POST /admin/audit/ API
The POST /admin/audit/ API endpoint can be used to retrieve the entity purge operations that have occurred in a given time period.
/admin/audit/
endpoint with a payload containing a
JSON-formated query for purged entities:POST /api/atlas/admin/audit/
where the parameters include:
Parameter | Format / Value | Description |
---|---|---|
body: auditFilters | JSON-formatted query including:
The results can further be controlled with:
|
The payload describes a query that returns PURGE operations performed by a specific user. The query can include a filter for a specific time range, where the start and end times are specified in UNIX epoch time. The query results can also be paged using a result count (limit) and offset so multiple calls can be made to retrieve unique result sets. |
header: content type | application/json |
Atlas expects the payload of the call to be in JSON format. |
header: authorization | Per your environment | Atlas requires authentication, which you can provide with a
username and password as a parameter in a cURL call (-u
username:password ) or using cookies or other generated
methods to pass appropriate credentials. The user must have Atlas
administrator privileges. |
The audit filter in this call uses the same syntax as Atlas' search filters. Here are some guidelines that are useful for using this interface for purge auditing:
- Valid operators for the time criteria include less than
(
lt
), greater than (gt
), less than or equal to (lte
), greater than or equal to (gte
), equal to (eq
), and not equal to (neq
). - Valid operators for the string criteria include
like
,startsWith
,endsWith
,contains
,isNull
,notNull
, and equals (eq
). - The sortOrder can be
ASCENDING
orDESCENDING
.
The response from a POST /admin/audit call is a JSON-formatted list of
the purge operations that occurred in the specified time range. The
content includes the parameters passed in the purge call and the list of
GUIDs for the entities that were successfully purged. If no entities are
purged, the response is an empty list []
.
curl -X POST 'http://host3.acme.com:31000/api/atlas/admin/audit/' \
-H 'Content-Type: application/json' \
-d '{
"auditFilters": {
"condition": "AND",
"criterion": [
{
"attributeName": "userName",
"operator": "like",
"attributeValue": "admin"
},
{
"attributeName": "operation",
"operator": "like",
"attributeValue": "PURGE"
}
]
},
"limit": 10,
"offset": 0,
"sortBy": "endTime",
"sortOrder": "DESCENDING"
}
' -u username:password
The response includes a list of purge operations (this example is shortened to only two entries):
[
{
"guid": "d93c7664-6e41-4aa9-aed8-b740b985c9a0",
"userName": "admin",
"operation": "PURGE",
"params": "[ac2772e8-984d-4ab6-9e99-323f1be2d3c0, 90231026-6581-4168-8828-f010aa9b097c]",
"startTime": 1576261685009,
"endTime": 1576261685197,
"clientId": "10.16.1.255",
"result": "ac2772e8-984d-4ab6-9e99-323f1be2d3c0,ae143e74-48d4-4f4b-8164-192bc842ed3b,dd742369-2a2c-44ee-902c-4d78a55b7100,90231026-6581-4168-8828-f010aa9b097c"
},
{
"guid": "b964079d-1f55-43f3-af7b-3a3701378826",
"userName": "admin",
"operation": "PURGE",
"params": "[35b7aaad-2aaf-4af8-a043-e7b524e1314e]",
"startTime": 1576028426951,
"endTime": 1576028427165,
"clientId": "10.16.1.255",
"result": "35b7aaad-2aaf-4af8-a043-e7b524e1314e,add45b8a-4bef-4ebb-a8d0-0b8b920f068d"
},...
]