Audit logs event reference
Audit log event schema
Hex audit logs are emitted in JSON format. Some notable fields in the schema are:
- action: type of action taken
- actor: identifies the user or client (e.g. API) making the request
- context: the location (IP address) and user agent of the actor
- targets: Hex resources that are affected or created by this action
The following is an example event object:
{
"actor": {
"id": "b44446e6-8264-4af5-a856-fdc2fa8fe132",
"type": "USER",
"metadata": {
"email": "[email protected]",
"workspace": "Hex",
"workspaceId": "57c59cf9-c943-4386-afb5-75df1af3b2f7"
}
},
"action": "RUN_CELL",
"context": {
"location": "1.1.1.1",
"user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36"
},
"targets": [
{
"id": "f426633a-0993-4bbc-be6a-740e28da2596",
"type": "project",
"metadata": {
"representation": "{\"id\":\"f426633a-0993-4bbc-be6a-740e28da2596\",\"createdDate\":\"2024-04-08T20:15:06.337Z\",\"updatedDate\":\"2024-04-12T15:38:25.265Z\",\"archivedDate\":null,\"creatorId\":\"b44446e6-8264-4af5-a856-fdc2fa8fe132\",\"canEditorsShare\":true,\"projectLanguage\":\"PYTHON\",\"hexType\":\"PROJECT\",\"organizationRole\":null,\"publicRole\":null}"
}
},
{
"id": "60d9ac4d-7eb2-4638-9423-61bdf8a331ef",
"type": "project_version",
"metadata": {
"representation": "{\"id\":\"60d9ac4d-7eb2-4638-9423-61bdf8a331ef\",\"createdDate\":\"2024-04-08T20:15:06.337Z\",\"updatedDate\":\"2024-04-12T15:38:25.127Z\",\"title\":\"Sample Project\",\"description\":\"\",\"hexId\":\"f426633a-0993-4bbc-be6a-740e28da2596\",\"creatorId\":\"b44446e6-8264-4af5-a856-fdc2fa8fe132\",\"timezone\":null,\"version\":\"draft\",\"published\":false,\"import\":false,\"kernelSize\":\"medium\",\"autoRerun\":true,\"cacheAppState\":true}"
}
},
{
"id": "340ba95d-465a-44d2-8b04-8a83c6c5b1e5",
"type": "cell",
"metadata": {
"representation": "{\"id\":\"2e56c683-8151-4071-918f-0050ce854637\",\"createdDate\":\"2024-04-08T20:15:17.810Z\",\"updatedDate\":\"2024-04-08T20:15:17.810Z\",\"cellType\":\"SQL\"}"
}
}
],
"version": 1,
"metadata": {
"result": "SUCCESS",
"requestArgs": "{\"hexId\":\"f426633a-0993-4bbc-be6a-740e28da2596\",\"hexVersionId\":\"60d9ac4d-7eb2-4638-9423-61bdf8a331ef\",\"cellId\":\"2e56c683-8151-4071-918f-0050ce854637\"}",
"failureReason": ""
},
"occurred_at": "2024-04-12T15:38:27.073Z"
}
Audit log target resource types
The following resource types appear as target resources in audit log events:
| Resource type | Notes |
|---|---|
| Cell | A cell in a Hex project |
| Collection | A collection of Hex projects and components |
| Data connection | A connection to an external data warehouse |
| Domain | A domain allowed to be associated with your Hex workspace |
| External file integration | An integration with a cloud storage provider like AWS S3 or Google Drive |
| File | A file uploaded to a Hex project |
| Group | A group of Hex users that can be granted access to resources |
| Project | A Hex project, component, or explore object |
| Project grant | A role (viewer, editor, etc.) given to a user or group for access to a Hex project |
| Project version | A specific version of a Hex project |
| Project view | An object that represents an instance of a user viewing a project |
| Scheduled run | A cron-like schedule on which a project is run periodically |
| Scheduled run notification | A notification configured on a scheduled run, to send emails and/or Slack messages when a scheduled run completes or fails |
| Secret | A secret value containing sensitive information that can be referenced in Hex projects |
| Template | A Hex-provided project template |
| User | A Hex user (could be email user, API user, etc.) |
| Workspace | A representation of your Hex workspace |
Some event types include target resources with a type of principal. This indicates that this object can be one of multiple types. For instance, the UPDATE_PROJECT_ACCESS event type includes a principal resource which is either a Group or a User.
Audit log event types
| Event type | Description | Target resource types |
|---|---|---|
| CREATE_PROJECT |
| |
| CREATE_PROJECT_FROM_TEMPLATE | Create a project from a template |
|
| DUPLICATE_PROJECT |
| |
| COPY_PROJECT_FROM_EXTERNAL_WORKSPACE | Create a project by copying one from a different workspace |
|
| IMPORT_PROJECT | Import a project from a project yaml file |
|
| CREATE_EXPLORE_FROM_PROJECT_CELL | Create an "explore from app" from a project cell |
|
| CREATE_EXPLORE | Create an Explore |
|
| CONVERT_EXPLORE_TO_PROJECT | Create a project from data created while exploring from an app |
|
| VIEW_PROJECT |
| |
| RUN_PROJECT | Run a project top to bottom |
|
| RUN_CELL | Run a single cell within a project |
|
| UPLOAD_FILE_TO_PROJECT |
| |
| DOWNLOAD_FILE_FROM_PROJECT |
| |
| PUBLISH_PROJECT |
| |
| DELETE_PROJECT | Move project to trash |
|
| PERMANENTLY_DELETE_PROJECT |
| |
| REQUEST_PROJECT_ROLE | A user request for an access role to a project |
|
| GRANT_USERS_PROJECT_ACCESS | Grant a set of users an access role to a project |
|
| GRANT_GROUPS_PROJECT_ACCESS | Grant a set of groups an access role to a project |
|
| GRANT_ADMIN_PROJECT_ACCESS | Same as GRANT_USERS_PROJECT_ACCESS, but only for admins |
|
| UPDATE_PROJECT_ACCESS | Update the access role to a project for a set of users and/or groups |
|
| REMOVE_PROJECT_ACCESS | Remove a user or group's access to a project |
|
| SHARE_PROJECT_WITH_SUPPORT |
| |
| SHARE_PROJECT_WITH_ORG |
| |
| SHARE_PROJECT_WITH_PUBLIC |
| |
| UPDATE_PROJECT_PUBLIC_DUPLICATION_ALLOWED | Change whether or not a project can be duplicated by users in another workspace |
|
| CREATE_SCHEDULED_RUN |
| |
| EDIT_SCHEDULED_RUN |
| |
| DELETE_SCHEDULED_RUN |
| |
| CREATE_COLLECTION |
| |
| EDIT_COLLECTION |
| |
| ADD_PROJECTS_TO_COLLECTION | Add a set of projects to a collection |
|
| UPDATE_COLLECTION_ROLE_IN_PROJECT | Update the access role that a collection has for a project |
|
| CREATE_WORKSPACE_DATA_CONNECTION | Create a data connection usable across the workspace |
|
| CREATE_PROJECT_DATA_CONNECTION | Create a data connection within a project |
|
| EDIT_DATA_CONNECTION |
| |
| REFRESH_DATA_CONNECTION_SCHEMA | Trigger a refresh of the data schema for a data connection |
|
| UPDATE_DATA_CONNECTION_MAGIC_USAGE | Update whether or not a data connection should be used for Magic generation |
|
| IMPORT_DATA_CONNECTION | Import a data connection in a project |
|
| REMOVE_DATA_CONNECTION_IMPORT | Unimport a data connection from a project |
|
| DELETE_DATA_CONNECTION |
| |
| SET_WORKSPACE_DEFAULT_DATA_CONNECTION | Set a data connection as the default for the workspace |
|
| CREATE_USERS |
| |
| CREATE_PASSWORD_USER | Create a user who is allowed to login using a password |
|
| INVITE_USERS | Invite users to join the workspace by email |
|
| INVITE_USER_AS_ADMIN | Invite a user to join the workspace as an admin |
|
| ACTIVATE_USER |
| |
| DEACTIVATE_USER |
| |
| EDIT_USER | Update user metadata (excluding their workspace role) |
|
| UPDATE_USER_ROLE | Update a user's workspace role |
|
| REQUEST_ORG_ROLE | A user's request for a specific role in the workspace |
|
| GRANT_USER_API_ACCESS | Allow a user to generate API tokens and use them in requessts |
|
| REVOKE_USER_API_ACCESS | Prevent user from creating API tokens and reject requests containing tokens attributed to this user |
|
| CREATE_GROUP |
| |
| UPDATE_GROUP | Update metadata about a group (not its users) |
|
| UPDATE_GROUP_MEMBERS | Add or remove users from a group |
|
| DELETE_GROUP |
| |
| CREATE_EXTERNAL_FILE_INTEGRATION |
| |
| EDIT_EXTERNAL_FILE_INTEGRATION |
| |
| DELETE_EXTERNAL_FILE_INTEGRATION |
| |
| DOWNLOAD_FILE_FROM_EXTERNAL_FILE_INTEGRATION |
| |
| ADD_WORKSPACE_DOMAIN | Add an allowed domain to workspace |
|
| DELETE_WORKSPACE_DOMAIN |
| |
| UPDATE_SSO_CONFIGURATION | Configure SSO auth for the workspace |
|
| UPDATE_PUBLIC_SHARING_SETTING | Update whether or not projects in the workspace can be shared publicly |
|
| UPDATE_API_TOKEN_EXPIRATION_POLICY | Configure expiration policy for API tokens |
|
| UPDATE_ALLOW_NOTION_PREVIEW |
| |
| UPDATE_ALLOW_CSV_DOWNLOADS |
| |
| UPDATE_ALLOW_FILE_UPLOADS |
| |
| SET_DIRECTORY_SYNC_ADMIN_GROUP | Set a group of users from Directory Sync to be workspace admins |
|
| SET_DIRECTORY_SYNC_AUTHOR_GROUP | Set a group of users from Directory Sync to be workspace editors |
|
| SET_DATA_RETENTION_CELL_OUTPUTS | Set the data retention period for cell outputs |
|
| SET_DATA_RETENTION_QUERY_CACHE | Set the data retention period for query cache entries |
|
| CREATE_WORKSPACE_SECRET | Create a shared workspace secret |
|
| EDIT_WORKSPACE_SECRET | Modify properties of a shared workspace secret |
|
| DELETE_WORKSPACE_SECRET |
| |
| IMPORT_WORKSPACE_SECRET | Import a shared workspace secret into a project |
|
| UNIMPORT_WORKSPACE_SECRET | Unimport a shared workspace secret from a project |
|
| CREATE_PROJECT_SECRET | Create a secret usable within a single project |
|
| EDIT_PROJECT_SECRET | Modify properties of a project-scoped secret |
|
| DELETE_PROJECT_SECRET |
| |
| CREATE_SCHEDULED_RUN_NOTIFICATION | Create a new notification for a scheduled run |
|
| EDIT_SCHEDULED_RUN_NOTIFICATION | Edit an existing notification for a scheduled run |
|
| DELETE_SCHEDULED_RUN_NOTIFICATION | Delete an existing notification for a scheduled run |
|