curl --request GET \
--url https://audit.cpln.io/audit/org/{org}/subject/email/{subjectEmail} \
--header 'Authorization: <api-key>'{
"kind": "queryresult",
"itemKind": "auditevent",
"items": [
{
"resource": {
"id": "dfedd8b9-7737-498a-883f-0162510c0d68",
"name": "my-workload",
"type": "workload",
"data": {
"foo": "bar"
}
},
"id": "7f2195ac-e003-42a3-8324-d4bb1f11d10e",
"eventTime": "2021-01-02T13:01:02.345Z",
"postedTime": "2021-01-02T13:01:03.123Z",
"receivedTime": "2021-01-02T13:01:03.159Z",
"requestId": "d4e26a95-1988-4bf5-94fb-40d605cce0e9",
"context": {
"org": "myorg",
"name": "audit-context-1",
"remoteIp": "1.2.3.4",
"eventSource": "system",
"location": "aws-us-west-2",
"gvcAlias": "gm0b1e3a1vxjj",
"podId": "workload-00016-deployment-54b5b8f94f-jqkcn",
"data": {}
},
"subject": {
"email": "[email protected]",
"name": "Bob Johnson",
"claims": {},
"data": {}
},
"action": {
"type": "delete",
"data": {}
},
"result": {
"status": "OK",
"message": "Object created successfully"
}
}
],
"query": {
"param1": "value1",
"param2": "value2"
},
"links": [
{
"rel": "self",
"href": "/audit/org/myorg/id/e40f6816-574a-4150-a089-8bea6b4b588b"
}
]
}Get all audit events by subject email
curl --request GET \
--url https://audit.cpln.io/audit/org/{org}/subject/email/{subjectEmail} \
--header 'Authorization: <api-key>'{
"kind": "queryresult",
"itemKind": "auditevent",
"items": [
{
"resource": {
"id": "dfedd8b9-7737-498a-883f-0162510c0d68",
"name": "my-workload",
"type": "workload",
"data": {
"foo": "bar"
}
},
"id": "7f2195ac-e003-42a3-8324-d4bb1f11d10e",
"eventTime": "2021-01-02T13:01:02.345Z",
"postedTime": "2021-01-02T13:01:03.123Z",
"receivedTime": "2021-01-02T13:01:03.159Z",
"requestId": "d4e26a95-1988-4bf5-94fb-40d605cce0e9",
"context": {
"org": "myorg",
"name": "audit-context-1",
"remoteIp": "1.2.3.4",
"eventSource": "system",
"location": "aws-us-west-2",
"gvcAlias": "gm0b1e3a1vxjj",
"podId": "workload-00016-deployment-54b5b8f94f-jqkcn",
"data": {}
},
"subject": {
"email": "[email protected]",
"name": "Bob Johnson",
"claims": {},
"data": {}
},
"action": {
"type": "delete",
"data": {}
},
"result": {
"status": "OK",
"message": "Object created successfully"
}
}
],
"query": {
"param1": "value1",
"param2": "value2"
},
"links": [
{
"rel": "self",
"href": "/audit/org/myorg/id/e40f6816-574a-4150-a089-8bea6b4b588b"
}
]
}Authorizations
Service account key can be used as API keys
Query Parameters
Response
A list of audit events
"queryresult"
"auditevent"
Show child attributes
Show child attributes
The event ID, assigned by the system
"7f2195ac-e003-42a3-8324-d4bb1f11d10e"
The time of the event's occurrence. This can be anytime before the event is posted to the system.
"2021-01-02T13:01:02.345Z"
The time the event is posted to the system, assigned automatically
"2021-01-02T13:01:03.123Z"
The time the event is received and processed by the system, assigned automatically
"2021-01-02T13:01:03.159Z"
The identifier of the request, the event is associated with. It is not related to the event's identifier. There can be zero, or one or more audit events associated with the same request ID.
"d4e26a95-1988-4bf5-94fb-40d605cce0e9"
Show child attributes
Show child attributes
The name of the posting organization, set based on the posting entity's organization.
"myorg"
The audit context name.
"audit-context-1"
"1.2.3.4"
"system"
The location/region where the event is created.
"aws-us-west-2"
"gm0b1e3a1vxjj"
"workload-00016-deployment-54b5b8f94f-jqkcn"
Additional custom data about the event context