Get Audit trails
The endpoint returns a paginated list of audits of the pod depending on input parameters such as the categories of audits, time interval etc. Each page can contain up to 100 audits.
Last updated
Was this helpful?
The endpoint returns a paginated list of audits of the pod depending on input parameters such as the categories of audits, time interval etc. Each page can contain up to 100 audits.
Last updated
Was this helpful?
This operation returns paginated list of audit trail events. You can narrow down search results by specifying categories, action, originating userId, attribute, groupId, authorization role, streamId, affected userId, temporary authId, disclaimerId or policyId parameter. Pages can contain up to 100 records. This operation returns only audits for the categories the requester is entitled to.
/v1/audits
start range date restriction. Date must be formatted the following way: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
end range date restriction. Date must be formatted the following way: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
List of Audit Trail categories restriction
login,malwarescan"Affected User Id" filter single value restriction
"Originating User Id" filter single value restriction (a.k.a. "Performed by)"
"Action Id" filter single value restriction
"Attribute" filter single value restriction
"Group Id" filter single value restriction (used by Info barrier, Role Scope...)
"Authorization Role" filter single value restriction
"Stream Id" filter single value restriction (using either Base64 or Base64URL encoding)
"Policy Id" filter single value restriction
"Application Id" filter single value restriction
"Temporary Authorization Id" filter single value restriction
"Disclaimer Id" filter single value restriction
Used format for output date values.<br/> Possible values:<br/> <ul> <li>STANDARD_AT_ACP_DATE - MM-dd-YYYY - as historically used in Symphony Audit Trails</li> </ul> or anything supported by java11 DateTimeFormatter (https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/time/format/DateTimeFormatter.html)<br/> <ul> <li>BASIC_ISO_DATE</li> <li>ISO_DATE</li> <li>ISO_DATE_TIME</li> <li>ISO_INSTANT</li> <li>ISO_LOCAL_DATE</li> <li>ISO_LOCAL_DATE_TIME</li> <li>ISO_LOCAL_TIME</li> <li>ISO_OFFSET_DATE</li> <li>ISO_OFFSET_DATE_TIME</li> <li>ISO_OFFSET_TIME</li> <li>ISO_ORDINAL_DATE</li> <li>ISO_TIME</li> <li>ISO_WEEK_DATE</li> <li>ISO_ZONED_DATE_TIME</li> <li>RFC_1123_DATE_TIME</li> <li>any supported date/time pattern - YYYYMMddHHmmss, ....</li> </ul>
Specifies the maximum number of objects to return. It is possible that fewer than the specified number is returned, either due to reaching the end of the record set or due to data access rules that filter results of the back end query. The number of returned objects should not be used to determine if there are more objects to retrieve. Instead, the presence of the "next" and "previous" (see below) fields should be used.
Cursor value that specifies that the returned page of data should consist of records that come before this cursor value (essentially the "previous" page).
Cursor value that specifies that the returned page of data should consist of records that come after this cursor value (essentially the "next" page).