Defines the schema for audit logs.
| API Endpoint | https://api.bigpanda.io/resources/v2.0/audit/logs/ |
|---|---|
| Supported Methods | GET |
Parameters
The Audit Log object schema includes the following attributes:
| Attribute | Description | Type | Example |
|---|---|---|---|
| actor | The user or system that made the change. Attributes: type - whether the change was made by a user or the system. One of system-generated or user user - (Only included in changes performed by a user) Data on the user account that performed the action. Attributes: id, email, and name. | Object | { "type":"user", "user": { "id":"235554234242892734", "email":"[email protected]", "name":"BP user" } } |
| context | (Only included in changes performed by a user) Actor access details as reported by the client. actor_access object attributes: user_agent - information about the user’s browser. ip_address - the access point used to access the system. | Object | { "actor_access": { "ip_address": "52.555.23.8", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.5556.81 Safari/537.36" } } |
| timestamp | Unix epoch time when the event occurred (in seconds). | Timestamp (in seconds) | "1588697026" |
| resource_id | The system id of the resource that was changed. | String | "fc4dfad7-0ab8-4117-a60e-71faac986eef" |
| resource_type | The resource type that was changed. Possible returns are: - correlation_patterns - enrichment v1 custom_tags - environments - users | String | "correlation_pattern" |
| action_type | The action that was made. The following action types are available: init_state: this type is used only as an initial value create: when a resource is created. update: when a resource is updated. delete: when a resource is deleted. | String | "update" |
| object | The resource object after the change. Resource objects include: -Alert Correlation -AutoShare -Environments -Users -Alert Enrichments When the resource is deleted, the object is {null}. | Object | { "filter": "source_system = 'api.mwv2demo' AND zero_impact != 'true'", "updated_at": 1554606117, "name": "MWV2 Demo", "created_at": 1554606117, "id": "5ca96825a5bd7724508374ba" } |