Event types
artifact
artifact_copied
artifact_downloaded
artifact_generated
artifact_metadata_updated
artifact_registered
artifact_removed
artifact_skipped
artifact_view_refreshed
authentication
auto_role_added
auto_role_deleted
auto_role_updated
build
build_channel_cve_notification
channel
channel_created
channel_cve_count_update
channel_deleted
channel_group_added
channel_group_deleted
channel_refresh_complete
channel_reindex
channel_unfrozen
channel_updated
cve
cve_deleted
cve_update_finished
cve_updated
group
group_user_added
group_user_deleted
mirror
mirror_deleted
mirror_registered
mirror_updated
mirroring
mirroring_completed
mirroring_failed
mirroring_started
mirroring_stopped
report
report_generated
sbom
sbom_deleted
sbom_updated
user
user_token_created
user_token_metadata_updated
user_token_revoked
user_token_updated
docker-compose.yml
file is located, by running the command:
docker-compose.yml
file using your preferred file editor.
repo_worker:
section of the file.
repo_worker:
environment:
section:
Variable | Description |
---|---|
REPO_ENABLE_GENERATE_AUDIT_REPORTS=true | Required. Enables the background job to operate. |
REPO_SCHEDULE_AUDIT_REPORT_CRON=<CRON> | Required. Sets the frequency of the job. Replace <CRON> with a valid CRON expression. |
REPO_AUDIT_REPORT_FS=<PARENT_DIRECTORY> | Required. Replace <PARENT_DIRECTORY> with an S3 bucket location or a valid file directory path, like file://{BASE_PATH}/statedir/audit-logs |
REPO_AUDIT_REPORT_DOWNLOAD_AS=<FORMAT> | Optional. Can set the output for the report as either csv or json . If this value is not provided, the report will default to csv format. |
REPO_CONFIGURE_AUDIT_EVENT_TYPES=<TYPE>,<TYPE> | Optional. Specifies that the job only generates and exports these value types in the report. Replace <TYPE> with event types as described above. Separate types with a comma. You can include as many event types as you require. If this variable is not provided, you will generate a report for all events. |
REPO_AUDIT_REPORT_FS_KMS_ID=<KMS_ID> | As necessary. Replace <KMS_ID> with your S3 bucket KMS ID, if it has one. |
repo_worker
container by running the following command:
REPO_CONFIGURE_AUDIT_EVENT_TYPES=
variable, the report will include the artifact_downloaded
events even if you do not include it.