Audit API in Wasabi AiR

The Audit API enables you to view audit records generated by the platform.

Listing Audit Records

GET /api/data/audit

Optional Query Parameters

• user_id - (string) The ID of the user by which to filter events.
• group_id - (string) The ID of the group by which to filter events.
• target_kind - (string) The target_kind by which to filter events.
• target_id - (string) The ID of the target object by which to filter events.
• action_key - (string) The specific action key by which to filter events.
• from - (timestamp in RFC3339 format) - A timestamp to return events newer than this time.
• to - (timestamp in RFC3339 format) - A timestamp to return events older than this time.
• order - (string) The field by which to order events. Valid values are: user_id, group_id, target_kind, action_key, ctime. This parameter defaults to ctime.
• page - (integer) The page of results to display. The default is 0.
• count - (integer) The number of records to return per page. The defaults is 20.

Response

{
    "audit_events": [
        {
            "id": "59de4bb09221034b071d83db64950d34",
            "user_id": "59790c0f1ab46239e59188bed540bfc7",
            "action_key": "login",
            "target_kind": "authenticate",
            "target_id": "59790c0f1ab46239e59188bed540bfc7",
            "time": "2017-10-11T16:49:52.758191Z"
        },
        {
            "id": "59e12813db0201953dfe7214c4750e88",
            "user_id": "59790c0f1ab46239e59188bed540bfc7",
            "action_key": "enable",
            "target_kind": "feature",
            "target_id": "disabled_live_harvesting",
            "time": "2017-10-13T20:54:43.14061Z"
        },
    ...
    ],
    "total": 71,
    "page": 0
}

• audit_events[].id - (string) The ID of the event.
• audit_events[].user_id - (string) The ID of the user who initiated the event.
• audit_events[].target_kind - (string) The type or category of the target.
• audit_events[].action_key - (string) The specific action taken on the target.
• audit_events[].target_id - (string) The ID of the target object.
• audit_events[].time - (string) The timestamp of the event.
• total - (integer) The total number of records matching the query.
• page - (integer) The page number of the page of results.

Retrieving a Specific Audit Event

GET /api/data/audit/{id}

• {id} - (string) The ID of the audit record to get.

Response

{
    "id": "59e12813db0201953dfe7214c4750e88",
    "user_id": "59790c0f1ab46239e59188bed540bfc7",
    "action_key": "enable",
    "target_kind": "feature",
    "target_id": "disabled_live_harvesting",
    "time": "2017-10-13T20:54:43.14061Z"
}

• id - (string) The ID of the event.
• user_id - (string) The ID of the user who initiated the event.
• target_kind - (string) The type or category of the target.
• action_key - (string) The specific action taken on the target.
• target_id - (string) The ID of the target object.
• time - (string) The timestamp of the event.
• additional_id - (string) Optional. This field may be present for some events that represent an ID of an additional object. For example, when adding a group to a location, the additional_id is that of the group.

Listing Available Target Kinds and Action Keys

GET /api/data/audit/filters

Response

The response is 200 with an array of objects.

{
    "target_kinds": [
        {
            "name": "authenticate",
            "action_keys": [
                "login",
                "update-password"
            ]
        },
        {
            "name": "feature",
            "action_keys": [
                "enable"
            ]
        },
        {
            "name": "group",
            "action_keys": [
                "create"
            ]
        }
    ]
}

• target_kinds[].name - (string) The name of the target kind.
• target_kinds[].action_keys[] - (array of strings) The names of the action_keys belonging to this target_kind.