Audits
Returns a list of audit entries
The bearer token can be obtained by creating a ServiceAccount.
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/audit HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"type": "TOPIC",
"action": "ADD",
"user": "text",
"timestamp": 1,
"resourceId": "text",
"resourceName": "text",
"content": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
],
"pagesAmount": 1,
"totalCount": 1
}Deletes the audit entries up to the timestamp
The bearer token can be obtained by creating a ServiceAccount.
No content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
DELETE /api/v1/environments/{environment}/proxy/api/audit?timestamp=1 HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
No content
Returns the audits metadata information
The bearer token can be obtained by creating a ServiceAccount.
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/audit/values HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"users": [
"text"
],
"actions": [
"ADD"
],
"types": [
"TOPIC"
]
}Lists audit channels ordered by their creation time (most recent first)
The bearer token can be obtained by creating a ServiceAccount.
The page number to be returned, must be greater than zero. Defaults to 1.
1The elements amount on a single page, must be greater than zero.
25Filter by channel template name
Matches channels by name
The field to sort results by
Sorting order. Defaults to ascending
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/v1/audit/channels?pageSize=1 HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"values": [
{
"id": "2c1fc20d-59b4-4f67-8982-6e0377e8fdbd",
"name": "splunk-prd",
"templateName": "Splunk",
"templateVersion": 1,
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
],
"createdAt": "2021-01-01T00:00:00Z",
"createdBy": "joe.bloggs",
"updatedAt": "2021-01-01T00:00:00Z",
"updatedBy": "joe.bloggs",
"enabled": true,
"lrn": "lrn"
}
],
"pagesAmount": 1,
"totalCount": 1
}The JSON object representing the properties to set this channel with
The bearer token can be obtained by creating a ServiceAccount.
JSON Schema representation of the configuration properties
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
The supplied identifier is already being used by another resource
An internal server error has occurred
POST /api/v1/environments/{environment}/proxy/api/v1/audit/channels HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 138
{
"name": "splunk-prd",
"templateName": "Splunk",
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
]
}{
"id": "2c1fc20d-59b4-4f67-8982-6e0377e8fdbd"
}Get the audit channel details
The bearer token can be obtained by creating a ServiceAccount.
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbdThe request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"id": "2c1fc20d-59b4-4f67-8982-6e0377e8fdbd",
"name": "splunk-prd",
"templateName": "Splunk",
"templateVersion": 1,
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
],
"createdAt": "2021-01-01T00:00:00Z",
"createdBy": "joe.bloggs",
"updatedAt": "2021-01-01T00:00:00Z",
"updatedBy": "joe.bloggs",
"enabled": true,
"lrn": "lrn"
}Update audit channel
The bearer token can be obtained by creating a ServiceAccount.
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbdJSON Schema representation of the configuration properties
No content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
The supplied identifier is already being used by another resource
An internal server error has occurred
PUT /api/v1/environments/{environment}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 114
{
"name": "splunk-prd",
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
]
}No content
Permanently delete a channel
The bearer token can be obtained by creating a ServiceAccount.
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbdThe request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
DELETE /api/v1/environments/{environment}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
No content
Patch an audit channel
The bearer token can be obtained by creating a ServiceAccount.
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbdJSON Schema representation of the configuration properties
No content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
The supplied identifier is already being used by another resource
An internal server error has occurred
PATCH /api/v1/environments/{environment}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 129
{
"name": "splunk-prd",
"connectionName": "splunk-connection",
"enabled": true,
"properties": [
{
"key": "source",
"value": "splunk_source"
}
]
}No content
List channel templates and their applicable connections
The bearer token can be obtained by creating a ServiceAccount.
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{environment}/proxy/api/v1/audit/channel-templates HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
[
{
"id": 440,
"name": "Splunk",
"templateVersion": 1,
"version": "1",
"enabled": true,
"builtIn": true,
"metadata": {
"author": "Lenses",
"description": "Splunk channel template"
},
"configuration": [
{
"id": 102,
"key": "source",
"displayName": "Source",
"placeholder": "lenses-audits",
"description": "Source to associate with generated Splunk events",
"type": {
"name": "STRING",
"displayName": "string"
},
"required": true,
"provided": false
}
],
"suitableConnections": [
{
"templateName": "Splunk",
"name": "splunk-connection"
}
],
"jsonSchema": {
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"required": [
"source",
"host",
"useHttps",
"insecure",
"token"
],
"title": "Splunk, version: 1 template JSON schema",
"properties": {
"source": {
"type": "string",
"title": "Source",
"description": "Source to associate with generated Splunk events"
},
"host": {
"type": "string",
"title": "Host",
"description": "The host name for the HTTP Event Collector API of the Splunk instance."
},
"useHttps": {
"type": "boolean",
"title": "Use HTTPS",
"description": "Use SSL."
},
"port": {
"type": "number",
"title": "Port",
"description": "The port number for the HTTP Event Collector API of the Splunk instance."
},
"token": {
"type": "string",
"title": "Event collector token",
"description": "HTTP event collector authorization token"
},
"insecure": {
"type": "boolean",
"title": "Disable SSL certificate verification",
"description": "This is *not encouraged* but is required for a Splunk Cloud Trial instance."
}
}
}
}
]Last updated
Was this helpful?