Create a new audit event

curl --request POST \
  --url https://audit.cpln.io/audit/org/{org}/auditctx/{contextName} \
  --header 'Authorization: <api-key>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "resource": {
    "id": "dfedd8b9-7737-498a-883f-0162510c0d68",
    "name": "my-workload",
    "type": "workload",
    "data": {
      "foo": "bar"
    }
  },
  "id": "7f2195ac-e003-42a3-8324-d4bb1f11d10e",
  "eventTime": "2021-01-02T13:01:02.345Z",
  "postedTime": "2021-01-02T13:01:03.123Z",
  "receivedTime": "2021-01-02T13:01:03.159Z",
  "requestId": "d4e26a95-1988-4bf5-94fb-40d605cce0e9",
  "context": {
    "org": "myorg",
    "name": "audit-context-1",
    "remoteIp": "1.2.3.4",
    "eventSource": "system",
    "location": "aws-us-west-2",
    "gvcAlias": "gm0b1e3a1vxjj",
    "podId": "workload-00016-deployment-54b5b8f94f-jqkcn",
    "data": {}
  },
  "subject": {
    "email": "[email protected]",
    "name": "Bob Johnson",
    "claims": {},
    "data": {}
  },
  "action": {
    "type": "delete",
    "data": {}
  },
  "result": {
    "status": "OK",
    "message": "Object created successfully"
  }
}
'

{
  "id": "1234",
  "message": "Published event with ID 1234 on primary transport"
}

POST

org

{org}

auditctx

{contextName}

Create a new audit event

curl --request POST \
  --url https://audit.cpln.io/audit/org/{org}/auditctx/{contextName} \
  --header 'Authorization: <api-key>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "resource": {
    "id": "dfedd8b9-7737-498a-883f-0162510c0d68",
    "name": "my-workload",
    "type": "workload",
    "data": {
      "foo": "bar"
    }
  },
  "id": "7f2195ac-e003-42a3-8324-d4bb1f11d10e",
  "eventTime": "2021-01-02T13:01:02.345Z",
  "postedTime": "2021-01-02T13:01:03.123Z",
  "receivedTime": "2021-01-02T13:01:03.159Z",
  "requestId": "d4e26a95-1988-4bf5-94fb-40d605cce0e9",
  "context": {
    "org": "myorg",
    "name": "audit-context-1",
    "remoteIp": "1.2.3.4",
    "eventSource": "system",
    "location": "aws-us-west-2",
    "gvcAlias": "gm0b1e3a1vxjj",
    "podId": "workload-00016-deployment-54b5b8f94f-jqkcn",
    "data": {}
  },
  "subject": {
    "email": "[email protected]",
    "name": "Bob Johnson",
    "claims": {},
    "data": {}
  },
  "action": {
    "type": "delete",
    "data": {}
  },
  "result": {
    "status": "OK",
    "message": "Object created successfully"
  }
}
'

{
  "id": "1234",
  "message": "Published event with ID 1234 on primary transport"
}

Authorizations

Authorization

string

header

required

Service account key can be used as API keys

Path Parameters

org

string

required

contextName

string

required

Query Parameters

async

boolean

default:false

If true, don't wait for the forwarding audit service to send the event to the backend. This mode allows for processing new audit events at a higher volume.

Body

application/json

resource

object

required

Show child attributes

resource.id

string

Example:

"dfedd8b9-7737-498a-883f-0162510c0d68"

resource.name

string

Example:

"my-workload"

resource.type

string

Example:

"workload"

resource.data

object

Example:

{ "foo": "bar" }

string

The event ID, assigned by the system

Example:

"7f2195ac-e003-42a3-8324-d4bb1f11d10e"

eventTime

string

The time of the event's occurrence. This can be anytime before the event is posted to the system.

Example:

"2021-01-02T13:01:02.345Z"

postedTime

string

The time the event is posted to the system, assigned automatically

Example:

"2021-01-02T13:01:03.123Z"

receivedTime

string

The time the event is received and processed by the system, assigned automatically

Example:

"2021-01-02T13:01:03.159Z"

requestId

string

The identifier of the request, the event is associated with. It is not related to the event's identifier. There can be zero, or one or more audit events associated with the same request ID.

Example:

"d4e26a95-1988-4bf5-94fb-40d605cce0e9"

context

object

Show child attributes

context.org

string

The name of the posting organization, set based on the posting entity's organization.

Example:

"myorg"

context.name

string

The audit context name.

Example:

"audit-context-1"

context.remoteIp

string

Example:

"1.2.3.4"

context.eventSource

string

Example:

"system"

context.location

string

The location/region where the event is created.

Example:

"aws-us-west-2"

context.gvcAlias

string

Example:

"gm0b1e3a1vxjj"

context.podId

string

Example:

"workload-00016-deployment-54b5b8f94f-jqkcn"

context.data

object

Additional custom data about the event context

subject

object

Show child attributes

subject.email

string

Example:

"[email protected]"

subject.name

string

Example:

"Bob Johnson"

subject.claims

object

Additional optional claims about the subject

subject.data

object

Additional optional data about the subject

action

object

Show child attributes

action.type

string

Example:

"delete"

action.data

object

Additional optional data about the action

result

object

Show child attributes

result.status

string

Example:

"OK"

result.message

string

Example:

"Object created successfully"

Response

An audit event object

string

Example:

"1234"

message

string

Example:

"Published event with ID 1234 on primary transport"

Get all audit events by query parameters

⌘I

API Reference

Core API

Audit API

Create a new audit event

Authorizations

Path Parameters

Query Parameters

Body

Response