Audit Logs in Airflow¶
Overview¶
Audit logs are a critical component of any system that needs to maintain a high level of security and compliance. They provide a way to track user actions and system events, which can be used to troubleshoot issues, detect security breaches, and ensure regulatory compliance.
In Airflow, audit logs are used to track user actions and system events that occur during the execution of DAGs and tasks. They are stored in a database and can be accessed through the Airflow UI.
Level of Audit Logs¶
Audit logs exist at the task level and the user level.
Task Level: At the task level, audit logs capture information related to the execution of a task, such as the start time, end time, and status of the task.
User Level: At the user level, audit logs capture information related to user actions, such as creating, modifying, or deleting a DAG or task.
Location of Audit Logs¶
Audit logs can be accessed through the Airflow UI. They are located under the “Admin” tab, and can be viewed by selecting “Audit Logs” from the dropdown menu.
Types of Events¶
Airflow provides a set of predefined events that can be tracked in audit logs. These events include:
action_trigger_dag
: Triggering a DAGaction_create
: Creating a DAG or taskaction_edit
: Modifying a DAG or taskaction_delete
: Deleting a DAG or taskaction_failed
: Setting a task as failedaction_success
: Setting a task as successfulaction_retry
: Retrying a failed taskaction_clear
: Clearing a task’s state
In addition to these predefined events, Airflow allows you to define custom events that can be tracked in audit logs.
This can be done by calling the log
method of the TaskInstance
object.