Creatin audit frameweok
Hello, We are trying to setup audit framework on our portal for actions that are performed on embedded ThoughtSpot such as which liveboard was accessed, what was searched, etc. We have ThoughtSpot embedded using token authentication.
9 Replies
@Mohammed Irfan Mulla posted our question here
We have the api to fetch security audit logs through API : https://developers.thoughtspot.com/docs/audit-logs. This should help your use-case.
2nd way would be to use embed-events to capture the events relevant to you handle them for your framework in your code base..
Audit logs
Fetch a log of security audit events to detect potential threats
Hi Shikhar, thanks for above info.
We have our own portal in which users will log in using their own credetials however we have embedded ThoughtSpot using token. So when user perform any activity on liveboard or search tab, call made to ThoughtSpot shows same user only. Is there a way we can send an audit# along with the request to ThoughtSpot and ThoughtSpot can save it in its end?
I am not sure if that is something we support. @utsav.kapoor/ @Swarnika can you help if this is something that we can do?
cc @bill_da_golfer if you think of a better way to achieve this
No. We can’t pass something like that through TS this way.
We find BI Server table helpful with user list and query text information available. Is this something that we can utilize for auditing? can this incidentid be sent back in response if action was successful
I think we do send back the Incident Id as part of response headers. But not a 100% sure..
@shikharTS , I have checked in the request and response for embed, we are not receiving the Incident Id in the response.
Should we be looking for any particular request or am I missing anything?
Hi, we have a simliar use case. Were you able to capture the Incident Id in the response?