Skip to main content

Query Audit Events#

Permissions required: Read audit logs
curl -X POST '' \    -H "Authorization: Bearer $REINFER_TOKEN" \    -H "Content-Type: application/json" \    -d '{  "filter": {    "timestamp": {      "maximum": "2021-07-10T00:00:00Z",      "minimum": "2021-06-10T00:00:00Z"    }  }}'

An audit event is a record of an action taken by a user of the Re:infer platform. Example auditable events include:

  • a user logging in
  • a user chaning their password
  • a user changing another user's permissions
continuationstringnoIf a previous query returned a continuation in the response, another page of events is available. Set the returned continuation value here to fetch the next page.
limitnumbernoThe number of audit events to return per page.
filterFilternoA filter specifying which audit events to return.

Where Filter has the following format:

timestampTimestampFilternoA filter specifying what time range to return events in.

Where TimestampFilter has the following format:

minimumstringnoAn ISO-8601 timestamp. If provided, only returns audit event after or including this timestamp.
maximumstringnoAn ISO-8601 timestamp. If provided, only returns audit event before this timestamp.

Response format#

The audit_events key contains a list of AuditEvent resources in approximate chronological order. All AuditEvents represent an action taken by a user in the platform, and follow the following base format:

event_idstringyesThe unique ID of this event.
event_typestringyesThe type of this event.
timestampstringyesThe ISO-8601 timestamp of this event, to the nearest second.
actor_user_idstringyesThe ID of the user who executed this action.

Additional keys may be present depending on the value of event_type. In the example above for the get_datasets event type, a list of dataset_ids will be returned of the datasets that were read by the user.

All resources reference by ID have additional information returned in the top level of the request. In the example above, any ID present in an audit event's dataset_ids field, will have additional information provided in the top-level datasets key.

A resource such as a dataset may be referenced by ID in multiple audit events, but will only be returned one in the top level datasets key.