Activity Log
If you have Tableau Server with Advanced Management, activity log files are automatically recorded for detailed analysis and auditing. These logs are stored in the backgrounder
, dataserver
, vizportal
, and vizqlserver
folders on the local hard drive, using the default path /var/opt/tableau/tableau_server/data/tabsvc/logs/
. Within each directory, find files named <process name>-cepp-canonical-events_*.log
that record events and operations.
With the Activity Log, you can:
-
View detailed event data for Tableau Server.
-
Capture compliance information and keep track of who is doing what on your Tableau sites.
-
Audit permissions changes including:
-
Adding or removing users from a group.
-
Moving a piece of content from one project to another.
-
Explicitly changing the permissions on a piece of content.
-
What were the 10 actions last taken by a particular user.
-
Who last performed an event on a piece of content.
-
What was the last action taken on a piece of content.
You can track permissions change events are essential for implementing a robust book of controls on your Tableau environment. These controls are useful for compliance use cases.
Supplement the information provided by Admin Insights and Admin Views to track site activity and usage metrics.
All events include a timestamp and the ID of the actor that performed the event. If relevant, the ID of the piece of affected content is included with the event.
You can use tools like Splunk or Amazon Cloudwatch to examine the Activity Log. You can use these tools to query log fields and answer questions like: