P4AUDIT

Location of the audit log Helix Core Server supports human-readable logs as well as structured logs in a comma-separated value (CSV) format. The human-readable P4LOG environment variable specifies the log file for errors. The human-readable P4AUDIT environment variable specifies the log file that records file transfers to users. Structured log files are for many purposes. To learn more, see 'Logging" in Helix Core Server Administration Documentation. file.

Usage notes

Used by Client?	Used by Server?	Command-Line Alternative	Can be set in P4CONFIG file?
No	Yes	p4d -A auditlog	N/A

Value if not explicitly set

Operating System	Value
All	None. If no log file is specified, auditing is disabled.

Notes

P4AUDIT specifies the location of the audit log file.

When auditing is enabled, Helix Core Server adds a line to the audit log file every time file content is transferred to any user. To ensure that user activity on forwarding replicas, edge servers, and build farm replicas is tracked, each replica or edge server must have P4AUDIT configured.

Manage log file growth

On any active server, the audit log file might grow quickly. See Manage log file growth in the Helix Core Server Administration Documentation.

Format of audit log

Lines in the audit log appear in this format:

datetimeuser@clientclientIPcommandfile#rev

For example:

2024/05/09 09:52:45 maria@nail 192.168.0.12 diff //depot/src/x.c#1
2024/05/09 09:54:13 emily@stone 127.0.0.1 sync //depot/inc/file.h#1

If a command is run on the same physical machine that hosts the Perforce service, the clientIP is shown as 127.0.0.1.

For commands that arrive through a Helix Proxy, the IP address is reported in the form proxyIP/clientIP, and the command is reported as command-proxy.

To learn more, see Auditing user file access in the Helix Core Server Administration Documentation.