Defines the schema for audit logs.
API Endpoint | https://api.bigpanda.io/resources/v2.0/audit/logs/ |
---|---|
Supported Methods | GET |
Parameters
The Audit Log
object schema includes the following attributes:
Attribute | Description | Type |
---|---|---|
actor | The user or system that made the change. Attributes: type - whether the change was made by a user or the system. One of system-generated or user user - (Only included in changes performed by a user) Data on the user account that performed the action. Attributes: id, email, and name. | Object |
context | (Only included in changes performed by a user) Actor access details as reported by the client. actor_access object attributes: user_agent - information about the user’s browser. ip_address - the access point used to access the system. | Object |
timestamp | Unix epoch time when the event occurred (in seconds). | Timestamp (in seconds) |
resource_id | The system id of the resource that was changed. | String |
resource_type | The resource type that was changed. Possible returns are: - auto_share_rules - correlation_patterns - enrichment v1 custom_tags - environments - users - integrations - enrichment v2 resources: -- tag_enrichments_order -- tag_enrichments -- tag -- mapping_enrichment | String |
action_type | The action that was made. The following action types are available: init_state: this type is used only as an initial value create: when a resource is created. update: when a resource is updated. delete: when a resource is deleted. | String |
object | The resource object after the change. Resource objects include: -Alert Correlation -AutoShare -Environments -Users -Integrations -Alert Enrichments When the resource is deleted, the object is {null}. | Object |
Sample Objects:
curl --request GET \
--url 'https://api.bigpanda.io/resources/v2.0/audit/logs?resource_type=users&action_type=create&start=1697765051&end=1697765555&per_page=100' \
--header 'Authorization: Bearer <User API Key>' \
--header 'accept: application/json'
{
"actor": {
"type": "user",
"user": {
"id": "62f0ec2d95918d0012bba5553",
"email": "[email protected]"
}
},
"action_type": "update",
"context": {
"actor_access": {
"ip_address": "::ffff:10.12.55.55",
"user_agent": "axios/0.24.0"
}
},
"resource_type": "users",
"resource_id": "631471d494528700126ca555",
"timestamp": 1662284339,
"object": {
"createdAt": 1662284244,
"lastLoginAt": 1662284281,
"name": "Nataly",
"state": "valid",
"firstLoginAt": 1662284281,
"username": "[email protected]",
"id": "631471d494528700126a5559"
}
}