我的书签
添加书签
移除书签auditlog.get
Description
integer/array auditlog.get(object **parameters**)
The method allows to retrieve audit log records according to the given parameters.
Parameters
(object) Parameters defining the desired output.
The method supports the following parameters.
| Parameter | Type | Description |
|---|---|---|
| auditids | string/array | Return only audit log with the given IDs. |
| userids | string/array | Return only audit log that were created by the given users. |
| time_from | timestamp | Returns only audit log entries that have been created after or at the given time. |
| time_till | timestamp | Returns only audit log entries that have been created before or at the given time. |
| selectDetails | query | Returns audit log entries with per field changes as details property.Available only for entries with action “1 - Update”, for actions of other types returns empty array. |
| sortfield | string/array | Sort the result by the given properties. Possible values are: auditid, userid, clock. |
| filter | object | Return only results that exactly match the given filter. Accepts an array, where the keys are property names, and the values are either a single value or an array of values to match against. Additionally supports filtering by details property fields: table_name, field_name. |
| search | object | Case insensitive sub-string search in content of fields: note, ip, resourcename, oldvalue, newvalue. |
| countOutput | boolean | These parameters being common for all get methods are described in the reference commentary. |
| excludeSearch | boolean | |
| limit | integer | |
| output | query | |
| preservekeys | boolean | |
| searchByAny | boolean | |
| searchWildcardsEnabled | boolean | |
| sortorder | string/array | |
| startSearch | boolean | |
Return values
(integer/array) Returns either:
an array of objects;
the count of retrieved objects, if the
countOutputparameter has been used.
Examples
Retrieve audit log
Retrieve two latest audit log records.
Request:
{"jsonrpc": "2.0","method": "auditlog.get","params": {"output": "extend","sortfield": "clock","sortorder": "DESC","limit": 2},"auth": "038e1d7b1735c6a5436ee9eae095879e","id": 1}
Response:
{"jsonrpc": "2.0","result": [{"auditid": "189","userid": "1","clock": "1580913141","action": "3","resourcetype": "0","note": "","ip": "127.0.0.1","resourceid": "0","resourcename": ""},{"auditid": "188","userid": "1","clock": "1580903029","action": "3","resourcetype": "0","note": "","ip": "127.0.0.1","resourceid": "0","resourcename": ""}],"id": 2}
Retrieve audit log records having substring “test” in oldvalue field.
Request:
{"jsonrpc": "2.0","method": "auditlog.get","params": {"output": ["auditid", "resourcename"],"search": {"newvalue": "test"},"selectDetails": "extend"},"auth": "038e1d7b1735c6a5436ee9eae095879e","id": 1}
Response:
{"jsonrpc": "2.0","result": [{"auditid": "5","resourcename": "Mattermost2","details": [{"table_name": "media_type","field_name": "event_menu_url","oldvalue": "http://test","newvalue": "http://test{EVENT.TAGS.__test}"}]},{"auditid": "7","resourcename": "Email","details": [{"table_name": "media_type","field_name": "name","oldvalue": "Email","newvalue": "Email test"}]}],"id": 20}
See also
Source
CAuditLog::get() in ui/include/classes/api/services/CAuditLog.php.
