Enterprise 11 Audit API

Requests audit data for a given input combination of date filter, sorting mechanism, and pagination.

Prerequisites

JSON Web Token (JWT)
All Control Room APIs require a JSON Web Token (JWT) to access the APIs. Generate an authentication token using the Authentication API. A JWT is required to run all Control Room APIs.
Roles and license
Users with the AAE_Admin role or users with the View everyone's audit log actions permission are able to view audit logs for the Control Room.
  • URL: http://<your_control_room_url>/v1/audit/messages/list
  • Method: POST
Note:
  • Use the Swagger definition files installed with your Control Room to test the APIs. View the available Swagger APIs at http://<your_control_room_url>/swagger/
  • You can also use a REST client to complete this task.

Procedure

  1. Add an authentication token to the request header.
    Note: Use the Authentication API to generate a JSON Web Token.
  2. Select POST as the method.
    Note: Apply filters to perform basic conditional queries and pagination control for processing web pages. There are three basic features related to filtering: filtering conditions, sorting columns, and pagination parameters. Refer to the Filters in an API request body.

    The following example requests unsuccessful login attempts for the month of December.

    Request body:

    
    {
      "sort": [
        {
          "field": "createdOn",
          "direction": "desc"
        }
      ],
      "filter": {
        "operator": "and",
        "operands": [
          {
            "operator": "gt",
            "field": "createdOn",
            "value": "2019-12-01T00:00:00.001Z"
          },
          {
            "operator": "lt",
            "field": "createdOn",
            "value": "2019-12-31T23:59:59.999Z"
          },
          {
            "operator": "eq",
            "field": "status",
            "value": "Unsuccessful"
          },
          {
            "operator": "substring",
            "field": "activityType",
            "value": "LOGIN"
          }
        ]
      },
      "fields": [],
      "page": {
        "length": "1000",
        "offset": "0"
      }
    }
  3. Send the request.
    • In Swagger, click Execute.
    • In a REST Client, click SEND.

    The response for this example returned data for date filter, sorting, and pagination. When there is no filtering used in the request, a successful response returns all pages for the specified Control Room.

    Response body:
    {
      "page": {
        "offset": 0,
        "total": 847,
        "totalFilter": 4
      },
      "list": [
        {
          "id": "aOhx024BVd_jtov73ujy",
          "eventDescription": "User does not exist in Control Room.",
          "activityType": "LOGIN",
          "environmentName": "",
          "hostName": "50.xxx.xxx.66",
          "userName": "string",
          "status": "Unsuccessful",
          "source": "Control Room",
          "objectName": "N/A",
          "detail": "",
          "createdOn": "2019-12-05T00:24:45Z",
          "requestId": "a5f69abd-766c-4eed-8d2f-79aff572538c",
          "createdBy": "0"
        },
        {
          "id": "Y-ht024BVd_jtov7Nej4",
          "eventDescription": "User provided incorrect password.",
          "activityType": "LOGIN",
          "environmentName": "",
          "hostName": "50.xxx.xxx.66",
          "userName": "docs-2fa",
          "status": "Unsuccessful",
          "source": "Control Room",
          "objectName": "N/A",
          "detail": "",
          "createdOn": "2019-12-05T00:19:40Z",
          "requestId": "8995877f-a9ba-41cf-8d6a-a3cfe5a5d63a",
          "createdBy": "0"
        },
        {
          "id": "m46_yG4BGE7puvDMHe_6",
          "eventDescription": "User does not exist in Control Room.",
          "activityType": "LOGIN",
          "environmentName": "",
          "hostName": "50.xxx.xxx.66",
          "userName": "string",
          "status": "Unsuccessful",
          "source": "Control Room",
          "objectName": "N/A",
          "detail": "",
          "createdOn": "2019-12-02T22:33:18Z",
          "requestId": "e3e6387e-9cd9-45af-ac5c-9279c1a63f95",
          "createdBy": "0"
        },
        {
          "id": "mI6qyG4BGE7puvDMle-y",
          "eventDescription": "User does not exist in Control Room.",
          "activityType": "LOGIN",
          "environmentName": "",
          "hostName": "50.xxx.xxx.66",
          "userName": "System",
          "status": "Unsuccessful",
          "source": "Control Room",
          "objectName": "N/A",
          "detail": "",
          "createdOn": "2019-12-02T22:10:52Z",
          "requestId": "a1d5944e-f14e-4981-a65d-7d2a59ed0c44",
          "createdBy": "0"
        }
      ]
    }
    Response headers:
     cache-control: no-cache, no-store, max-age=0, must-revalidate 
     content-length: 1854 
     content-security-policy: default-src 'self' 
     content-type: application/json 
     date: Sun, 08 Dec 2019 04:58:53 GMT 
     expires: 0 
     pragma: no-cache 
     x-content-type-options: nosniff 
     x-frame-options: SAMEORIGIN 
     x-xss-protection: 1; mode=block  
Note: You can also run REST requests from a command terminal. The following is a curl request example. This example is formatted for readability.
curl -X POST "http://ec2-34-210-185-177.us-west-2.compute.amazonaws.com/v1/audit/messages/list" -H "accept: application/json" -H "X-Authorization: eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiI0IiwiY2xpZW50VHlwZSI6IldFQiIsImxpY2Vuc2VzIjpbXSwiYW5hbHl0aWNzTGljZW5zZXNQdXJjaGFzZWQiOnsiQW5hbHl0aWNzQ2xpZW50Ijp0cnVlLCJBbmFseXRpY3NBUEkiOnRydWV9LCJpYXQiOjE1NzU3ODExMTUsImV4cCI6MTU3NTc4MjMxNSwiaXNzIjoiQXV0b21hdGlvbkFueXdoZXJlIiwibmFub1RpbWUiOjU2MzI3OTk4MTE5ODEzMDAsImNzcmZUb2tlbiI6IjRmYWM1ODg1ZjM0ZThkYmJhZGQ1ZTMwZDIxNGY3MDA3In0.sqyQ5DiAMqSqu4qpiALFxW0cJGZCJCT8u-oJ9AoUBSvQ7gS5Ss0hszFR4zYIMG_8qQBcENnySnfeDpTysyclRKRx2TCjb2OVpPI8Y76g-6vlaZgJP-_iOloOBzso1I0Q7EHkFE7UOaeWurLcltUXCnjZfYaPC4UJqQTNto0LqavlxsBC3HdxYLg4FiA0D7CKP_sb9CAVPVKN9wlxU35gFzggiBYxifVXSAtB_wtWbJzHeirgx4fuAw8lTBIO0URjgRSR4mgMt0y6hOHIrGuLhtx13c3YQnQ2n5xfWX2OzbdwOLreIu87mbCiA4KZ9X95q1TuI7r6jKecUlrv-RwkVw" -H "Content-Type: application/json" -d "{ \"sort\": [ { \"field\": \"createdOn\", \"direction\": \"desc\" } ], \"filter\": { \"operator\": \"and\", \"operands\": [ { \"operator\": \"gt\", \"field\": \"createdOn\", \"value\": \"2019-12-01T00:00:00.001Z\" }, { \"operator\": \"lt\", \"field\": \"createdOn\", \"value\": \"2019-12-31T23:59:59.999Z\" }, { \"operator\": \"eq\", \"field\": \"status\", \"value\": \"Unsuccessful\" }, { \"operator\": \"substring\", \"field\": \"activityType\", \"value\": \"LOGIN\" } ] }, \"fields\": [], \"page\": { \"length\": \"1000\", \"offset\": \"0\" }}"