Get Audit trails

The endpoint returns a paginated list of audits of the pod depending on input parameters such as the categories of audits, time interval etc. Each page can contain up to 100 audits.

Last updated 1 year ago

Was this helpful?

Get Audit Trail Events

get

This operation returns paginated list of audit trail events. You can narrow down search results by specifying categories, action, originating userId, attribute, groupId, authorization role, streamId, affected userId, temporary authId, disclaimerId or policyId parameter. Pages can contain up to 100 records. This operation returns only audits for the categories the requester is entitled to.

Query parameters

startDatestringoptional

start range date restriction. Date must be formatted the following way: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'

endDatestringoptional

end range date restriction. Date must be formatted the following way: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'

categoriesstringrequired

List of Audit Trail categories restriction

Example: login,malwarescan

affectedUserIdstringoptional

"Affected User Id" filter single value restriction

originatingUserIdstringoptional

"Originating User Id" filter single value restriction (a.k.a. "Performed by)"

actionIdstringoptional

"Action Id" filter single value restriction

attributestringoptional

"Attribute" filter single value restriction

groupIdstringoptional

"Group Id" filter single value restriction (used by Info barrier, Role Scope...)

authorizationRolestringoptional

"Authorization Role" filter single value restriction

streamIdstringoptional

"Stream Id" filter single value restriction (using either Base64 or Base64URL encoding)

policyIdstringoptional

"Policy Id" filter single value restriction

applicationIdstringoptional

"Application Id" filter single value restriction

tempAuthIdstringoptional

"Temporary Authorization Id" filter single value restriction

disclaimerIdstringoptional

"Disclaimer Id" filter single value restriction

dateFormatstring · default: "STANDARD_AT_ACP_DATE"optional

Used format for output date values. Possible values: STANDARD_AT_ACP_DATE - MM-dd-YYYY - as historically used in Symphony Audit Trails or anything supported by java11 DateTimeFormatter (https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/time/format/DateTimeFormatter.html) BASIC_ISO_DATE ISO_DATE ISO_DATE_TIME ISO_INSTANT ISO_LOCAL_DATE ISO_LOCAL_DATE_TIME ISO_LOCAL_TIME ISO_OFFSET_DATE ISO_OFFSET_DATE_TIME ISO_OFFSET_TIME ISO_ORDINAL_DATE ISO_TIME ISO_WEEK_DATE ISO_ZONED_DATE_TIME RFC_1123_DATE_TIME any supported date/time pattern - YYYYMMddHHmmss, ....

limitinteger · int32 · min: 1 · max: 100 · default: 100optional

Specifies the maximum number of objects to return. It is possible that fewer than the specified number is returned, either due to reaching the end of the record set or due to data access rules that filter results of the back end query. The number of returned objects should not be used to determine if there are more objects to retrieve. Instead, the presence of the "next" and "previous" (see below) fields should be used.

beforestringoptional

Cursor value that specifies that the returned page of data should consist of records that come before this cursor value (essentially the "previous" page).

afterstringoptional

Cursor value that specifies that the returned page of data should consist of records that come after this cursor value (essentially the "next" page).

Responses

application/json

cURL

JavaScript

Python

HTTP

curl -L \
  --url 'youraudittrailURL.symphony.com/at2/v1/audits?categories=login%2Cmalwarescan'

200

400

401

403

404

application/json

text/csv

{
  "pagination": {
    "next": "next",
    "cursors": {
      "before": "before",
      "after": "after"
    },
    "previous": "previous"
  },
  "data": [
    {
      "createdDate": "2000-01-23T04:56:07.000+00:00",
      "details": [
        {
          "complexValue": [
            {
              "value": "value",
              "key": "key"
            },
            {
              "value": "value",
              "key": "key"
            }
          ],
          "value": "value",
          "key": "key"
        },
        {
          "complexValue": [
            {
              "value": "value",
              "key": "key"
            },
            {
              "value": "value",
              "key": "key"
            }
          ],
          "value": "value",
          "key": "key"
        }
      ],
      "id": "id",
      "category": "category"
    },
    {
      "createdDate": "2000-01-23T04:56:07.000+00:00",
      "details": [
        {
          "complexValue": [
            {
              "value": "value",
              "key": "key"
            },
            {
              "value": "value",
              "key": "key"
            }
          ],
          "value": "value",
          "key": "key"
        },
        {
          "complexValue": [
            {
              "value": "value",
              "key": "key"
            },
            {
              "value": "value",
              "key": "key"
            }
          ],
          "value": "value",
          "key": "key"
        }
      ],
      "id": "id",
      "category": "category"
    }
  ],
  "warnings": [
    {
      "code": "code",
      "message": "message"
    },
    {
      "code": "code",
      "message": "message"
    }
  ]
}

Success