Audit Logs APIs πŸš€

This API is designed to extract detailed audit information from the Data One platform.

It performs searches using precise matching criteria for all specified fields, ensuring that results are highly accurate. Additionally, audit records can be sorted either in ascending or descending order, depending on the record fields.

Audit List

Endpoint: /audit/logs Method: GET Context: /data-one-application/api/v1 Description: this API retrieves audit details in Data One. The search is executed with an exact matching for all fields. The audit records can be sorted in ascending/descending order, according to record fields. Parameters:

Parameters
Value
Description
Data type
Query type

page

Page start (mandatory)

string

query

offset

Numeric offset page start (default=0)

string

query

limit

Number of entries (default=100)

string

query

q

See the next paragraph

Query parameter, entity-specific alias

string

query

sort

+entityType

-entityType

Fields to sort, prefixed with +/- (ascending/descending). If neither ascending nor descending order is configured, records are listed randomly.

string

query

Fields q parameter

Parameters
Description

id

Record id

clusterId

STENG or CEMAN

correlationId

Correlated record id, for anti-tampering purposes

nodeId

Node identifier

module

<Ceman_name> AUDIT

auditCode

In the Audit module, the message code has the AUDnnnnA format, where:

  • AUD: prefix for the Audit module

  • nnnn: number that identifies the specific message code

  • A: suffix that identifies the audit

The complete list of message codes is on the Audit Message Codes page.

auditOperation

The possible values are:

  • CREATE

  • MODIFY

  • DELETE

  • LOGIN

  • LOGOUT

  • PASSWORD CHANGE

  • SERVER_LOGIN

  • SERVER_LOGOUT

  • SERVER_CREATE_DIR

  • SERVER_CHANGE_DIR

  • SERVER_RENAME_DIR

  • SERVER_DELETE_DIR

  • SERVER_UPLOAD_FILE

  • SERVER_DOWNLOAD_FILE

  • SERVER_RENAME_FILE

  • SERVER_DELETE_FILE

dataoneUser

User that performs the operation.

entityType

This is the entity type, whose complete list is on the Entity Types page.

For LOGIN or LOGOUT operations, the entity type is Ceman.

For the PASSWORD CHANGE operation, the entity type is Internal User or External User according to the type of the user to whom the password belongs.

entityName

The entity name, entered by the user.

For LOGIN or LOGOUT operations, the entity is Ceman Cluster Name.

For the PASSWORD CHANGE operation, the entity is the username of the user to whom the password belongs.

entityId

ID of the entity.

For LOGIN or LOGOUT operations, the entity ID is the Ceman Node Name when the user performed the operation.

For the PASSWORD CHANGE operation, the entity ID is the entity ID of the user to whom the password belongs.

auditMessage

The message displayed varies depending on the scenario.

auditTime

Date and time when the audited operation occurred, as Timestamp.

fromAuditTime

Timestamp for range filtering.

toAuditTime

Timestamp for range filtering.

  • Response:

HTTP Status code
Description

200

SUCCESS

401

Not authorized (login not performed or token expired).

4xx-5xx

Bad request; details in the error message (i.e., mandatory fields not present or with wrong values).

Examples

Request:

curl 'https\://ceman1:9443/data-one-application/api/v1/audit/logs?page=0&limit=25&q=%7BauditCode%3D%22AUD0007A%22%7D'  
  -H 'accept: application/json'  
  -H 'authorization: Bearer '{authorization token here}  
  -H 'content-type: application/json'

Response:

[
    {
        "id": "8af881e59541c90101954d18ecaa0184",
        "correlationId": "a9bdc6c9-b9bf-4c40-8d85-cf6ebedb7972",
        "clusterId": "CEMAN",
        "nodeId": "ceman1",
        "module": "Ceman Audit",
        "auditCode": "AUD0007A",
        "auditOperation": "LOGIN",
        "dataoneUser": "USER1",
        "entityType": "CEMAN",
        "entityId": "ceman1",
        "entityName": "CEMAN",
        "auditMessage": "User β€˜USER1’ has logged in",
        "auditTime": "2025-02-28T15:07:13.960+00:00",
        "fromAuditTime": null,
        "toAuditTime": null,
        "dfiid": null
    }
]

Last updated