You can filter the included events based on the following parameters:
event_category - The general category of event.
For example, to filter the results to only include events related to permission sets:
event_category=PermissionSet
You can provide multiple event category values.
For example, to filter the results to include events related to both assigned permissions and permission sets:
event_type - The specific type of event.
To get the available event types, refer to Solar.Core.Enums.AuditEvents.AuditEventType.
For example, to filter the results to only include when a permission set was created:
event_type=PermissionSetCreated
You can provide multiple event type values.
For example, to filter the results to include both when a permission set was created and when a permission set was updated:
outcome - Whether the event was successful (Success) or failed (Fail).
For example, to filter the results to only include successful events:
outcome=Success
created_before - Used to only include events that occurred before the specified timestamp.
The timestamp uses the ISO 8601 format (yyyy-MM-dd'T'HH:mm:ssZ).
For example, to filter the results to only include events that occurred before 6:30 PM UTC on August 1, 2023:
created_before=2023-08-01T18:30:00Z
created_after - Used to only include events that occurred after the specified timestamp.
The timestamp uses the ISO 8601 format (yyyy-MM-dd'T'HH:mm:ssZ).
For example, to filter the results to only include events that occurred after 10:00 AM UTC on July 27, 2023:
created_after=2023-07-27T10:00:00Z
include_unidentified_events - For self-hosted instances, whether to include events that do not have an identified user.
By default, is false. These events might be server-generated or might be related to an unauthenticated action.
To include events that do not have an identified user:
include_unidentified_events=true
Sample requests:
First 100 results by most recent:
GET /api/audit-events/search
Returns the first 20 results for permission set events that were successful:
GET /api/workspace/search?limit=20&event_category=PermissionSet&outcome=Success
Query parameters
offsetinteger · int32Optional
limitinteger · int32Optional
outcomeall ofOptional
string · enumOptional
The status of the audit event. Some event types may only log Success or Fail events.
Possible values:
created_beforestring · date-timeOptional
created_afterstring · date-timeOptional
include_unidentified_eventsbooleanOptional
Responses
200
OK
get
GET /api/audit-events/search HTTP/1.1
Host:
Accept: */*