Audits

The audit resource allows you to gain insight of what goes on in your tenant.

Endpoints

Skip to section
GET/v1/audits
GET/v1/audits/{id}
GET/v1/audits/archive
GET/v1/audits/settings
GET/v1/audits/sources
GET/v1/audits/types

Finds and returns the persisted audit events for the given tenant.

manage

Facts GET /v1/audits

Rate limit
required
Tier 1 (1000 requests per minute)

Header Parameters GET /v1/audits

Authorization
required
string

The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Query Parameters GET /v1/audits

eventTime
pattern='YYYY-MM-DDThh:mm:ss.sssZ/YYYY-MM-DDThh:mm:ss.sssZ'
string

The start/end time interval formatted in ISO 8601 to search by eventTime. For example, "?eventTime=2021-07-14T18:41:15.00Z/2021-07-14T18:41:15.99Z".

eventType
string

The case-sensitive string used to search by eventType.

id
string

The comma separated list of audit unique identifiers.

limit
default=10, minimum=1, maximum=100
integer<int64>

The maximum number of resources to return for a request.

next
string

The cursor to the next page of resources. Provide either the next or prev cursor, but not both.

prev
string

The cursor to the previous page of resources. Provide either the next or prev cursor, but not both.

sort
default='-eventTime'
string

The property of a resource to sort on (default sort is -eventTime). The supported properties are source, eventType, and eventTime. A property must be prefixed by + or - to indicate ascending or descending sort order respectively.

source
string

The case-sensitive string used to search by source.

userId
string

The case-sensitive string used to search by userId.

Responses GET /v1/audits

200
application/json

OK Response

400
application/json

Bad Request

401
application/json

Not authorized.

500
application/json

Internal Server Error

GET/v1/audits

curl "https://your-tenant.us.qlikcloud.com/api/v1/audits" \
 -H "Authorization: Bearer <API-key>"

Response GET /v1/audits

{
  "data": [
    {
      "id": "string",
      "data": {},
      "links": {
        "Self": {
          "Href": "string"
        },
        "self": {
          "href": "string"
        }
      },
      "source": "string",
      "userId": "string",
      "eventId": "string",
      "tenantId": "string",
      "eventTime": "2023-11-29T00:09:26.453Z",
      "eventType": "string",
      "extensions": {
        "actor": {
          "sub": "string",
          "subType": "string"
        },
        "ownerId": "string",
        "spaceId": "string",
        "topLevelResourceId": "string"
      },
      "contentType": "string",
      "eventTypeVersion": "string"
    }
  ],
  "links": {
    "Next": {
      "Href": "string"
    },
    "Prev": {
      "Href": "string"
    },
    "Self": {
      "Href": "string"
    },
    "next": {
      "href": "string"
    },
    "prev": {
      "href": "string"
    },
    "self": {
      "href": "string"
    }
  }
}

Finds and returns the persisted audit events for the given tenant.

manage

Facts GET /v1/audits/{id}

Rate limit
required
Tier 1 (1000 requests per minute)

Header Parameters GET /v1/audits/{id}

Authorization
required
string

The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Path Parameters GET /v1/audits/{id}

id
required
string

The audit item's unique identifier.

Responses GET /v1/audits/{id}

200
application/json

OK Response

400
application/json

Bad Request

401
application/json

Not authorized.

404
application/json

Not Found

500
application/json

Internal Server Error

GET/v1/audits/{id}

curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/{id}" \
 -H "Authorization: Bearer <API-key>"

Response GET /v1/audits/{id}

{
  "id": "string",
  "data": {},
  "links": {
    "Self": {
      "Href": "string"
    },
    "self": {
      "href": "string"
    }
  },
  "source": "string",
  "userId": "string",
  "eventId": "string",
  "tenantId": "string",
  "eventTime": "2023-11-29T00:09:26.454Z",
  "eventType": "string",
  "extensions": {
    "actor": {
      "sub": "string",
      "subType": "string"
    },
    "ownerId": "string",
    "spaceId": "string",
    "topLevelResourceId": "string"
  },
  "contentType": "string",
  "eventTypeVersion": "string"
}

Retrieves audit events from long term storage.

manage

Finds and returns audit events from the archive, formatted as a JSON array, for the given date and tenant (in JWT).

Facts GET /v1/audits/archive

Rate limit
required
Tier 1 (1000 requests per minute)

Header Parameters GET /v1/audits/archive

Authorization
required
string

The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Query Parameters GET /v1/audits/archive

date
required, pattern='YYYY-MM-DD'
string<date>

Date to be used as filter and criteria during extraction.

Responses GET /v1/audits/archive

200
application/json

OK Response

400
application/json

Bad Request

401
application/json

Not authorized.

404
application/json

Not Found

500
application/json

Internal Server Error

GET/v1/audits/archive

curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/archive" \
 -H "Authorization: Bearer <API-key>"

Response GET /v1/audits/archive

{
  "data": []
}

Returns the server configuration options.

manage

It includes options that represent the server configuration state and parameters that were used to run the server with certain functionality.

Facts GET /v1/audits/settings

Rate limit
required
Tier 1 (1000 requests per minute)

Header Parameters GET /v1/audits/settings

Authorization
required
string

The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Responses GET /v1/audits/settings

200
application/json

OK Response

401
application/json

Not authorized.

500
application/json

Internal Server Error

GET/v1/audits/settings

curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/settings" \
 -H "Authorization: Bearer <API-key>"

Response GET /v1/audits/settings

{
  "data": {
    "EventTTL": 0,
    "ArchiveEnabled": true
  }
}

Finds and returns the distinct list of unique event sources.

manage

Facts GET /v1/audits/sources

Rate limit
required
Tier 1 (1000 requests per minute)

Header Parameters GET /v1/audits/sources

Authorization
required
string

The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Responses GET /v1/audits/sources

200
application/json

OK Response

401
application/json

Not authorized.

500
application/json

Internal Server Error

GET/v1/audits/sources

curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/sources" \
 -H "Authorization: Bearer <API-key>"

Response GET /v1/audits/sources

{
  "data": [],
  "links": {
    "Next": {
      "Href": "string"
    },
    "Prev": {
      "Href": "string"
    },
    "Self": {
      "Href": "string"
    },
    "next": {
      "href": "string"
    },
    "prev": {
      "href": "string"
    },
    "self": {
      "href": "string"
    }
  }
}

Finds and returns the distinct list of unique event types.

manage

Facts GET /v1/audits/types

Rate limit
required
Tier 1 (1000 requests per minute)

Header Parameters GET /v1/audits/types

Authorization
required
string

The JWT used for authentication. Send the JWT in the AuthRequest header using the Bearer schema.

Responses GET /v1/audits/types

200
application/json

OK Response

401
application/json

Not authorized.

500
application/json

Internal Server Error

GET/v1/audits/types

curl "https://your-tenant.us.qlikcloud.com/api/v1/audits/types" \
 -H "Authorization: Bearer <API-key>"

Response GET /v1/audits/types

{
  "data": [],
  "links": {
    "Next": {
      "Href": "string"
    },
    "Prev": {
      "Href": "string"
    },
    "Self": {
      "Href": "string"
    },
    "next": {
      "href": "string"
    },
    "prev": {
      "href": "string"
    },
    "self": {
      "href": "string"
    }
  }
}

ErrorResponse

object

ErrorResponse indicates the error response.

Properties

error
deprecated
string

No description

errors

No description

traceId
string

No description

EventExtensions

object

The availability of the properties depends on the event and the context it was triggered in.

Properties

actor

Specifies the entity performing the action on behalf of another party listed as triggering the action.

ownerId
string

Id of the owner of the resource affected by the eventContext.

spaceId
string

Id of the space related to the action performed on the eventContext.

updates
PII data

Might be present if the action is of type "updated" and should contain information about the changes made to the resource.

topLevelResourceId
string

If the event originated from a sub resource the topLevelResourceId contains the id of the top level resource associated with the sub resource.

GetArchiveResult

object

GetArchiveResult is the result type of the audit service GetArchive method.

Properties

data
PII data
Array<object>

List of archived events. The structure of the events depend on their type and version.

GetByIDResult

object

GetByIDResult is the result type of the audit service GetByID method.

Properties

id
string

The resource item's unique identifier.

data
PII data
object

Additional information about the event's details. The structure depends on the type and version of the event.

GetLinks are the HAL links for a single result.

GetLinks are the HAL links for a single result.

source
string

The source of the event message, usually the producing service.

userId
string

The ID of the user who performed the action that triggered the event.

eventId
string

The event's unique identifier.

tenantId
string

The ID of the tenant that owns the item. This is populated using the JWT.

eventTime
string<date-time>

The RFC3339 datetime when the event happened.

eventType
string

The type of event that describes committed action.

Additional metadata and custom fields.

The availability of the properties depends on the event and the context it was triggered in.

contentType
string

The type that content is encoded in, always "application/json".

eventTypeVersion
string

The version of the event type.

GetObjectsResult

object

GetObjectsResult is the result type of audit service generic resources.

Properties

data
Array<string>

List of requested resources.

ListLinks are the HAL links for a list result.

ListLinks are the HAL links for a list result.

GetResult

object

GetResult is the result type of the audit service Get method.

Properties

data

List of audit items.

ListLinks are the HAL links for a list result.

ListLinks are the HAL links for a list result.

GetSettingsResult

object

GetSettingsResult is the result type of a getSettings request.

Properties

data

Server configuration options.

href

object

href is a URL.

Properties

href
string

No description

Href

object
deprecated

Href is a URL.

Properties

Href
deprecated
string

No description

v0.879.8
Was this page helpful?