Enabling audit log

Audit log isn't enabled by default and requires a few API call to be initialized. This notebook show you how to setup Audit Logs.

If you have already configured audit logs, you can skip this part and directly start with the [ingestion pipeline]($./01-AWS-Audit-log-ingestion) or [Audit log analysis queries]($./02-log-analysis-query)

Please read the [Official documentation](https://docs.databricks.com/administration-guide/account-settings/audit-logs.html) for more details.

Creating a .netrc file

You can use a .netrc file to save your temporary credential. Please use a private user cluster to make sure only you can access the password.

1/ Configure storage

See the [documentation](https://docs.databricks.com/administration-guide/account-settings/audit-logs.html

step-1-configure-storage) for more detail

2/ Configure credential

See the [documentation](https://docs.databricks.com/administration-guide/account-settings/audit-logs.html

step-2-configure-credentials) for more detail

3/ Call the log delivery API

Note: Unity Catalog activity is logged at the level of the account. Do not enter a value into workspace_ids_filter.

Let's make sure it's enabled as expected.

Note that the first log delivery can take a couple of minute.

Let's cleanup our .netrc file

That's it! Your audit logs are know ready for analysis.

Open the [ingestion pipeline]($./01-AWS-Audit-log-ingestion) to see how your logs can be leveraged.