Audit Log
API call for monitoring of audit log information:
Audit Log
Display information about audit logs.
Audit Logs Using GET Method
If the query size is less than 2048 characters, use the GET method.
URL: https://vmanage-ip-address/dataservice/auditlog?query=query
Method: GET
Request Parameters
| Name | Required | Description | Parameter Type | Data Type |
|---|---|---|---|---|
| query | Optional | Query to filter data returned | Query | String (json) |
Audit Logs Using POST Method
If the query size is more than 2048 characters, use the POST method. This is the recommended method.
URL: https://vmanage-ip-address/dataservice/auditlog
Method: POST
Request Parameters
| Name | Required | Description | Parameter Type | Data Type |
|---|---|---|---|---|
| query | Optional | Query to filter data returned | Body | String (json) |
Response Content Type: application/json
Response Object: See Response Object, below.
Example
Get 10,000 audit logs from the previous six hours using the query below:
{
"query": {
"condition": "AND",
"rules": [
{
"value": [
"6"
],
"field": "entry_time",
"type": "date",
"operator": "last_n_hours"
}
]
},
"size": 10000
}
Get critical audit logs from the previous three hours:
{
"query": {
"condition": "AND",
"rules": [
{
"value": [
"3"
],
"field": "entry_time",
"type": "date",
"operator": "last_n_hours"
},
{
"value": [
"user"
],
"field": "logmodule",
"type": "string",
"operator": "in"
}
]
}
}
Supported Fields
Displays list of fields and corresponding data type for the audit log.
URL: https://vmanage-ip-address/dataservice/auditlog/fields
Method: GET
Response Object for Audit Log API Calls
Audit log API call responses have the following format:
{
"header": {
"generatedOn": timestamp, milliseconds (UNIX time format),
"viewKeys": {
"uniqueKey": ["key"]
},
"fields": [
properties and types
],
},
"data": [
array of objects
]
} Additional Information
Using the vManage REST APIs
vManage Aggregation Query
vManage Simple Query