# Auditing The DuploCloud Portal provides a comprehensive audit trail, including reports and logs, for security and compliance purposes. Using the **Show Audit Records for** list box, you can display real-time audit data for: * **Auth** (Authentications) * **Admin** (Administrators) * **Tenants** (DuploCloud Tenants) * **Compliance** (such as HIPAA, SOC 2, and HIGHTRUST, among others) * [**Kat-Kit**](/docs/automation-platform/introduction-to-ci-cd/katkit.md) (DuploCloud's CI/CD Tool)

The **Audit** page with **Admin** audit records selected using the **Show Audit Records** for list box

The **Audit** page with audit records selected for the **DEV01** Tenant

## Enabling Audit 1. In the DuploCloud Portal, navigate to **Administrator** -> **Observability** -> **Settings,** and select the **Audit** tab. The **Audit** page displays. 2. Click the **Enable Audit** link.

**Enable Audit** link on the **Audit** page

## Viewing detailed auditing diagnostics To view complete auditing reports and logs, navigate to the **Observability** -> **Audit** page in the DuploCloud Portal.

## Configuring a custom S3 bucket for auditing in another AWS account You can create an S3 bucket for auditing in another account, other than the DuploCloud Master Account. ### Prerequisites 1. Verify that the S3 bucket exists in another account, and note the bucket name. In this example, we assume a BUCKET\_REGION of **us-west-2** and a BUCKET name of **audit-s2-bucket-another-account**. 2. Ensure that your S3 bucket has `Duplo Master` permission to access the `S3:PutObject`. Refer to the code snippet below for an example. ``` { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::accountid:role/duplomaster" }, "Action": "S3:PutObject", "Resource": [ "arn:aws:s3:::arn:aws:s3:::bucknetname/*", "arn:aws:s3:::arn:aws:s3:::bucketname" ] } ] } ``` ### Configuring S3 bucket region and bucket name 1. In the DuploCloud Portal, navigate to **Administrator** -> **System Settings**. 2. Click the **System Config** tab. #### Configuring the S3 Bucket Region Continuing the example above, configure the **S3BUCKET\_REGION**. 1. Click **Add**. The **Add Config** pane displays. 2. From the **Config Type** list box, select **AppConfig**. 3. in the **Key** list box, enter **DUPLO\_AUDIT\_S3BUCKET\_REGION**. 4. In the **Value** field, enter **us-west-2**. 5. Click **Submit**. #### Configuring Bucket Name Continuing the example above, configure the **S3BUCKET** name. 1. Click **Add**. The **Add Config** pane displays. 2. From the **Config Type** list box, select **AppConfig**. 3. in the **Key** list box, enter **DUPLO\_AUDIT\_S3BUCKET**. 4. In the **Value** field, enter **audit-s2-bucket-another-account**. 5. Click **Submit**. Your S3 bucket region and name configurations are displayed in the **System Config** tab. [View details on the Audit page](#viewing-detailed-auditing-diagnostics) in the DuploCloud Portal.

**System Config** tab with **AppConfig**s for S3 bucket region and name

{% hint style="info" %} Contact your DuploCloud Support team if you have additional questions or issues. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.duplocloud.com/docs/automation-platform/overview/use-cases/auditing.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.