Audit Channels
Update audit channel
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbd
JSON Schema representation of the configuration properties
No content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
The supplied identifier is already being used by another resource
An internal server error has occurred
PUT /api/v1/environments/{name}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 114
{
"name": "splunk-prd",
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
]
}
No content
List channel templates and their applicable connections
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{name}/proxy/api/v1/audit/channel-templates HTTP/1.1
Host:
Accept: */*
[
{
"id": 440,
"name": "Splunk",
"templateVersion": 1,
"version": "1",
"enabled": true,
"builtIn": true,
"metadata": {
"author": "Lenses",
"description": "Splunk channel template"
},
"configuration": [
{
"id": 102,
"key": "source",
"displayName": "Source",
"placeholder": "lenses-audits",
"description": "Source to associate with generated Splunk events",
"type": {
"name": "STRING",
"displayName": "string"
},
"required": true,
"provided": false
}
],
"suitableConnections": [
{
"templateName": "Splunk",
"name": "splunk-connection"
}
],
"jsonSchema": {
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"required": [
"source",
"host",
"useHttps",
"insecure",
"token"
],
"title": "Splunk, version: 1 template JSON schema",
"properties": {
"source": {
"type": "string",
"title": "Source",
"description": "Source to associate with generated Splunk events"
},
"host": {
"type": "string",
"title": "Host",
"description": "The host name for the HTTP Event Collector API of the Splunk instance."
},
"useHttps": {
"type": "boolean",
"title": "Use HTTPS",
"description": "Use SSL."
},
"port": {
"type": "number",
"title": "Port",
"description": "The port number for the HTTP Event Collector API of the Splunk instance."
},
"token": {
"type": "string",
"title": "Event collector token",
"description": "HTTP event collector authorization token"
},
"insecure": {
"type": "boolean",
"title": "Disable SSL certificate verification",
"description": "This is *not encouraged* but is required for a Splunk Cloud Trial instance."
}
}
}
}
]
Patch an audit channel
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbd
JSON Schema representation of the configuration properties
No content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
The supplied identifier is already being used by another resource
An internal server error has occurred
PATCH /api/v1/environments/{name}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 129
{
"name": "splunk-prd",
"connectionName": "splunk-connection",
"enabled": true,
"properties": [
{
"key": "source",
"value": "splunk_source"
}
]
}
No content
Get the audit channel details
The channel id
2c1fc20d-59b4-4f67-8982-6e0377e8fdbd
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{name}/proxy/api/v1/audit/channels/{id} HTTP/1.1
Host:
Accept: */*
{
"id": "2c1fc20d-59b4-4f67-8982-6e0377e8fdbd",
"name": "splunk-prd",
"templateName": "Splunk",
"templateVersion": 1,
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
],
"createdAt": "2021-01-01T00:00:00Z",
"createdBy": "joe.bloggs",
"updatedAt": "2021-01-01T00:00:00Z",
"updatedBy": "joe.bloggs",
"enabled": true
}
Returns the audits metadata information
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{name}/proxy/api/audit/values HTTP/1.1
Host:
Accept: */*
{
"users": [
"text"
],
"actions": [
"ADD"
],
"types": [
"TOPIC"
]
}
Lists audit channels ordered by their creation time (most recent first)
The page number to be returned, must be greater than zero. Defaults to 1.
1
The elements amount on a single page, must be greater than zero.
25
Filter by channel template name
Matches channels by name
The field to sort results by
Sorting order. Defaults to ascending
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{name}/proxy/api/v1/audit/channels?pageSize=1 HTTP/1.1
Host:
Accept: */*
{
"values": [
{
"id": "2c1fc20d-59b4-4f67-8982-6e0377e8fdbd",
"name": "splunk-prd",
"templateName": "Splunk",
"templateVersion": 1,
"connectionName": "splunk-connection",
"properties": [
{
"key": "source",
"value": "splunk_source"
}
],
"createdAt": "2021-01-01T00:00:00Z",
"createdBy": "joe.bloggs",
"updatedAt": "2021-01-01T00:00:00Z",
"updatedBy": "joe.bloggs",
"enabled": true
}
],
"pagesAmount": 1,
"totalCount": 1
}
Deletes the audit entries up to the timestamp
No content
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
DELETE /api/v1/environments/{name}/proxy/api/audit?timestamp=1 HTTP/1.1
Host:
Accept: */*
No content
Returns a list of audit entries
The request input was invalid
Authentication error
The purchased Lenses license does not provide access to this feature
Authorisation error
The requested resource cannot be found
An internal server error has occurred
GET /api/v1/environments/{name}/proxy/api/audit HTTP/1.1
Host:
Accept: */*
{
"values": [
{
"type": "TOPIC",
"action": "ADD",
"user": "text",
"timestamp": 1,
"resourceId": "text",
"resourceName": "text",
"content": {
"ANY_ADDITIONAL_PROPERTY": "text"
}
}
],
"pagesAmount": 1,
"totalCount": 1
}
Last updated
Was this helpful?