A newer version of this documentation is available.

View Latest

Audit Events

    Couchbase Server provides event-auditing, sending corresponding output to target files.

    List of Audit Events

    Events audited by Couchbase Server include successful and failed logins, events associated with cluster and bucket configuration, and the use of tools that require administrative privileges. Corresponding information is captured in output targets, which are files in JSON format.

    Couchbase Server generates audit events whenever the following actions occur:

    Table 1. Administrative Audit Events

    Login succeeded or failed

    Audit configuration changed

    Auditing enabled or disabled

    Node added to cluster

    Node removed from cluster

    Node failed over

    Cluster rebalanced

    System started or shut down

    Bucket created

    Bucket deleted

    Bucket flushed

    Bucket-settings modified

    Disk or index path changed

    Remote cluster-reference established

    Remote cluster-reference updated

    Remote cluster-reference deleted

    User added

    User removed

    XDCR reference created

    XDCR reference updated

    XDCR reference deleted

    XDCR replication paused or resumed

    XDCR replication-settings updated

    XDCR replication created

    XDCR replication canceled

    Auto failover enabled

    Auto failover disabled

    Auto failover-count reset

    Cluster alerts enabled

    Cluster alerts disabled

    Index-node added or removed

    Server-group created

    Node added to server-group

    Node removed from server-group

    Server-group deleted

    Password changed or reset

    FTS index created or updated

    FTS index deleted

    FTS index control-command issued

    FTS configuration refreshed

    FTS configuration replanned

    GC run triggered

    CPU profiling started

    Memory profiling started

    Self-signed SSL certificate regenerated

    LDAP authentication-settings modified

    Encryption key-rotation requested

    Compaction settings modified

    Audit Output Examples

    For examples of the output generated in correspondence with audited events, see the section Audit Targets.