Audit Unity Catalog events
This article contains audit log information for Unity Catalog events. Unity Catalog captures an audit log of actions performed against the metastore. This enables admins to access fine-grained details about who accessed a given dataset and what actions they performed.
Configure diagnostic logs
Unity Catalog captures a diagnostic log of actions performed against the metastore. This enables fine-grained details about who accessed a given dataset, and helps you meet your compliance and business requirements.
To access diagnostic logs for Unity Catalog events, you must enable and configure diagnostic logs for each workspace in your account.
Unity Catalog diagnostic log analysis example
The following steps and notebook create a dashboard you can use to analyze your account’s audit log data.
Create a Data Science & Engineering cluster with the Single User cluster security mode. See Create a cluster that can access Unity Catalog.
Import the following example notebook into your workspace and attach it to the cluster you just created. See Import a notebook.
Unity Catalog diagnostic log analysis
Fill in the fields at the top of the notebook:
- azure_resource_group: The ID of the Azure resource group that contains the Azure Databricks workspace.
- azure_subscription_id: The ID of the Azure subscription that contains the Azure Databricks workspace.
- log_category: Optionally filter by log category.
- storage_account_access_key: The access key for the storage account where diagnostic logs are delivered.
- storage_account_name: The name of the Azure storage account where diagnostic logs are delivered.
- workspace_name: The name of the Azure Databricks workspace.
Run the notebook to create the audit report.
To modify the report or to return activities for a given user, see command 24 in the notebook.
Unity Catalog audit log events
For a list of auditable events in Unity Catalog, view the actions under the service name
unityCatalog in _.
Submit and view feedback for