Enable Workspace File Access auditing to capture file-level operations in workspaces. This feature is opt-in and requires enablement before use.
Query and export file-level audit data using the Workspace File Audit App.
Deploy the application
Set up the Workspace File Audit App to query and export audit data. The app is available from the Domino GitHub repository and requires the Domino Standard Environment (DSE).
|
Tip
| Hardware requirements depend on query scope. For typical usage (up to one month of events), use at least 6 CPU cores and 8 GB memory. For larger time ranges, use more resources. |
-
Go to Projects > New Project, then select Import from Git and enter the repository URL:
https://github.com/dominodatalab/Workspace-File-Audit-Application -
Complete the project creation and open the project.
-
Go to Deployments > Apps & Agents > Publish > App.
-
Configure the deployment:
-
Name and Description (example: "Workspace File Audit Query Tool").
-
App file:
start.sh -
Environment: Latest Domino Standard Environment
-
Hardware Tier: Select based on your organization’s tier names and resource needs
-
-
Select Enable deep linking and query parameters then click Publish.
-
Wait for the app status to show Running, then select Open.
Note: If DSE is not available in your deployment, contact your Domino administrator.
Filter and view events
Filter audit events by date range, event type, user, project, or file path.
-
In the Workspace File Audit App, select a Date Range (recommended: 90 days or less; maximum: 1 year).
-
Select filters for Event, Username, Project Name, or File path.
-
Select Submit.
Results display in two views:
-
Events Over Time chart: Total event counts across your timeframe
-
Events Details table: Individual events with timestamp, user, event type, and file path
Note: New event data becomes available approximately every hour.
Export events
Export system events from the UI or API for compliance reporting, security investigations, or long-term archival.
-
Filter events to the desired results.
-
Select Download Parquet or Download CSV.
-
Save the file locally.
The system automatically splits and packages CSV exports over 1 million records as a ZIP archive.
Use the Audit Trail API to programmatically access Workspace File Access events:
-
Authenticate with standard Domino API credentials
-
Filter by time range, user, event type, or resource
-
Export data for external reporting or archival
Domino stores processed events as Parquet files. Query them directly with cloud tools or analytics engines like DuckDB.
- Domino Cloud and DCLS
-
Domino stores audit events in Domino-hosted object storage within a single-tenant, fully managed environment. Domino manages storage infrastructure and access controls. Request credentials from Domino for authorized access.
Clone the official repository to create a custom version for your organization. This lets you extend functionality, apply internal branding, or control rollout timing.
|
Warning
| Customized apps will not be tested/validated for each new release; only our official Domino App is supported. |
-
Clone the repository to your organization’s Git account.
-
Create a Git-based project in Domino pointing to your cloned repository.
-
Deploy your custom version.
-
Workspace File Access events: How Domino captures file-level operations in workspaces
-
Monitoring and alerting: Set up Grafana alerts for audit pipeline failures
-
Central configuration records: Central config settings reference for Workspace File Audits