Use this endpoint to get audit log records for your IoT Device Manager account.
curl --request GET 'https://one.digicert.com/iot/api/v1/audit-log?limit=3' \
--header 'x-api-key: {{api_key}}' \
--header 'Content-Type: application/json'
{
"limit": 3,
"offset": 0,
"total": 26,
"records": [
{
"id": "8bb7b9a0-b23c-4cb3-bfcf-91b75e0eae55",
"account_id": "6ff62c42-e64d-4370-a706-2dadb35611c5",
"division_id": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
"resource_type": "division",
"resource_name": "New division",
"resource": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
"authentication_type": "user",
"authentication_id": "00000000-0000-0000-0000-000000000000",
"authentication": "local.admin",
"action": "update",
"description": "Failed to update new division",
"status": "failed",
"error_message": "Please provide a unique name for division",
"detailed_error_message": "com.digicert.snowbird.iot.exception.InvalidInputException: Please provide a unique name for division\n\tat com.digicert.snowbird.iot.service.core.DivisionService.validateUniqueDivisionName(DivisionService.java:155",
"request": "{\"name\":\"IoT Account\",\"description\":\"Description updated\",\"account_id\":\"6ff62c42-e64d-4370-a706-2dadb35611c5\"}",
"created_at": "2020-11-05T08:36:50Z"
},
{
"id": "b15daa5d-d193-4d3e-aba7-9a8219551c30",
"account_id": "6ff62c42-e64d-4370-a706-2dadb35611c5",
"division_id": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
"resource_type": "division",
"resource_name": "New division",
"resource": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
"authentication_type": "user",
"authentication_id": "00000000-0000-0000-0000-000000000000",
"authentication": "local.admin",
"action": "update",
"description": "Division has been updated",
"status": "success",
"properties": [
{
"name": "account.id",
"changed": false,
"value_after": "6ff62c42-e64d-4370-a706-2dadb35611c5"
},
{
"name": "account.name",
"changed": false,
"value_after": "IoT Account"
},
{
"name": "created_at",
"changed": false,
"value_after": "2020-11-05T08:35:26Z"
},
{
"name": "description",
"changed": true,
"value_before": "Description",
"value_after": "Description updated"
},
{
"name": "id",
"changed": false,
"value_after": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8"
},
{
"name": "name",
"changed": false,
"value_after": "New division"
},
{
"name": "status",
"changed": false,
"value_after": "ACTIVE"
}
],
"created_at": "2020-11-05T08:35:47Z"
},
{
"id": "7f76f0a2-6e05-4594-b17f-8237e6616fd3",
"account_id": "6ff62c42-e64d-4370-a706-2dadb35611c5",
"division_id": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
"resource_type": "division",
"resource_name": "New division",
"resource": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
"authentication_type": "user",
"authentication_id": "00000000-0000-0000-0000-000000000000",
"authentication": "local.admin",
"action": "create",
"description": "New division has been created",
"status": "success",
"properties": [
{
"name": "account.id",
"changed": false,
"value_after": "6ff62c42-e64d-4370-a706-2dadb35611c5"
},
{
"name": "account.name",
"changed": false,
"value_after": "IoT Account"
},
{
"name": "created_at",
"changed": false,
"value_after": "2020-11-05T08:35:26Z"
},
{
"name": "description",
"changed": false,
"value_after": "Description"
},
{
"name": "id",
"changed": false,
"value_after": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8"
},
{
"name": "name",
"changed": false,
"value_after": "New division"
},
{
"name": "status",
"changed": false,
"value_after": "ACTIVE"
}
],
"created_at": "2020-11-05T08:35:26Z"
}
]
}
To filter the results, use a question mark (?) to append a query string to the request URL. To apply multiple filters, append multiple query strings with an ampersand (&).
For example, to see records for events associated with an action type of update
and a resource type of division
, use:
https://one.digicert.com/iot/api/v1/audit-log?action=update&resource_type=division
Name | Req/Opt | Description |
---|---|---|
account_id | optional | Filters results by account ID. |
divisions | optional | Comma-separated list of division IDs. Limits results to the divisions in the list you provide. |
authentication_type | optional |
Filters results by authentication type. Allowed values: See Authentication types below. |
authentication_id | optional | Filters results by the ID of the authentication object associated with the record. This can be the ID of a user, passcode, certificate, authentication certificate authority (CA), or authentication certificate. |
resource_type | optional |
Filters results by resource type. Allowed values: See Resource types below. |
resource_name | optional | Filters results by resource name. |
resource | optional | Filters results by resource ID. |
action | optional |
Filters results by action. Allowed values: See Actions below. |
statuses | optional |
Comma-separated list of statuses. Limits results to the statuses in the list you provide. Allowed values: success or failed
|
created_at_from | optional |
Limits results to records created after a specific date and time (UTC). Formats: yyyy-MM-dd or yyyy-MM-ddTHH:mm:ssZ
|
created_at_to | optional |
Limits results to records created before a specific date and time (UTC). Formats: yyyy-MM-dd or yyyy-MM-ddTHH:mm:ssZ
|
sort_direction | optional |
Sorts results in ascending or descending order by the value of the created_at property.Allowed values: ASC (ascending) or DESC (descending)
|
limit | optional |
Limits the number of records to include in the results. Maximum: 1000 Default: 20
|
offset | optional | Index of the first record to include in the results. |
Name | Type | Description |
---|---|---|
limit | integer | Limit on the number of records to include in the results. |
offset | integer | Index of the first record. |
total | integer | Total number of audit log records. |
records | array | Array of audit log records. Each audit log record is an object with key/value pairs that provide information about an event in your IoT Device Manager account. |
.. id | string | ID of the audit log event. |
.. account_id | string | Account ID. |
.. division_id | string | Division ID. |
.. resource_type | string |
Resource type. Possible values: See Resource types below. |
.. resource_name | string | The name of the resource. |
.. resource | string | Unique ID of the resource. |
.. action | string |
The action associated with the audit log event. Possible values: See Actions below. |
.. status | string |
Status of the audit log event. Possible values: success or failed
|
.. description | string | Short description of the audit log event. |
.. authentication | string | The name of the authentication object associated with the event that created the audit log record. |
.. authentication_type | string | Type of authentication used for the event that created the audit log record. |
.. authentication_id | string | The unique ID of the authentication object associated with the record. This can be the ID of a user, passcode, certificate, authentication certificate authority (CA), or authentication certificate. |
.. created_at | string |
Timestamp of the event (UTC). Format: yyyy-MM-ddTHH:mm:ssZ
|
.. error_message | string |
Short error message. Only returned when the status property has a value of failed .
|
.. detailed_error_message | string |
Detailed error message. Only returned when the status property has a value of failed .
|
.. request | string |
The body of the request that created the audit log event, formatted as a JSON string. Only returned when the status property has a value of failed .
|
.. properties | array |
List of objects with details about each resource property. Use the properties array to find the value of each property before and after the audit log event.Only returned when the status property has a value of success .
|
.. .. name | string | Property name. |
.. .. changed | boolean | Whether the event changed the value of the property. |
.. .. value_before | string |
The value of the property before the event. Only returned when the changed property has a value of true .
|
.. .. value_after | string |
The value of the property after the event. Always returned, even if the value did not change. |
Each audit log record has an authentication_type
property. This property describes the authentication type associated with the event.
The following table describes the different authentication types.
Type | Description |
---|---|
user
|
For events that were authenticated with user credentials or a DigiCert ONE API key. |
passcode
|
For events that were authenticated with an enrollment passcode. |
certificate
|
For events that were authenticated with an existing certificate (for example, during a renewal request). |
authentication_ca
|
For events that were authenticated with an authentication certificate authority (CA). |
authentication_certificate
|
For events that were authenticated with an authentication certificate. |
Each audit log record has a resource_type
property. This property describes the type of resource associated with the event.
The following table describes the different resource types.
Type | Description |
---|---|
device
|
For changes to a device record. |
division
|
For changes to a division record. |
certificate
|
For changes to a certificate record. |
certificate_request
|
For changes to a certificate request record. |
enrollment_profile
|
For changes to an enrollment profile record. |
enrollment_profile_passcode
|
For changes to an enrollment profile passcode record. |
enrollment_profile_mapping
|
For changes to an enrollment profile mapping record. |
enrollment_profile_source_field
|
For changes to an enrollment profile source field record. |
authentication_certificate
|
For changes to an authentication certificate record. |
device_profile
|
For changes to a device profile record. |
certificate_template
|
For changes to a certificate template record. |
certificate_profile
|
For changes to a certificate profile record. |
Each audit log record has an action
property. This property describes the type of event that created the log entry.
The following table describes the different kinds of actions.
Type | Description |
---|---|
create
|
For events that create a new object. |
update
|
For events that update an existing object. |
delete
|
For events that delete an object. Deleted objects have a status of deleted .
|
undelete
|
For events that restore an object. Restored objects have a status of active .
|
disable
|
For events that disable an object. Disabled objects have a status of disabled .
|
enable
|
For events that enable an object. Enabled objects have a status of active .
|
enroll
|
For enrollment events. |
renew
|
For renewal events. |
revoke
|
For revocation events. |