Audit logs

GET
https://one.digicert.com/iot/api/v1/audit-log

Use this endpoint to get audit log records for your IoT Device Manager account.

Example requests and responses

cURL
curl --request GET 'https://one.digicert.com/iot/api/v1/audit-log?limit=3' \
--header 'x-api-key: {{api_key}}' \
--header 'Content-Type: application/json'
200 OK
{
  "limit": 3,
  "offset": 0,
  "total": 26,
  "records": [
    {
      "id": "8bb7b9a0-b23c-4cb3-bfcf-91b75e0eae55",
      "account_id": "6ff62c42-e64d-4370-a706-2dadb35611c5",
      "division_id": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
      "resource_type": "division",
      "resource_name": "New division",
      "resource": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
      "authentication_type": "user",
      "authentication_id": "00000000-0000-0000-0000-000000000000",
      "authentication": "local.admin",
      "action": "update",
      "description": "Failed to update new division",
      "status": "failed",
      "error_message": "Please provide a unique name for division",
      "detailed_error_message": "com.digicert.snowbird.iot.exception.InvalidInputException: Please provide a unique name for division\n\tat com.digicert.snowbird.iot.service.core.DivisionService.validateUniqueDivisionName(DivisionService.java:155",
      "request": "{\"name\":\"IoT Account\",\"description\":\"Description updated\",\"account_id\":\"6ff62c42-e64d-4370-a706-2dadb35611c5\"}",
      "created_at": "2020-11-05T08:36:50Z"
    },
    {
      "id": "b15daa5d-d193-4d3e-aba7-9a8219551c30",
      "account_id": "6ff62c42-e64d-4370-a706-2dadb35611c5",
      "division_id": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
      "resource_type": "division",
      "resource_name": "New division",
      "resource": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
      "authentication_type": "user",
      "authentication_id": "00000000-0000-0000-0000-000000000000",
      "authentication": "local.admin",
      "action": "update",
      "description": "Division has been updated",
      "status": "success",
      "properties": [
        {
          "name": "account.id",
          "changed": false,
          "value_after": "6ff62c42-e64d-4370-a706-2dadb35611c5"
        },
        {
          "name": "account.name",
          "changed": false,
          "value_after": "IoT Account"
        },
        {
          "name": "created_at",
          "changed": false,
          "value_after": "2020-11-05T08:35:26Z"
        },
        {
          "name": "description",
          "changed": true,
          "value_before": "Description",
          "value_after": "Description updated"
        },
        {
          "name": "id",
          "changed": false,
          "value_after": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8"
        },
        {
          "name": "name",
          "changed": false,
          "value_after": "New division"
        },
        {
          "name": "status",
          "changed": false,
          "value_after": "ACTIVE"
        }
      ],
      "created_at": "2020-11-05T08:35:47Z"
    },
    {
      "id": "7f76f0a2-6e05-4594-b17f-8237e6616fd3",
      "account_id": "6ff62c42-e64d-4370-a706-2dadb35611c5",
      "division_id": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
      "resource_type": "division",
      "resource_name": "New division",
      "resource": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8",
      "authentication_type": "user",
      "authentication_id": "00000000-0000-0000-0000-000000000000",
      "authentication": "local.admin",
      "action": "create",
      "description": "New division has been created",
      "status": "success",
      "properties": [
        {
          "name": "account.id",
          "changed": false,
          "value_after": "6ff62c42-e64d-4370-a706-2dadb35611c5"
        },
        {
          "name": "account.name",
          "changed": false,
          "value_after": "IoT Account"
        },
        {
          "name": "created_at",
          "changed": false,
          "value_after": "2020-11-05T08:35:26Z"
        },
        {
          "name": "description",
          "changed": false,
          "value_after": "Description"
        },
        {
          "name": "id",
          "changed": false,
          "value_after": "18e7d40e-5b46-409a-9e4f-7d697e8e30e8"
        },
        {
          "name": "name",
          "changed": false,
          "value_after": "New division"
        },
        {
          "name": "status",
          "changed": false,
          "value_after": "ACTIVE"
        }
      ],
      "created_at": "2020-11-05T08:35:26Z"
    }
  ]
}

URL query strings

To filter the results, use a question mark (?) to append a query string to the request URL. To apply multiple filters, append multiple query strings with an ampersand (&).

For example, to see records for events associated with an action type of update and a resource type of division, use:

generic
https://one.digicert.com/iot/api/v1/audit-log?action=update&resource_type=division
Name Req/Opt Description
account_id optional Filters results by account ID.
divisions optional Comma-separated list of division IDs. Limits results to the divisions in the list you provide.
authentication_type optional Filters results by authentication type.
Allowed values: See Authentication types below.
authentication_id optional Filters results by the ID of the authentication object associated with the record. This can be the ID of a user, passcode, certificate, authentication certificate authority (CA), or authentication certificate.
resource_type optional Filters results by resource type.
Allowed values: See Resource types below.
resource_name optional Filters results by resource name.
resource optional Filters results by resource ID.
action optional Filters results by action.
Allowed values: See Actions below.
statuses optional Comma-separated list of statuses. Limits results to the statuses in the list you provide.
Allowed values: success or failed
created_at_from optional Limits results to records created after a specific date and time (UTC).
Formats: yyyy-MM-dd or yyyy-MM-ddTHH:mm:ssZ
created_at_to optional Limits results to records created before a specific date and time (UTC).
Formats: yyyy-MM-dd or yyyy-MM-ddTHH:mm:ssZ
sort_direction optional Sorts results in ascending or descending order by the value of the created_at property.
Allowed values: ASC (ascending) or DESC (descending)
limit optional Limits the number of records to include in the results.
Maximum: 1000
Default: 20
offset optional Index of the first record to include in the results.

Response parameters

Name Type Description
limit integer Limit on the number of records to include in the results.
offset integer Index of the first record.
total integer Total number of audit log records.
records array Array of audit log records. Each audit log record is an object with key/value pairs that provide information about an event in your IoT Device Manager account.
.. id string ID of the audit log event.
.. account_id string Account ID.
.. division_id string Division ID.
.. resource_type string Resource type.
Possible values: See Resource types below.
.. resource_name string The name of the resource.
.. resource string Unique ID of the resource.
.. action string The action associated with the audit log event.
Possible values: See Actions below.
.. status string Status of the audit log event.
Possible values: success or failed
.. description string Short description of the audit log event.
.. authentication string The name of the authentication object associated with the event that created the audit log record.
.. authentication_type string Type of authentication used for the event that created the audit log record.
.. authentication_id string The unique ID of the authentication object associated with the record. This can be the ID of a user, passcode, certificate, authentication certificate authority (CA), or authentication certificate.
.. created_at string Timestamp of the event (UTC).
Format: yyyy-MM-ddTHH:mm:ssZ
.. error_message string Short error message.
Only returned when the status property has a value of failed.
.. detailed_error_message string Detailed error message.
Only returned when the status property has a value of failed.
.. request string The body of the request that created the audit log event, formatted as a JSON string.
Only returned when the status property has a value of failed.
.. properties array List of objects with details about each resource property. Use the properties array to find the value of each property before and after the audit log event.
Only returned when the status property has a value of success.
.. .. name string Property name.
.. .. changed boolean Whether the event changed the value of the property.
.. .. value_before string The value of the property before the event.
Only returned when the changed property has a value of true.
.. .. value_after string The value of the property after the event.
Always returned, even if the value did not change.

Authentication types

Each audit log record has an authentication_type property. This property describes the authentication type associated with the event.

The following table describes the different authentication types.

Type Description
user For events that were authenticated with user credentials or a DigiCert ONE API key.
passcode For events that were authenticated with an enrollment passcode.
certificate For events that were authenticated with an existing certificate (for example, during a renewal request).
authentication_ca For events that were authenticated with an authentication certificate authority (CA).
authentication_certificate For events that were authenticated with an authentication certificate.

Resource types

Each audit log record has a resource_type property. This property describes the type of resource associated with the event.

The following table describes the different resource types.

Type Description
device For changes to a device record.
division For changes to a division record.
certificate For changes to a certificate record.
certificate_request For changes to a certificate request record.
enrollment_profile For changes to an enrollment profile record.
enrollment_profile_passcode For changes to an enrollment profile passcode record.
enrollment_profile_mapping For changes to an enrollment profile mapping record.
enrollment_profile_source_field For changes to an enrollment profile source field record.
authentication_certificate For changes to an authentication certificate record.
device_profile For changes to a device profile record.
certificate_template For changes to a certificate template record.
certificate_profile For changes to a certificate profile record.

Actions

Each audit log record has an action property. This property describes the type of event that created the log entry.

The following table describes the different kinds of actions.

Type Description
create For events that create a new object.
update For events that update an existing object.
delete For events that delete an object.
Deleted objects have a status of deleted.
undelete For events that restore an object.
Restored objects have a status of active.
disable For events that disable an object.
Disabled objects have a status of disabled.
enable For events that enable an object.
Enabled objects have a status of active.
enroll For enrollment events.
renew For renewal events.
revoke For revocation events.