Audits
Audits provides access to events emitted upon each action taken in your tenant, providing detailed access to what's happening in your tenant.
Retrieves list of events for subscribed services for your tenant. Stores events for 90 days, after which they can be accessed via /v1/audits/archive
.
Facts
Rate limit | Special (1000 requests per minute) |
Categories | manage |
Header Parameters
- AuthorizationstringRequired
The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.
Query Parameters
- eventTimestring
The start/end time interval formatted in ISO 8601 to search by eventTime. For example, "?eventTime=2021-07-14T18:41:15.00Z/2021-07-14T18:41:15.99Z".
- eventTypestring
The case-sensitive string used to search by eventType. Retrieve a list of possible eventTypes with
/v1/audits/types
. - idstring
The comma separated list of audit unique identifiers.
- limitinteger
The maximum number of resources to return for a request.
- nextstring
The cursor to the next page of resources. Provide either the next or prev cursor, but not both.
- prevstring
The cursor to the previous page of resources. Provide either the next or prev cursor, but not both.
- sortstring
The property of a resource to sort on (default sort is -eventTime). The supported properties are source, eventType, and eventTime. A property must be prefixed by + or - to indicate ascending or descending sort order respectively.
- sourcestring
The case-sensitive string used to search by source. Retrieve a list of possible sources with
/v1/audits/sources
. - userIdstring
The case-sensitive string used to search by userId.
Responses
200
application/json
OK Response
- application/jsonobject
application/json properties
- dataarray of objects
List of audit items.
data properties
- idstring
The resource item's unique identifier.
- dataobject
Additional information about the event's details. The structure depends on the type and version of the event.
- linksobject
links properties
- selfobject
self properties
- hrefstring
-
-
- sourcestring
The source of the event message, usually the producing service.
- userIdstring
The ID of the user who performed the action that triggered the event.
- eventIdstring
The event's unique identifier.
- tenantIdstring
The ID of the tenant that owns the item. This is populated using the JWT.
- eventTimestring
The RFC3339 datetime when the event happened.
- eventTypestring
The type of event that describes committed action.
- extensionsobject
The availability of the properties depends on the event and the context it was triggered in.
extensions properties
- actorobject
Specifies the entity performing the action on behalf of another party listed as triggering the action.
actor properties
- substring
Opaque value identifying impersonating entity.
- subTypestring
The type of the impersonating entity.
-
- ownerIdstring
Id of the owner of the resource affected by the eventContext.
- spaceIdstring
Id of the space related to the action performed on the eventContext.
- updatesany
Might be present if the action is of type "updated" and should contain information about the changes made to the resource.
- topLevelResourceIdstring
If the event originated from a sub resource the topLevelResourceId contains the id of the top level resource associated with the sub resource.
-
- contentTypestring
The type that content is encoded in, always "application/json".
- eventTypeVersionstring
The version of the event type.
-
- linksobject
links properties
- nextobject
next properties
- hrefstring
-
- prevobject
prev properties
- hrefstring
-
- selfobject
self properties
- hrefstring
-
-
-
400
application/json
Bad Request
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
401
application/json
Not authorized.
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
500
application/json
Internal Server Error
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits" \
-H "Authorization: Bearer <access_token>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/audits',
'method': 'GET',
'headers': {
'Authorization': 'Bearer <access_token>'
}
}
const req = https.request(options)
qlik audit ls
Response
{
"data": [
{
"id": "string",
"data": {},
"links": {
"self": {
"href": "string"
}
},
"source": "string",
"userId": "string",
"eventId": "string",
"tenantId": "string",
"eventTime": "2018-10-30T07:06:22Z",
"eventType": "string",
"extensions": {
"actor": {
"sub": "string",
"subType": "string"
},
"ownerId": "string",
"spaceId": "string",
"topLevelResourceId": "string"
},
"contentType": "string",
"eventTypeVersion": "string"
}
],
"links": {
"next": {
"href": "string"
},
"prev": {
"href": "string"
},
"self": {
"href": "string"
}
}
}
Finds and returns a specific audit events for the given event ID.
Facts
Rate limit | Special (1000 requests per minute) |
Categories | manage |
Header Parameters
- AuthorizationstringRequired
The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.
Path Parameters
- idstringRequired
The audit item's unique identifier.
Responses
200
application/json
OK Response
- application/jsonobject
application/json properties
- idstring
The resource item's unique identifier.
- dataobject
Additional information about the event's details. The structure depends on the type and version of the event.
- linksobject
links properties
- selfobject
self properties
- hrefstring
-
-
- sourcestring
The source of the event message, usually the producing service.
- userIdstring
The ID of the user who performed the action that triggered the event.
- eventIdstring
The event's unique identifier.
- tenantIdstring
The ID of the tenant that owns the item. This is populated using the JWT.
- eventTimestring
The RFC3339 datetime when the event happened.
- eventTypestring
The type of event that describes committed action.
- extensionsobject
The availability of the properties depends on the event and the context it was triggered in.
extensions properties
- actorobject
Specifies the entity performing the action on behalf of another party listed as triggering the action.
actor properties
- substring
Opaque value identifying impersonating entity.
- subTypestring
The type of the impersonating entity.
-
- ownerIdstring
Id of the owner of the resource affected by the eventContext.
- spaceIdstring
Id of the space related to the action performed on the eventContext.
- updatesany
Might be present if the action is of type "updated" and should contain information about the changes made to the resource.
- topLevelResourceIdstring
If the event originated from a sub resource the topLevelResourceId contains the id of the top level resource associated with the sub resource.
-
- contentTypestring
The type that content is encoded in, always "application/json".
- eventTypeVersionstring
The version of the event type.
-
400
application/json
Bad Request
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
401
application/json
Not authorized.
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
404
application/json
Not Found
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
500
application/json
Internal Server Error
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/{id}" \
-H "Authorization: Bearer <access_token>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/audits/{id}',
'method': 'GET',
'headers': {
'Authorization': 'Bearer <access_token>'
}
}
const req = https.request(options)
qlik audit get <auditId>
Response
{
"id": "string",
"data": {},
"links": {
"self": {
"href": "string"
}
},
"source": "string",
"userId": "string",
"eventId": "string",
"tenantId": "string",
"eventTime": "2018-10-30T07:06:22Z",
"eventType": "string",
"extensions": {
"actor": {
"sub": "string",
"subType": "string"
},
"ownerId": "string",
"spaceId": "string",
"topLevelResourceId": "string"
},
"contentType": "string",
"eventTypeVersion": "string"
}
Retrieves audit events from long term storage. Finds and returns audit events from the archive, formatted as a JSON array, for the given date and tenant (in JWT). Archived events are not removed.
Facts
Rate limit | Special (1000 requests per minute) |
Categories | manage |
Header Parameters
- AuthorizationstringRequired
The JWT is used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.
Query Parameters
- datestringRequired
Date to be used as filter and criteria during extraction.
Responses
200
application/json
OK Response
- application/jsonobject
application/json properties
- dataarray of objects
List of archived events. The structure of the events depend on their type and version.
-
400
application/json
Bad Request
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
401
application/json
Not authorized.
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
404
application/json
Not Found
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
500
application/json
Internal Server Error
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/archive" \
-H "Authorization: Bearer <access_token>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/audits/archive',
'method': 'GET',
'headers': {
'Authorization': 'Bearer <access_token>'
}
}
const req = https.request(options)
qlik audit archive
Response
{
"data": [
{}
]
}
Returns the server configuration options. It includes options that represent the server configuration state and parameters that were used to run the server with certain functionality.
Facts
Rate limit | Special (1000 requests per minute) |
Categories | manage |
Header Parameters
- AuthorizationstringRequired
The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.
Responses
200
application/json
OK Response
- application/jsonobject
application/json properties
- dataobject
Server configuration options.
data properties
- EventTTLinteger
The events TTL in seconds.
- ArchiveEnabledboolean
Is Long Term Storage archiving enabled?.
-
-
401
application/json
Not authorized.
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
500
application/json
Internal Server Error
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/settings" \
-H "Authorization: Bearer <access_token>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/audits/settings',
'method': 'GET',
'headers': {
'Authorization': 'Bearer <access_token>'
}
}
const req = https.request(options)
qlik audit settings
Response
{
"data": {
"EventTTL": 42,
"ArchiveEnabled": true
}
}
Finds and returns the list of possible event sources for this tenant.
Facts
Rate limit | Special (1000 requests per minute) |
Categories | manage |
Header Parameters
- AuthorizationstringRequired
The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.
Responses
200
application/json
OK Response
- application/jsonobject
application/json properties
- dataarray of strings
List of requested resources.
- linksobject
links properties
- nextobject
next properties
- hrefstring
-
- prevobject
prev properties
- hrefstring
-
- selfobject
self properties
- hrefstring
-
-
-
401
application/json
Not authorized.
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
500
application/json
Internal Server Error
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/sources" \
-H "Authorization: Bearer <access_token>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/audits/sources',
'method': 'GET',
'headers': {
'Authorization': 'Bearer <access_token>'
}
}
const req = https.request(options)
qlik audit sources
Response
{
"data": [
"string"
],
"links": {
"next": {
"href": "string"
},
"prev": {
"href": "string"
},
"self": {
"href": "string"
}
}
}
Finds and returns the list of possible event types for this tenant.
Facts
Rate limit | Special (1000 requests per minute) |
Categories | manage |
Header Parameters
- AuthorizationstringRequired
The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.
Responses
200
application/json
OK Response
- application/jsonobject
application/json properties
- dataarray of strings
List of requested resources.
- linksobject
links properties
- nextobject
next properties
- hrefstring
-
- prevobject
prev properties
- hrefstring
-
- selfobject
self properties
- hrefstring
-
-
-
401
application/json
Not authorized.
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
500
application/json
Internal Server Error
- application/jsonobject
application/json properties
- errorsarray of objects
errors properties
- codestring
- titlestring
- detailstring
-
- traceIdstring
-
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/types" \
-H "Authorization: Bearer <access_token>"
const https = require('https')
const data = JSON.stringify("")
const options = {
'hostname': 'https://your-tenant.us.qlikcloud.com',
'port': 443,
'path': '/api/v1/audits/types',
'method': 'GET',
'headers': {
'Authorization': 'Bearer <access_token>'
}
}
const req = https.request(options)
qlik audit types
Response
{
"data": [
"string"
],
"links": {
"next": {
"href": "string"
},
"prev": {
"href": "string"
},
"self": {
"href": "string"
}
}
}