# Auditing The DuploCloud Portal provides a comprehensive audit trail, including reports and logs, for security and compliance purposes. Using the **Show Audit Records for** list box, you can display real-time audit data for: * **Auth** (Authentications) * **Admin** (Administrators) * **Tenants** (DuploCloud Tenants) * **Compliance** (such as HIPAA, SOC 2, and HIGHTRUST, among others) * [**Kat-Kit**](https://docs.duplocloud.com/docs/automation-platform/introduction-to-ci-cd/katkit) (DuploCloud's CI/CD Tool)

The **Audit** page with **Admin** audit records selected using the **Show Audit Records** for list box

The **Audit** page with audit records selected for the **DEV01** Tenant

## Enabling Audit 1. In the DuploCloud Portal, navigate to **Administrator** -> **Observability** -> **Settings,** and select the **Audit** tab. The **Audit** page displays. 2. Click the **Enable Audit** link.

**Enable Audit** link on the **Audit** page

## Viewing detailed auditing diagnostics To view complete auditing reports and logs, navigate to the **Observability** -> **Audit** page in the DuploCloud Portal.

## Configuring a custom S3 bucket for auditing in another AWS account You can create an S3 bucket for auditing in another account, other than the DuploCloud Master Account. ### Prerequisites 1. Verify that the S3 bucket exists in another account, and note the bucket name. In this example, we assume a BUCKET\_REGION of **us-west-2** and a BUCKET name of **audit-s2-bucket-another-account**. 2. Ensure that your S3 bucket has `Duplo Master` permission to access the `S3:PutObject`. Refer to the code snippet below for an example. ``` { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::accountid:role/duplomaster" }, "Action": "S3:PutObject", "Resource": [ "arn:aws:s3:::arn:aws:s3:::bucknetname/*", "arn:aws:s3:::arn:aws:s3:::bucketname" ] } ] } ``` ### Configuring S3 bucket region and bucket name 1. In the DuploCloud Portal, navigate to **Administrator** -> **System Settings**. 2. Click the **System Config** tab. #### Configuring the S3 Bucket Region Continuing the example above, configure the **S3BUCKET\_REGION**. 1. Click **Add**. The **Add Config** pane displays. 2. From the **Config Type** list box, select **AppConfig**. 3. in the **Key** list box, enter **DUPLO\_AUDIT\_S3BUCKET\_REGION**. 4. In the **Value** field, enter **us-west-2**. 5. Click **Submit**. #### Configuring Bucket Name Continuing the example above, configure the **S3BUCKET** name. 1. Click **Add**. The **Add Config** pane displays. 2. From the **Config Type** list box, select **AppConfig**. 3. in the **Key** list box, enter **DUPLO\_AUDIT\_S3BUCKET**. 4. In the **Value** field, enter **audit-s2-bucket-another-account**. 5. Click **Submit**. Your S3 bucket region and name configurations are displayed in the **System Config** tab. [View details on the Audit page](#viewing-detailed-auditing-diagnostics) in the DuploCloud Portal.

**System Config** tab with **AppConfig**s for S3 bucket region and name

{% hint style="info" %} Contact your DuploCloud Support team if you have additional questions or issues. {% endhint %}