Audit Logs APIs 🚀

This API is designed to extract detailed audit information from the Data One platform.

It performs searches using precise matching criteria for all specified fields, ensuring that results are highly accurate. Additionally, audit records can be sorted either in ascending or descending order, depending on the record fields.

Audit List

Endpoint: /audit/logs Method: GET Context: /data-one-application/api/v1 Description: this API retrieves audit details in Data One. The search is executed with an exact matching for all fields. The audit records can be sorted in ascending/descending order, according to record fields. Parameters:

Parameters

Value

Description

Data type

Query type

page

Page start (mandatory)

string

query

offset

Numeric offset page start (default=0)

string

query

limit

Number of entries (default=100)

string

query

q

See the next paragraph

Query parameter, entity-specific alias

string

query

sort

+entityType

-entityType

Fields to sort, prefixed with +/- (ascending/descending). If neither ascending nor descending order is configured, records are listed randomly.

string

query

Fields q parameter

Parameters

Description

id

Record id

clusterId

STENG or CEMAN

correlationId

Correlated record id, for anti-tampering purposes

nodeId

Node identifier

module

<Ceman_name> AUDIT

auditCode

In the Audit module, the message code has the AUDnnnnA format, where:

AUD: prefix for the Audit module
nnnn: number that identifies the specific message code
A: suffix that identifies the audit

auditOperation

The possible values are:

CREATE
MODIFY
DELETE
LOGIN
LOGOUT
PASSWORD CHANGE
SERVER_LOGIN
SERVER_LOGOUT
SERVER_CREATE_DIR
SERVER_CHANGE_DIR
SERVER_RENAME_DIR
SERVER_DELETE_DIR
SERVER_UPLOAD_FILE
SERVER_DOWNLOAD_FILE
SERVER_RENAME_FILE
SERVER_DELETE_FILE

dataoneUser

User that performs the operation.

entityType

For LOGIN or LOGOUT operations, the entity type is Ceman.

For the PASSWORD CHANGE operation, the entity type is Internal User or External User according to the type of the user to whom the password belongs.

entityName

The entity name, entered by the user.

For LOGIN or LOGOUT operations, the entity is Ceman Cluster Name.

For the PASSWORD CHANGE operation, the entity is the username of the user to whom the password belongs.

entityId

ID of the entity.

For LOGIN or LOGOUT operations, the entity ID is the Ceman Node Name when the user performed the operation.

For the PASSWORD CHANGE operation, the entity ID is the entity ID of the user to whom the password belongs.

auditMessage

The message displayed varies depending on the scenario.

auditTime

Date and time when the audited operation occurred, as Timestamp.

fromAuditTime

Timestamp for range filtering.

toAuditTime

Timestamp for range filtering.

Response:

HTTP Status code

Description

200

SUCCESS

401

Not authorized (login not performed or token expired).

4xx-5xx

Bad request; details in the error message (i.e., mandatory fields not present or with wrong values).

Examples

Request:

curl 'https\://ceman1:9443/data-one-application/api/v1/audit/logs?page=0&limit=25&q=%7BauditCode%3D%22AUD0007A%22%7D'  
  -H 'accept: application/json'  
  -H 'authorization: Bearer '{authorization token here}  
  -H 'content-type: application/json'

Response:

[
    {
        "id": "8af881e59541c90101954d18ecaa0184",
        "correlationId": "a9bdc6c9-b9bf-4c40-8d85-cf6ebedb7972",
        "clusterId": "CEMAN",
        "nodeId": "ceman1",
        "module": "Ceman Audit",
        "auditCode": "AUD0007A",
        "auditOperation": "LOGIN",
        "dataoneUser": "USER1",
        "entityType": "CEMAN",
        "entityId": "ceman1",
        "entityName": "CEMAN",
        "auditMessage": "User ‘USER1’ has logged in",
        "auditTime": "2025-02-28T15:07:13.960+00:00",
        "fromAuditTime": null,
        "toAuditTime": null,
        "dfiid": null
    }
]

PreviousSFTP Server sessions APIs 🚀Next... use different DNS names - NEW! 🚀

Last updated 3 days ago

curl 'https\://ceman1:9443/data-one-application/api/v1/audit/logs?page=0&limit=25&q=%7BauditCode%3D%22AUD0007A%22%7D' -H 'accept: application/json' -H 'authorization: Bearer '{authorization token here} -H 'content-type: application/json'

[ { "id": "8af881e59541c90101954d18ecaa0184", "correlationId": "a9bdc6c9-b9bf-4c40-8d85-cf6ebedb7972", "clusterId": "CEMAN", "nodeId": "ceman1", "module": "Ceman Audit", "auditCode": "AUD0007A", "auditOperation": "LOGIN", "dataoneUser": "USER1", "entityType": "CEMAN", "entityId": "ceman1", "entityName": "CEMAN", "auditMessage": "User ‘USER1’ has logged in", "auditTime": "2025-02-28T15:07:13.960+00:00", "fromAuditTime": null, "toAuditTime": null, "dfiid": null } ]