Table: doppler_activity_log - Query Doppler Activity Logs using SQL
Doppler is a service that provides a secure and universal secret manager. It enables developers and organizations to manage and securely access sensitive information such as API keys, credentials, and other secrets. Doppler Activity Logs are a feature of Doppler that records user activities, providing an audit trail that can be used for security and compliance purposes.
Table Usage Guide
The doppler_activity_log
table provides insights into user activities within Doppler. As a security analyst, explore user-specific activity details through this table, including event types, timestamps, and associated metadata. Utilize it to uncover information about user actions, such as those related to secret access, changes to environment configurations, and potential security incidents.
Examples
Basic info
Explore the history of user activity in your workplace by identifying when specific actions were taken and by whom. This can be useful for auditing purposes, understanding user behavior, or investigating specific incidents.
select id, text, created_at, user_name, user_email, workplace_namefrom doppler_activity_log;
select id, text, created_at, user_name, user_email, workplace_namefrom doppler_activity_log;
List activity within the last 30 days
Explore recent user activity to gain insights into user engagement and interactions within the past month. This can help assess the dynamics of your workplace and understand user behavior patterns.
select id, text, created_at, user_name, user_email, workplace_namefrom doppler_activity_logwhere created_at >= now() - interval '30 day';
select id, text, created_at, user_name, user_email, workplace_namefrom doppler_activity_logwhere created_at >= datetime('now', '-30 day');
List activity from bots like Doppler Bot and GitHub bot
Identify instances where activities have been carried out by bots such as Doppler Bot and GitHub bot. This can help in monitoring automated processes and ensure they are functioning as expected.
select id, text, created_at, user_name, workplace_namefrom doppler_activity_logwhere user_name like '%Bot%';
select id, text, created_at, user_name, workplace_namefrom doppler_activity_logwhere user_name like '%Bot%';
Get the most recent action
Explore the latest activity in your Doppler environment by identifying the most recent action taken, providing insights into the user's actions and the timing of those actions. This is particularly useful for auditing and tracking changes made in your environment.
select id, text, created_at, environment, user_emailfrom doppler_activity_logorder by created_at desclimit 1;
select id, text, created_at, environment, user_emailfrom doppler_activity_logorder by created_at desclimit 1;
List most common actors
Uncover the details of the most active users across different projects by analyzing the frequency of their activities. This can help in identifying key contributors and understanding user engagement within each project.
select project, user_name, user_email, count(*)from doppler_activity_loggroup by project, user_name, user_emailorder by count desc;
select project, user_name, user_email, count(*)from doppler_activity_loggroup by project, user_name, user_emailorder by count(*) desc;
List out the most common activities
Analyze the settings to understand the most frequent activities recorded. This can be beneficial in identifying trends or patterns in system use, aiding in operational efficiency and proactive issue resolution.
select id, text, created_atfrom doppler_activity_logorder by created_at desc;
select id, text, created_atfrom doppler_activity_logorder by created_at desc;
Schema for doppler_activity_log
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
config | text | Config is the config's name. | |
created_at | timestamp with time zone | The time when the activity log was created. | |
environment | text | Environment is the environment's unique identifier. | |
html | text | HTML describing the event. | |
id | text | = | ID is the unique identifier for the activity log. |
project | text | Project is the project that triggered the event. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
text | text | Text describing the event. | |
title | text | The name of the workplace. | |
user_email | text | The user's email address. | |
user_name | text | The user's name. | |
user_profile_image_url | text | The user's profile image URL. | |
user_username | text | The user's username. | |
workplace_id | text | =, !=, ~~, ~~*, !~~, !~~* | The ID of the workplace. |
workplace_name | text | Title of the resource. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- doppler
You can pass the configuration to the command with the --config
argument:
steampipe_export_doppler --config '<your_config>' doppler_activity_log