Auditing events for a project
As a security officer, auditor, or manager, you can use the IBM Cloud® Activity Tracker service to track how users and applications interact with the IBM Cloud Projects service.
Activity tracking events report on activities that change the state of a service in IBM Cloud. You can use the events to investigate abnormal activity and critical actions and to comply with regulatory audit requirements.
You can use IBM Cloud Activity Tracker Event Routing, a platform service, to route auditing events in your account to destinations of your choice by configuring targets and routes that define where activity tracking events are sent. For more information, see About IBM Cloud Activity Tracker Event Routing.
You can use IBM Cloud Logs to visualize and alert on events that are generated in your account and routed by IBM Cloud Activity Tracker Event Routing to an IBM Cloud Logs instance.
As of 28 March 2024, the IBM Cloud Activity Tracker service is deprecated and will no longer be supported as of 30 March 2025. Customers will need to migrate to IBM Cloud Logs before 30 March 2025. During the migration period, customers can use IBM Cloud Activity Tracker along with IBM Cloud Logs. Activity tracking events are the same for both services. For information about migrating from IBM Cloud Activity Tracker to IBM Cloud Logs and running the services in parallel, see migration planning.
Locations where activity tracking events are generated
IBM Cloud Projects sends IBM Cloud Activity Tracker events in the following regions: Sydney, Frankfurt, and Washington.
Locations where activity tracking events are sent to IBM Cloud Activity Tracker hosted event search
IBM Cloud Projects sends activity tracking events to IBM Cloud Activity Tracker hosted event search in the followng regions: Sydney, Frankfurt, and Washington.
Viewing activity tracking events for IBM Cloud Projects
You can use IBM Cloud Logs to visualize and alert on events that are generated in your account and routed by IBM Cloud Activity Tracker Event Routing to an IBM Cloud Logs instance.
Launching IBM Cloud Logs from the Observability page
For information on launching the IBM Cloud Logs UI, see Launching the UI in the IBM Cloud Logs documentation.
List of management events
IBM Cloud Projects supports the management events that are indicated in the following table.
| Action | Description |
|---|---|
project.project.create |
Create a project. |
project.project.read |
Read a project. |
project.project.list |
List all projects under the account. |
project.project.update |
Update a project. |
project.project.delete |
Delete a project. |
project.config.create |
Create a project config. |
project.config.read |
Read a project config. |
project.config.update |
Update a project config. |
project.config.validate |
Validate a project config. |
project.config.list |
List all project configs under the account. |
project.config.update |
Update a project config. |
project.config.approve |
Approve a project config draft. |
project.config.force-approve |
Force approve a project config draft. |
project.config.delete |
Delete a project config. |
project.config.deploy |
Deploy a project config. |
project.config.undeploy |
Undeploy (destroy) a project config. |
project.config.manual-tag |
Add a tag to a config. |
project.config.export-stack-definition |
Experimental Add a deployable architecture stack to a private catalog. |
project.environment.create |
Create a project environment. |
project.environment.read |
Read a project environment. |
project.environment.list |
List all project environments under the account. |
project.environment.update |
Update a project environment. |
project.environment.delete |
Delete a project environment. |
For a complete list of custom request and response parameters for each event, see the Project API. The update actions don't provide information about the delta, only the new value is provided.
Viewing events
Events that are generated by an instance of the IBM Cloud Projects service are automatically forwarded to the IBM Cloud Activity Tracker service instance that is available in the same location.
IBM Cloud Activity Tracker can have only one instance per location. To view events, you must access the web UI of the IBM Cloud Activity Tracker service in the same location where your service instance is available. For more information, see Launching the UI.