I am in research mode. Can someone confirm that RBAC authorisations are logged to the Audit log; and if possible provide a example of an audit log entry for a denied operation pls?
Audit log should only contain successful actions. Which audit log or product is this about?
I can see (from public examples) that the audit log contains successful and unsuccessful Authentication events. I want to understand if RBAC events are similarly logged.
I would like to understand if a control is configured that specifies, for some resource “foo”
Alice : allow : read foo
Bob : deny : read foo
Then both Alice and Bob attempt to read foo - will I see audit logs for both?
No, actions blocked by RBAC are generally aren’t audit logged. Which product is this in regards to?