Audit Log
API call for monitoring of audit log information:
Audit Log
Display information about audit logs.
Audit Logs Using GET Method
If the query size is less than 2048 characters, use the GET method.
URL: https://vmanage-ip-address/dataservice/auditlog?query=query
Method: GET
Request Parameters
Name | Required | Description | Parameter Type | Data Type |
---|---|---|---|---|
query | Optional | Query to filter data returned | Query | String (json) |
Audit Logs Using POST Method
If the query size is more than 2048 characters, use the POST method. This is the recommended method.
URL: https://vmanage-ip-address/dataservice/auditlog
Method: POST
Request Parameters
Name | Required | Description | Parameter Type | Data Type |
---|---|---|---|---|
query | Optional | Query to filter data returned | Body | String (json) |
Response Content Type: application/json
Response Object: See Response Object, below.
Example
Get 10,000 audit logs from the previous six hours using the query below:
{ "query": { "condition": "AND", "rules": [ { "value": [ "6" ], "field": "entry_time", "type": "date", "operator": "last_n_hours" } ] }, "size": 10000 }
Get critical audit logs from the previous three hours:
{ "query": { "condition": "AND", "rules": [ { "value": [ "3" ], "field": "entry_time", "type": "date", "operator": "last_n_hours" }, { "value": [ "user" ], "field": "logmodule", "type": "string", "operator": "in" } ] } }
Supported Fields
Displays list of fields and corresponding data type for the audit log.
URL: https://vmanage-ip-address/dataservice/auditlog/fields
Method: GET
Response Object for Audit Log API Calls
Audit log API call responses have the following format:
{ "header": { "generatedOn": timestamp, milliseconds (UNIX time format), "viewKeys": { "uniqueKey": ["key"] }, "fields": [ properties and types ], }, "data": [ array of objects ] }
Additional Information
Using the vManage REST APIs
vManage Aggregation Query
vManage Simple Query