Help getting audit logs via API

Sail_addict · July 14, 2023, 6:44am

Can I get more details about getting audit logs via API?
An example of how to send the request will be great.

Thank.

atarodia · July 14, 2023, 7:27pm

Hi @Sail_addict,

Thank you for posting and welcome to SailPoint Developer Forum.

You can use V3 Search APIs to get the Audit logs.

For Example,

If you require all events:

{
 "indices": [
 "events"
 ],
 "queryType": "SAILPOINT",
 "queryVersion": "5.2",
 "query": {
 "query": "type:*"
 }
}

Similarly, you can change the query to satisfy your requirements (adding some more examples below):
For Authentication History → type:auth
For Access Requests → type:access_request
For Provisioning Activity → type:provisioning
For Password Activity → type:password_activity

Sail_addict · July 26, 2023, 5:49pm

Is it possible to filter by certain dates? from date1 to date 2?

atarodia · July 28, 2023, 8:55am

Hi @Sail_addict, you just need to add “created” condition.

Example:

type:* AND created:[2023-07-20 TO 2023-07-26]

system · September 26, 2023, 8:56am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Need details on Audit logs ISC Discussion and Questions	4	3447	July 14, 2023
Is there a way to get an complete export of our data like log shipping? ISC Discussion and Questions apis , identity-security-cloud , entitlements	2	292	July 13, 2023
Maintaining IdentityNow audit log information past 5 years ISC Discussion and Questions identity-security-cloud	4	137	April 26, 2024
Extracting Data from IDN to PowerBI ISC Discussion and Questions apis	21	2476	August 2, 2023
Fetching data using date time limit ISC Discussion and Questions apis , identity-security-cloud	6	176	April 8, 2024

Help getting audit logs via API

Related Topics