Does Wasabi support data access auditing? (Bucket Logging)

Yes, customers can optionally configure Wasabi buckets to create access log records for all requests made against it. These access log records can be used for audit purposes and contain details about the request, such as the request type, the resources specified in the request, and the time and date the request was processed.

Enabling/Disabling Bucket Logging

Logging creates a text log file of all access to the bucket.

Note:   Use logging cautiously because when logging is enabled, all log files are saved. This means the costs could be high, eventually, as more log files are stored. Monitor your log use and delete old ones when they are no longer needed. For additional information, refer to: wasabi.com/pricing.

    1. Click three_dots.png for the bucket and click Settings.

    2. On the PROPERTIES panel, open the Logging drop-down.

    3. Slide to enable the Enable Bucket Logging option. The slide option appears blue:  blue_active.png

    4. Enter the name of a Target Bucket in which to store log files. Click in this field to select from a list of buckets.

    5. Enter a Logging Prefix to include in the log file name. Each log file will start with the characters you enter.

logging.png 

Finally, Click SAVE SETTINGS to confirm your settings.

 

Our Bucket Logs follow the same structure as AWS (https://docs.aws.amazon.com/AmazonS3/latest/dev/LogFormat.html)

The column headers included are:

BucketOwner

(CanonicalID)

Bucket

[Time]

DD/MMM/YYYY:HH:MM:SS +TZ

Remote IP

Requester

(CanonicalID)

"Request ID"  Operation Key Request-URI

HttpStatus

(3 digit status)

ErrorCode

(text)

BytesSent ObjectSize TotalTime Turn-AroundTime "Referrer" "User-Agent" VersionId

Note that any field with no data is represented with a "-"

For example:

Record format: [BucketOwnerCanonicalID Bucket [Time] RemoteIP Requester "RequestId" Operation Key Request-URI HttpStatus ErrorCode BytesSent ObjectSize TotalTime Turn-AroundTime "Referrer" "User-Agent" VersionId] 

64FC53EBEA41CD99146391187E793B721167132B88F80CB6D63D39A3CABCDEFG readynas-bucket-eu [03/Jan/2020:13:52:29 +0000] 192.168.1.234 64FC53EBEA41CD99146391187E793B721167132B88F80CB6D63D39A3CABCDEFG 2DB819D68A987654 REST.GET.BUCKET - "GET /?list-type=2&max-keys=1000&prefix=" 200 - - 0 654 81 "" "DORAYAKI/1.0" -

You can review this in the Wasabi Management Console User Guide in the Enable/Disable Bucket Logging Section. 

 

NOTE: 

Do NOT set your logging bucket to be the monitored bucket. It will create a logging loop, and your bucket will grow in size exponentially. Hence please be sure to collect logs at a new destination bucket.

 

 

Have more questions? Submit a request