone_name} {ip}
Example: foo.com master IP 99.3.6.58
On click, a pop-up panel with detailed information about the audited event is displayed:
The following details are available:
Record Info
Record Details
Value - The added/removed master transfer IP address.
For Zone Slave Transfer IP Added and Zone Slave Transfer IP Deleted:
{zone_name} {ip}
Example: foo.com slave IP 192.66.3.11
On click, a pop-up panel with detailed information about the audited event is displayed:
The following details are available:
Record Info
Record Details
Value - The added/removed slave transfer IP address.
Date - The date and time the event took place.
Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 4.0 International.