Audits
The audit resource allows you to gain insight of what goes on in your tenant.
Endpoints
Skip to section| GET | /v1/audits |
| GET | /v1/audits/{id} |
| GET | /v1/audits/archive |
| GET | /v1/audits/settings |
| GET | /v1/audits/sources |
| GET | /v1/audits/types |
Finds and returns the persisted audit events for the given tenant.
Facts GET /v1/audits
Rate limit required | Tier 1 (1000 requests per minute) |
Header Parameters GET /v1/audits
Authorization required string | The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema. |
Query Parameters GET /v1/audits
eventTime pattern='YYYY-MM-DDThh:mm:ss.sssZ/YYYY-MM-DDThh:mm:ss.sssZ' string | The start/end time interval formatted in ISO 8601 to search by eventTime. For example, "?eventTime=2021-07-14T18:41:15.00Z/2021-07-14T18:41:15.99Z". |
eventType string | The case-sensitive string used to search by eventType. |
id string | The comma separated list of audit unique identifiers. |
limit default=10, minimum=1, maximum=100 integer<int64> | The maximum number of resources to return for a request. |
next string | The cursor to the next page of resources. Provide either the next or prev cursor, but not both. |
prev string | The cursor to the previous page of resources. Provide either the next or prev cursor, but not both. |
sort default='-eventTime' string | The property of a resource to sort on (default sort is -eventTime). The supported properties are source, eventType, and eventTime. A property must be prefixed by + or - to indicate ascending or descending sort order respectively. |
source string | The case-sensitive string used to search by source. |
userId string | The case-sensitive string used to search by userId. |
Responses GET /v1/audits
200 application/json | OK Response |
400 application/json | Bad Request |
401 application/json | Not authorized. |
500 application/json | Internal Server Error |
GET/v1/audits
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits" \
-H "Authorization: Bearer <API-key>"Response GET /v1/audits
{
"data": [
{
"id": "string",
"data": {},
"links": {
"Self": {
"Href": "string"
},
"self": {
"href": "string"
}
},
"source": "string",
"userId": "string",
"eventId": "string",
"tenantId": "string",
"eventTime": "2023-11-29T00:09:26.453Z",
"eventType": "string",
"extensions": {
"actor": {
"sub": "string",
"subType": "string"
},
"ownerId": "string",
"spaceId": "string",
"topLevelResourceId": "string"
},
"contentType": "string",
"eventTypeVersion": "string"
}
],
"links": {
"Next": {
"Href": "string"
},
"Prev": {
"Href": "string"
},
"Self": {
"Href": "string"
},
"next": {
"href": "string"
},
"prev": {
"href": "string"
},
"self": {
"href": "string"
}
}
}Finds and returns the persisted audit events for the given tenant.
Facts GET /v1/audits/{id}
Rate limit required | Tier 1 (1000 requests per minute) |
Header Parameters GET /v1/audits/{id}
Authorization required string | The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema. |
Path Parameters GET /v1/audits/{id}
id required string | The audit item's unique identifier. |
Responses GET /v1/audits/{id}
200 application/json | OK Response |
400 application/json | Bad Request |
401 application/json | Not authorized. |
404 application/json | Not Found |
500 application/json | Internal Server Error |
GET/v1/audits/{id}
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/{id}" \
-H "Authorization: Bearer <API-key>"Response GET /v1/audits/{id}
{
"id": "string",
"data": {},
"links": {
"Self": {
"Href": "string"
},
"self": {
"href": "string"
}
},
"source": "string",
"userId": "string",
"eventId": "string",
"tenantId": "string",
"eventTime": "2023-11-29T00:09:26.454Z",
"eventType": "string",
"extensions": {
"actor": {
"sub": "string",
"subType": "string"
},
"ownerId": "string",
"spaceId": "string",
"topLevelResourceId": "string"
},
"contentType": "string",
"eventTypeVersion": "string"
}Retrieves audit events from long term storage.
Finds and returns audit events from the archive, formatted as a JSON array, for the given date and tenant (in JWT).
Facts GET /v1/audits/archive
Rate limit required | Tier 1 (1000 requests per minute) |
Header Parameters GET /v1/audits/archive
Authorization required string | The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema. |
Query Parameters GET /v1/audits/archive
date required, pattern='YYYY-MM-DD' string<date> | Date to be used as filter and criteria during extraction. |
Responses GET /v1/audits/archive
200 application/json | OK Response |
400 application/json | Bad Request |
401 application/json | Not authorized. |
404 application/json | Not Found |
500 application/json | Internal Server Error |
GET/v1/audits/archive
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/archive" \
-H "Authorization: Bearer <API-key>"Response GET /v1/audits/archive
{
"data": []
}Returns the server configuration options.
It includes options that represent the server configuration state and parameters that were used to run the server with certain functionality.
Facts GET /v1/audits/settings
Rate limit required | Tier 1 (1000 requests per minute) |
Header Parameters GET /v1/audits/settings
Authorization required string | The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema. |
Responses GET /v1/audits/settings
200 application/json | OK Response |
401 application/json | Not authorized. |
500 application/json | Internal Server Error |
GET/v1/audits/settings
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/settings" \
-H "Authorization: Bearer <API-key>"Response GET /v1/audits/settings
{
"data": {
"EventTTL": 0,
"ArchiveEnabled": true
}
}Finds and returns the distinct list of unique event sources.
Facts GET /v1/audits/sources
Rate limit required | Tier 1 (1000 requests per minute) |
Header Parameters GET /v1/audits/sources
Authorization required string | The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema. |
Responses GET /v1/audits/sources
200 application/json | OK Response |
401 application/json | Not authorized. |
500 application/json | Internal Server Error |
GET/v1/audits/sources
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/sources" \
-H "Authorization: Bearer <API-key>"Response GET /v1/audits/sources
{
"data": [],
"links": {
"Next": {
"Href": "string"
},
"Prev": {
"Href": "string"
},
"Self": {
"Href": "string"
},
"next": {
"href": "string"
},
"prev": {
"href": "string"
},
"self": {
"href": "string"
}
}
}Finds and returns the distinct list of unique event types.
Facts GET /v1/audits/types
Rate limit required | Tier 1 (1000 requests per minute) |
Header Parameters GET /v1/audits/types
Authorization required string | The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema. |
Responses GET /v1/audits/types
200 application/json | OK Response |
401 application/json | Not authorized. |
500 application/json | Internal Server Error |
GET/v1/audits/types
curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/types" \
-H "Authorization: Bearer <API-key>"Response GET /v1/audits/types
{
"data": [],
"links": {
"Next": {
"Href": "string"
},
"Prev": {
"Href": "string"
},
"Self": {
"Href": "string"
},
"next": {
"href": "string"
},
"prev": {
"href": "string"
},
"self": {
"href": "string"
}
}
}ErrorResponse
objectErrorResponse indicates the error response.
Properties
error deprecated string | No description |
errors | No description |
traceId string | No description |
EventExtensions
objectThe availability of the properties depends on the event and the context it was triggered in.
Properties
actor | Specifies the entity performing the action on behalf of another party listed as triggering the action. |
ownerId string | Id of the owner of the resource affected by the eventContext. |
spaceId string | Id of the space related to the action performed on the eventContext. |
updates PII data | Might be present if the action is of type "updated" and should contain information about the changes made to the resource. |
topLevelResourceId string | If the event originated from a sub resource the topLevelResourceId contains the id of the top level resource associated with the sub resource. |
GetArchiveResult
objectGetArchiveResult is the result type of the audit service GetArchive method.
Properties
data PII data Array<object> | List of archived events. The structure of the events depend on their type and version. |
GetByIDResult
objectGetByIDResult is the result type of the audit service GetByID method.
Properties
id string | The resource item's unique identifier. |
data PII data object | Additional information about the event's details. The structure depends on the type and version of the event. |
GetLinks are the HAL links for a single result. | GetLinks are the HAL links for a single result. |
source string | The source of the event message, usually the producing service. |
userId string | The ID of the user who performed the action that triggered the event. |
eventId string | The event's unique identifier. |
tenantId string | The ID of the tenant that owns the item. This is populated using the JWT. |
eventTime string<date-time> | The RFC3339 datetime when the event happened. |
eventType string | The type of event that describes committed action. |
Additional metadata and custom fields. | The availability of the properties depends on the event and the context it was triggered in. |
contentType string | The type that content is encoded in, always "application/json". |
eventTypeVersion string | The version of the event type. |
GetLinks
objectGetLinks are the HAL links for a single result.
Properties
Href is a URL. deprecated | Href is a URL. |
href is a URL. | href is a URL. |
GetObjectsResult
objectGetObjectsResult is the result type of audit service generic resources.
Properties
data Array<string> | List of requested resources. |
ListLinks are the HAL links for a list result. | ListLinks are the HAL links for a list result. |
GetResult
objectGetResult is the result type of the audit service Get method.
Properties
data | List of audit items. |
ListLinks are the HAL links for a list result. | ListLinks are the HAL links for a list result. |
GetSettingsResult
objectGetSettingsResult is the result type of a getSettings request.
Properties
data | Server configuration options. |
href
objecthref is a URL.
Properties
href string | No description |
Href
objectHref is a URL.
Properties
Href deprecated string | No description |
ListLinks
objectListLinks are the HAL links for a list result.
Properties
Href is a URL. deprecated | Href is a URL. |
Href is a URL. deprecated | Href is a URL. |
Href is a URL. deprecated | Href is a URL. |
href is a URL. | href is a URL. |
href is a URL. | href is a URL. |
href is a URL. | href is a URL. |
