Symphony Messaging REST APIs
  • Symphony Messaging API Reference documentation
  • Endpoints Reference
    • Bots Authentication
      • Session Authenticate
      • Key Manager Authenticate
      • Session Authenticate (Cert)
      • Key Manager Authenticate (Cert)
      • Session Logout
      • Key Manager Logout
    • Apps Authentication
      • Authenticate App
      • Pod Certificate
    • Apps On Behalf Of (OBO)
      • API Endpoints for Apps
      • App Authentication
      • User Authentication by User ID
      • User Authentication by User Name
    • Info - Health Check
      • Health Check
      • Health Check Extended
      • Session User
      • Agent Info
      • Echo
    • Messages
      • Get Messages
      • Create Message
      • Blast Message
      • Attachment
      • Import Message
      • Update Message
      • Suppress Message
      • Message Search
      • Message Search
      • Message Status
      • Attachment Types
      • Get Message
      • List Attachments
      • List Message Receipts
      • Message Metadata
    • Datafeed - Real Time Events
      • Create Datafeed
      • Read Datafeed
      • List Datafeed
      • Delete Datafeed
    • Datahose - Pod Real Time Events
      • Datahose - Read Events
    • Streams - Conversations
      • Related to IMs
        • Create IM
        • Create IM non-inclusive
        • Update IM
        • IM Info
      • Related to Rooms
        • Room Attributes
        • Create Room
        • Update Room
        • Room Info
        • De/Re-activate Room
        • Room Members
        • Add Member
        • Remove Member
        • Promote Owner
        • Demote Owner
        • Search Rooms
      • All streams
        • Share Content
        • List User Streams
        • List User Streams (Admin)
        • Stream Info
        • List Streams for Enterprise
        • Stream Members
    • Signals
      • List Signals
      • Get Signal
      • Create Signal
      • Update Signal
      • Delete Signal
      • Subscribe Signal
      • Unsubscribe Signal
      • Suscribers
      • Signal Object
    • Connections
      • Get Connection
      • List Connection
      • Create Connection
      • Accept Connection
      • Reject Connection
      • Remove Connection
    • Presence
      • Get Presence
      • Get All Presence
      • Get User Presence
      • External Presence Interest
      • Set Presence
      • Set Other User's Presence - Admin
    • Users
      • Users Lookup
      • Search Users
      • Follow User
      • Unfollow User
      • List User Followers
      • List Users Followed
    • User Management
      • User Attributes Object
      • Password Object
      • Roles Object
      • UserKeyRequest Object
      • Get User
      • List Users
      • Create User
      • Update User
      • User Avatar
      • Update User Avatar
      • User Status
      • Update User Status
      • List Features
      • User Features
      • Update User Features
      • Find Users
      • List Roles
      • Add Role
      • Remove Role
      • List Audit Trail
      • Suspend User Account
      • Get Bot Manifest
      • Update Bot Manifest
    • User Sessions
      • List Sessions
      • Logout Session
      • Logout All Sessions
    • Groups - Distribution Lists
      • OAuth2 Authenticate
      • Add a new user to an existing group
      • Insert a new group
      • Retrieve a group
      • Update a group
      • List all groups of specified type
      • Update the group avatar
    • URI Protocols
      • Create Protocol
      • List Protocols
      • Delete Protocol
    • Manage Apps
      • Create App
      • Update App
      • Delete App
      • Get App
    • Apps Entitlements
      • List Apps
      • Update App Entitlements
      • List User Apps
      • Update User Apps
      • Update All User Apps
    • Disclaimers
      • Disclaimer
      • List Disclaimers
      • List Disclaimer Users
      • User Disclaimer
      • Update User Disclaimer
      • Unassign User Disclaimer
    • Delegates
      • User Delegates
      • Update User Delegates
    • Information Barrier Groups
      • List IB Groups
      • List IB Group Members
      • Add IB Group Members
      • Remove IB Group Members
      • List Policies
    • Certificates
      • Public (Signing) Certificate
      • List Company Certificates
      • Create Company Certificate
      • Delete Company Certificate
      • Company Certificate Details
      • List Verified Certificates
      • List Trusted Certificates
      • List Certificate Types
      • Update Company Certificate
    • Malware Scanner
      • Malware Scanner APIs
        • File Malware Scanner State
        • Update File Malware Scanner State
      • Customer Malware Scanner APIs
        • Malware Scanner Health
        • File Malware Scanner
    • DLP Dictionary & Policy Management
      • Overview
      • Dictionary Management endpoints
        • Create Dictionary
        • All Dictionaries
        • Specific Dictionary
        • Update Dictionary
        • Upload Dictionary Content
        • Download Dictionary Content
        • Delete Dictionary
      • V3 Policy Management endpoints
        • V3 Policy structure for Create/Update
        • V3 Create Policy
        • V3 All Policies
        • V3 Get Policy
        • V3 Update Policy
        • V3 Enable Policy
        • V3 Disable Policy
        • V3 Delete Policy
      • V3 Violations endpoints
        • V3 Violations - Sample Responses
        • V3 Violations - Special Scenarios of Attachments
        • V3 Message Violations
        • V3 Signal Violations
        • V3 Stream Violations
        • V3 Violation Attachment Download
    • Audit Trail 2
      • OAuth2 Authenticate
      • Get Audit trails
      • Get distinct values of a list of filters
      • Get Audit Trail Stream
      • Get categories permissions
    • Compliance Barrier Groups
      • Compliance Group Types
      • Compliance User Groups
        • List Compliance User Groups
        • Get a Compliance User Group
        • Create a Compliance User Group
        • Update a Compliance User Group
      • Compliance Group Assignments
        • List Assignments
        • List Compliance Group Assignments
        • Update a Compliance Group
      • Compliance Group Memberships
        • List Memberships
        • List Compliance Group Memberships
        • Add Compliance Group Membership
        • Update a User Membership
  • Deprecated Endpoints
    • DLP Dictionary and Policy management
      • V2 Policy Management endpoints
        • V2 Create Policy
        • V2 All Policies
        • V2 Get Policy
        • V2 Update Policy
        • V2 Enable Policy
        • V2 Disable Policy
        • V2 Delete Policy
      • V2 Violations endpoints
        • V2 Signal Violations
        • V2 Message Violations
        • V2 Stream Violations
    • Create Presence Feed
    • Read Presence Feed
    • Delete Presence Feed
    • Get Message IDs by Timestamp
    • Health Check v2
    • Datafeed 1
      • Create Datafeed 1
      • Read Datafeed 1
Powered by GitBook
On this page

Was this helpful?

  1. Endpoints Reference
  2. Audit Trail 2

Get Audit Trail Stream

The endpoint returns streamed list of audit trail events of the pod depending on input parameters such as the categories of audits, time interval etc. Pages can contain an unlimited number of records.

Last updated 1 year ago

Was this helpful?

Get Audit Trail Stream

get

This operation returns streamed list of audit trail events. You can narrow down search results by specifying categories, action, originating userId, attribute, groupId, authorization role, streamId, affected userId, temporary authId, disclaimerId or policyId parameter. Pages can contain an unlimited number of records. This operation returns only audits for the categories the requester is entitled to.

Query parameters
startDatestringOptional

start range date restriction. Date must be formatted the following way: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'

endDatestringOptional

end range date restriction. Date must be formatted the following way: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'

categoriesstringRequired

List of Audit Trail categories restriction

Example: login,malwarescan
affectedUserIdstringOptional

"Affected User Id" filter single value restriction

originatingUserIdstringOptional

"Originating User Id" filter single value restriction (a.k.a. "Performed by)"

actionIdstringOptional

"Action Id" filter single value restriction

attributestringOptional

"Attribute" filter single value restriction

groupIdstringOptional

"Group Id" filter single value restriction (used by Info barrier, Role Scope...)

authorizationRolestringOptional

"Authorization Role" filter single value restriction

streamIdstringOptional

"Stream Id" filter single value restriction (using either Base64 or Base64URL encoding)

policyIdstringOptional

"Policy Id" filter single value restriction

applicationIdstringOptional

"Application Id" filter single value restriction

tempAuthIdstringOptional

"Temporary Authorization Id" filter single value restriction

disclaimerIdstringOptional

"Disclaimer Id" filter single value restriction

dateFormatstringOptional

Used format for output date values. Possible values: STANDARD_AT_ACP_DATE - MM-dd-YYYY - as historically used in Symphony Audit Trails or anything supported by java11 DateTimeFormatter (https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/time/format/DateTimeFormatter.html) BASIC_ISO_DATE ISO_DATE ISO_DATE_TIME ISO_INSTANT ISO_LOCAL_DATE ISO_LOCAL_DATE_TIME ISO_LOCAL_TIME ISO_OFFSET_DATE ISO_OFFSET_DATE_TIME ISO_OFFSET_TIME ISO_ORDINAL_DATE ISO_TIME ISO_WEEK_DATE ISO_ZONED_DATE_TIME RFC_1123_DATE_TIME any supported date/time pattern - YYYYMMddHHmmss, ....

Default: STANDARD_AT_ACP_DATE
limitinteger · int32 · min: 1Optional

Specifies the maximum number of objects to return. It is possible that fewer than the specified number is returned, either due to reaching the end of the record set or due to data access rules that filter results of the back end query. The number of returned objects should not be used to determine if there are more objects to retrieve. Instead, the presence of the "next" and "previous" (see below) fields should be used.

Header parameters
Content-Typestring · enumOptional

Content-type expected in return

Possible values:
Responses
200
Success
text/csv
ResponseStreamingResponseBody

Only used to reference org.springframework.web.servlet.mvc.method.annotation.StreamingResponseBody

400
Bad request
application/json
401
Unauthorized. Returned if JWT token verification failed.
application/json
403
Forbidden. Returned if the caller doesn't have the required entitlements to call an endpoint.
application/json
404
Not found. Returned if specified key is not found.
application/json
get
GET /at2/v1/audits/stream?categories=login%2Cmalwarescan HTTP/1.1
Host: youraudittrailURL.symphony.com
Accept: */*

No content