Aviatrix Controller 8.2 introduces Policy Audit Enhancements for Distributed Cloud Firewall (DCF), delivering change tracking and structured diffs for policy entities. This feature improves visibility, accountability, and compliance readiness by providing clear insights into policy modifications.

  • Feature: Policy Audit Enhancement with structured diffs and change tracking

  • Scope: Policy Groups, Rulesets, Policies, Smart Groups

  • Access: API

  • Enabled by default

Diffs are for audit purposes only. They cannot be used for rollback or reconstructing full system state.

Key Features

  • Change Tracking: Who made the change (user identity), What changed, When it happened (timestamp)

  • Scope: Tracks changes for Policy Groups, Rulesets, Policies, Smart Groups

  • Access: Enabled by default

Benefits

  • Improved Transparency: Clear insight into who changed what and when

  • Ease of Use: Structured diffs simplify audits and compliance checks

  • Operational Efficiency: Faster troubleshooting and accountability

  • Future-Ready: Positions for advanced features like rollback and versioning in future releases

  • Compliance Support: Meets audit requirements for regulated environments

  • Reduced Risk: Detect unauthorized or accidental changes quickly

  • Enterprise Governance: Strengthens policy lifecycle management

Access the Policy Audit Logs

You can access the policy audit logs via the `GET /v2.5/policy-audit' API endpoint in CoPilot.

Every change to DCF entities (Policy Groups, Rulesets, Policies, Smart Groups) is recorded. Audit entries include:

  • User who made the change

  • Timestamp of the change

  • Structured diff showing what was modified

View Policy Audit Logs through API Request

API Example

Following is an example to retrieve audit logs for policy changes:

curl -X GET "https://<controller>/v2.5/policy-audit?entity=ruleset" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <TOKEN>"

Sample response:

{
    "audit_entries": [
        {
            "timestamp": "2025-11-12T12:45:30Z",
            "user": "admin@example.com",
            "entity": "ruleset",
            "entity_name": "finance-egress",
            "diff": {
                "added": ["rule: allow finance to internet"],
                "removed": ["rule: deny finance to internet"]
            },
            "api_call": "/v2.5/policy-rule-update"
        }
    ]
}

Best Practices

  • Regularly export audit logs for compliance reporting

  • Integrate audit data with SIEM or governance platforms for centralized visibility

  • Use audit insights to enforce change management policies across teams