Sign inTry Free

Audit Logging

On this page

Note

Audit logging is available when using Enterprise edition, where logs can be streamed to, and accessed through, third-party audit tools.

SingleStore Helios logs activities on both the Control Plane and Data Plane. SingleStore provides multiple logging levels, and each level provides limited or exhaustive information about user actions and database responses. This feature is useful for performing common information security tasks such as auditing, investigating suspicious activity, and validating access control policies.

Control Plane Audit Logs

SingleStore identifies and logs the user actions in the Control Plane that can be used to track user activity. All the Cloud Portal activities are logged, including but not limited to the following:

Category

Event

Workspace

  • Create, resize, suspend, or delete a workspace

  • Attach database to a workspace

  • Modify auto-suspend configuration of a workspace

  • Create or delete private connections to a workspace

Workspace group

  • Create or delete a workspace group

  • Add or update firewall rules for a workspace group

  • Update the password

  • Add RBAC rules at the workspace group level

  • Change the update window for a deployment

  • Create a database

Observability

  • Add, update, or remove an alert for the database operations

  • Add, update, or remove subscribers to the alert

Cloud Portal

  • Generate API keys

  • Add a user

  • Add a RBAC property at the organization level

  • Add a payment method

  • Change the database admin password

Team

  • Create, update, or delete a team

  • Add or delete members in a team

Authentication

  • User login events

  • Add, update, or delete a SCIM connection

Notebook

  • Create or delete a Notebook on the Cloud Portal

Access Control Plane Audit Logs

Use the AuditLogs path (/v1/auditLogs endpoint) in the Management API to access the Control Plane audit logs. Refer to Management API Reference for more information.

Data Plane Audit Logs

SingleStore logs all database activities and writes the generated logs to an external location.

Access Data Plane Audit Logs

You can access Data Plane audit logs through third-party audit tools such as Amazon CloudWatch, Datadog, and others. Contact SingleStore Support to set up audit log forwarding with a supported third-party tool. Refer to Forwarding Audit Logs for more information.

In this section

Last modified: April 28, 2025

Was this article helpful?

On this page

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

  1. (Optional) Run the following command to view the associated signature files.

    curl undefined

  2. Download the signature file from the SingleStore release server.

    • Option 1: Click the Download Signature button next to the SingleStore file.

    • Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.

    • Option 3: Run the following command to download the signature file.

      curl -O undefined

  3. After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

    echo -n undefined |
        cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
          --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
          --bundle undefined \
          --new-bundle-format -
    Verified OK