Wiz Audit Logs connector
This feature is in Beta. Workspace admins can control access to this feature from the Previews page. See Manage Databricks previews.
The managed Wiz Audit Logs connector in Lakeflow Connect allows you to ingest audit log entries, issues, and vulnerability findings from Wiz into Databricks.
Feature availability
Feature | Availability |
|---|---|
UI-based pipeline authoring |
|
API-based pipeline authoring |
|
Declarative Automation Bundles |
|
Incremental ingestion |
|
Unity Catalog governance |
|
Orchestration using Databricks Workflows |
|
SCD type 2 |
Wiz audit logs, issues, and vulnerability findings are ingested as an append-only feed. |
Automated schema evolution: New and deleted columns |
|
Automated schema evolution: Data type changes |
|
Automated schema evolution: Column renames |
Requires a full refresh. |
Supported
Not supportedAuthentication methods
Authentication method | Availability |
|---|---|
OAuth machine-to-machine (Wiz service account) |
|
API token |
|
Basic authentication (username/password) |
|
What to know before you start
Topic | Why it matters |
|---|---|
The workflow depends on your Databricks user persona:
| |
The steps to create a connection depend on the authentication method you select. | |
The steps to create a pipeline depend on the interface. | |
The pipeline schedule depends on your latency and cost requirements. | |
Depending on your ingestion needs, the pipeline might use configurations like history tracking, column selection, and row filtering. Supported configurations vary by connector. See Feature availability. |
Start ingesting from Wiz Audit Logs
The following table has an overview of the end-to-end Wiz Audit Logs ingestion flow, based on user type:
User | Steps |
|---|---|
Admin |
|
Non-admin | Use any supported interface to create a pipeline from an existing connection. See Ingest data from Wiz Audit Logs. |