# Accessing the Premium Audit Log Treasure Data premium audit logs provide a detailed audit trail of all the activity that occurs in an account. Every event has an associated resource_id, resource name, and timestamp. By identifying specific areas of security concern, you can use the audit log to view potential breaches and unusual behavior and interrupt an unauthorized action. Treasure Data can provide a log to track all access events in Treasure Data. You use the log to monitor Treasure Data user access to features and functions such as: * TD Console * APIs * TD Workflow * TD processing engines * Audience Studio Your account must include the Premium Audit Log feature and you must be an owner or administrator to access the Premium Audit Log initially. Administrators can also assign non-admin users permissions to access the audit log. Users who buy the premium license can view, filter, and query the audit log. The premium audit log captures and holds an unlimited number of events and is stored in a database table structure. Audit log is an add-on feature and, therefore, must be requested. Contact your Customer Success representative to learn more about the availability of this feature. * [Accessing the Audit Log](#accessing-the-audit-log) * [Interpreting the Columns of the Audit Log](#interpreting-the-columns-of-the-audit-log) * [Related Reading](#related-reading) # Accessing the Audit Log When you purchase this premium feature, an access table is added to your account `Database` view. The name for the log is `td_audit_log`. Even if you have multiple databases, you have only one audit log. 1. Open **TD Console**. 2. Navigate to **Data Workbench > Databases**. 3. Search for **td_audit_log** database. 4. Open the details of the access tables. For example: **access** table ![](/assets/image-20200327-210727.b85f6712abbb203d1c72ddaf04e927a4d28a474ffdeace127edc069abe144199.9f549006.png) # Interpreting the Columns of the Audit Log All events will log the event_name, resource_id, resource_name. In the audit log table, you can see other columns logged depending on the event. These columns help you determine what action has happened to what TD resource. The full list of column types is in the [Premium Audit Log Reference](/products/control-panel/security/auditlogs/premium-audit-log-reference). By identifying objects with significant security requirements, you can review your premium audit log for specific objects and be able to track those using audit log events. | **Column** | **Description** | | --- | --- | | event_name | Which event in the audit log list as occurred to the resource | | resource_id | A unique number is assigned to the action. You can reference the resource_id to distinguish v4 and v5 events. | | resource_name | Which TD resource was affected | For example, suppose the `event_name` is `job_modify` and the request targets the `cdp_audience_2943` database. When you inspect the log: 1. Open the `access` table and locate the `event_name` column. 2. Filter for the `job_modify` entry to see the details. 3. Review the `resource_name` column to identify whether repeated events are touching the same Treasure Data resource. ## Related Reading - [Premium Audit Log Reference](/products/control-panel/security/auditlogs/premium-audit-log-reference) - [Premium Audit Log Events](/products/control-panel/security/auditlogs/premium-audit-log-events)