A newer version of this documentation is available.

View Latest

Audit File Details

    +
    Couchbase Server captures audit details in specified audit fields.

    Audit Fields

    The table below lists frequently used audit fields, with corresponding descriptions. Note that different event-types generate different field-subsets.

    Field Type Description

    "id"

    Integer

    The unique identifier for the event. For example, 20480, 8192, 28672.

    "name"

    String

    The name of the event. For example, "login success", "User was deleted", "A N1QL UPSERT statement was executed".

    "description"

    String

    A description for the event. For example, "Unsuccessful attempt to login to couchbase cluster", "Node was removed from the cluster", "Bucket was created".

    "filtering_permitted"

    Boolean

    Whether the event is filterable. Can be true or false.

    "mandatory_fields"

    Object

    Contains key-value pairs that are mandatory for all events. These include the "timestamp" for the event (for example, "2020-01-29T08:02:07.476-08:00": see http://www.w3.org/TR/NOTE-datetime), and the "user".