Audits
Returns a list of audit entries
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/audit HTTP/1.1
Host:
Accept: */*
{
"values": [
{
"type": "TOPIC",
"action": "ADD",
"user": "text",
"timestamp": 1,
"resourceId": "text",
"resourceName": "text",
"content": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
],
"pagesAmount": 1,
"totalCount": 1
}Deletes the audit entries up to the timestamp
No content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
DELETE /api/v1/environments/{environment}/proxy/api/audit?timestamp=1 HTTP/1.1
Host:
Accept: */*
No content
Returns the audits metadata information
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/audit/values HTTP/1.1
Host:
Accept: */*
{
"users": [
"text"
],
"actions": [
"ADD"
],
"types": [
"TOPIC"
]
}Lists audit channels ordered by their creation time (most recent first)
The page number to be returned, must be greater than zero. Defaults to 1.
1The elements amount on a single page, must be greater than zero.
25Filter by channel template name
Matches channels by name
The field to sort results by
Sorting order. Defaults to ascending
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/v1/audit/channels?pageSize=1 HTTP/1.1
Host:
Accept: */*
{
"values": [
{
"id": "2c1fc20d-59b4-4f67-8982-6e0377e8fdbd",
"name": "splunk-prd",
"templateName": "Splunk",
"templateVersion": 1,
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
],
"createdAt": "2021-01-01T00:00:00Z",
"createdBy": "joe.bloggs",
"updatedAt": "2021-01-01T00:00:00Z",
"updatedBy": "joe.bloggs",
"enabled": true,
"lrn": "lrn"
}
],
"pagesAmount": 1,
"totalCount": 1
}The JSON object representing the properties to set this channel with
JSON Schema representation of the configuration properties
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
The supplied identifier is already being used by another resource
An internal server error has occurred
POST /api/v1/environments/{environment}/proxy/api/v1/audit/channels HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 138
{
"name": "splunk-prd",
"templateName": "Splunk",
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
]
}{
"id": "2c1fc20d-59b4-4f67-8982-6e0377e8fdbd"
}Get the audit channel details
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbdThe request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host:
Accept: */*
{
"id": "2c1fc20d-59b4-4f67-8982-6e0377e8fdbd",
"name": "splunk-prd",
"templateName": "Splunk",
"templateVersion": 1,
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
],
"createdAt": "2021-01-01T00:00:00Z",
"createdBy": "joe.bloggs",
"updatedAt": "2021-01-01T00:00:00Z",
"updatedBy": "joe.bloggs",
"enabled": true,
"lrn": "lrn"
}Update audit channel
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbdJSON Schema representation of the configuration properties
No content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
The supplied identifier is already being used by another resource
An internal server error has occurred
PUT /api/v1/environments/{environment}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 114
{
"name": "splunk-prd",
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
]
}No content
Permanently delete a channel
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbdNo content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
DELETE /api/v1/environments/{environment}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host:
Accept: */*
No content
Patch an audit channel
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbdJSON Schema representation of the configuration properties
No content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
The supplied identifier is already being used by another resource
An internal server error has occurred
PATCH /api/v1/environments/{environment}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 129
{
"name": "splunk-prd",
"connectionName": "splunk-connection",
"enabled": true,
"properties": [
{
"key": "source",
"value": "splunk_source"
}
]
}No content
List channel templates and their applicable connections
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/v1/audit/channel-templates HTTP/1.1
Host:
Accept: */*
[
{
"id": 440,
"name": "Splunk",
"templateVersion": 1,
"version": "1",
"enabled": true,
"builtIn": true,
"metadata": {
"author": "Lenses",
"description": "Splunk channel template"
},
"configuration": [
{
"id": 102,
"key": "source",
"displayName": "Source",
"placeholder": "lenses-audits",
"description": "Source to associate with generated Splunk events",
"type": {
"name": "STRING",
"displayName": "string"
},
"required": true,
"provided": false
}
],
"suitableConnections": [
{
"templateName": "Splunk",
"name": "splunk-connection"
}
],
"jsonSchema": {
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"required": [
"source",
"host",
"useHttps",
"insecure",
"token"
],
"title": "Splunk, version: 1 template JSON schema",
"properties": {
"source": {
"type": "string",
"title": "Source",
"description": "Source to associate with generated Splunk events"
},
"host": {
"type": "string",
"title": "Host",
"description": "The host name for the HTTP Event Collector API of the Splunk instance."
},
"useHttps": {
"type": "boolean",
"title": "Use HTTPS",
"description": "Use SSL."
},
"port": {
"type": "number",
"title": "Port",
"description": "The port number for the HTTP Event Collector API of the Splunk instance."
},
"token": {
"type": "string",
"title": "Event collector token",
"description": "HTTP event collector authorization token"
},
"insecure": {
"type": "boolean",
"title": "Disable SSL certificate verification",
"description": "This is *not encouraged* but is required for a Splunk Cloud Trial instance."
}
}
}
}
]Last updated
Was this helpful?