Defines the schema for audit logs.
| API Endpoint | https://api.bigpanda.io/resources/v2.0/audit/logs/ |
|---|---|
| Supported Methods | GET |
Parameters
The Audit Log object schema includes the following attributes:
| Attribute | Description | Type |
|---|---|---|
| actor | The user or system that made the change. Possible returns are: type - whether the change was made by a user or the system. Attributes: user and system-generated.user - Details on the user account that performed the action. (Only included in changes made by a user.) Attributes: id, email, and name. | Object |
| action_type | The action that was made. Possible returns are:init_state - the initial value.create - when a resource is created.update - when a resource is updated.delete - when a resource is deleted. | String |
| context | Actor access details as reported by the client. (Only included in changes performed by a user.)actor_access object attributes:user_agent - information about the user’s browser.ip_address - the access point used to access the system. | Object |
| timestamp | Unix epoch time when the event occurred (in seconds). | Timestamp (in seconds) |
| resource_id | The system id of the resource that was changed. | String |
| resource_type | The resource type that was changed. Possible returns are:alert_filteringapi_keysauto_share_rulescorrelation_patternsenrichment v1 custom_tags environmentsenrichment v2 resources:- tag_enrichments_order- tag_enrichments tag- mapping_enrichmentintegrationsjit_domainsjit_rolesrolessso_configsso_testusers | String |
| object | The resource object after the change. Resource objects include: Alert Correlation Alert Enrichments Alert Filtering API Keys AutoShare Environments Integrations JIT Provisioning Maintenance Plans Roles SAML Attribute Mapping SSO Config SSO Test Users When the resource is deleted, the object is {null}. | Object |
Sample Object
curl --request GET \
--url 'https://api.bigpanda.io/resources/v2.0/audit/logs?resource_type=users&action_type=create&start=1697765051&end=1697765555&per_page=100' \
--header 'Authorization: Bearer <User API Key>' \
--header 'accept: application/json'
{
"actor": {
"type": "user",
"user": {
"id": "62f0ec2d95918d0012bba5553",
"email": "[email protected]"
}
},
"action_type": "update",
"context": {
"actor_access": {
"ip_address": "::ffff:10.12.55.55",
"user_agent": "axios/0.24.0"
}
},
"resource_type": "users",
"resource_id": "631471d494528700126ca555",
"timestamp": 1662284339,
"object": {
"createdAt": 1662284244,
"lastLoginAt": 1662284281,
"name": "Nataly",
"state": "valid",
"firstLoginAt": 1662284281,
"username": "[email protected]",
"id": "631471d494528700126a5559"
}
}