Audit and monitor data access using Delta Sharing (for recipients)
This article describes how data recipients can use Databricks audit logs to understand who is accessing which data using Delta Sharing.
For information about how data providers can audit Delta Sharing events, see Audit and monitor data sharing using Delta Sharing (for providers).
Requirements
You must have a Databricks account.
To access audit logs, an account admin must enable the audit log system table for your Databricks account. See Enable system tables. If you are not an account admin or metastore admin, you must be given access to
system.access.audit
to read audit logs.
Logged errors
The following Delta Sharing errors are logged for the data recipient. Items between <
and >
characters represent placeholder text.
The user attempted to access a share they do not have permission to access.
DatabricksServiceException: PERMISSION_DENIED: User does not have SELECT on Share <share-name>`
The user attempted to access a share that does not exist.
DatabricksServiceException: SHARE_DOES_NOT_EXIST: Share <share-name> does not exist.
The user attempted to access a table that does not exist in the share.
DatabricksServiceException: TABLE_DOES_NOT_EXIST: <table-name> does not exist.
For a list of auditable events and errors logged for data providers, see Audit and monitor data sharing using Delta Sharing (for providers).