Audit Log Endpoint
The Audit Log endpoint can be used to inspect the system audit log.
This method will return summary information about the audit log, including timestamps, type codes, user id, etc.
To invoke:
GET http://localhost:9000/audit-log
You may also add the following URL parameters:
moduleId=[string] – the name of the audit module (default: clustermgr)userId=[int] – the Id of the userfrom=[date] – the inclusive start range time (in FHIR dateTime format)to=[date] – the inclusive end range time (in FHIR dateTime format)pageIndex=[int] – the page number to returnpageSize=[int] – the number of rows to return per pageThe server will produce a response resembling the following:
{
"pageIndex": 0,
"pageSize": 0,
"audit-events": [
{
"endpointModuleId": "admin_web",
"endpointNodeId": "Master",
"id": 53,
"userModuleId": "local_security",
"userNodeId": "Master",
"remoteAddress": "0:0:0:0:0:0:0:1",
"timestamp": "2017-10-06T17:05:59.942-04:00",
"typeCode": "USERMGR_CREATE_USER",
"typeDisplay": "Create a new user",
"typeSystem": "https://smilecdr.com/ns/CodeSystem/CdrAuditEvents",
"familyName": "Admin",
"givenName": "GenericUser",
"userId": 2,
"username": "ADMIN"
}]
}
For brevity only 1 event is shown but a real response might contain many more.
Note the following details:
"typeCode": "ADMINWEB_LOGIN" – this code gives the type of audit event;This method will return the details of a given audit log, including request URL, detailed timing information, and request/response bodies for some audit types. Note this information may have special privacy and security implications so you should consider carefully before exposing this data.
To invoke (substitute an event ID into the path below):
http://localhost:9000/audit-log/event/{audit_event_id}
You may also add the following URL parameter:
includeBody=true – by default the request/response body is not included in the response. You can override this behaviour by using this parameter.The server will produce a response resembling the following:
{
"endpointModuleId": "admin_web",
"endpointNodeId": "Master",
"id": 52,
"userModuleId": "local_security",
"userNodeId": "Master",
"remoteAddress": "0:0:0:0:0:0:0:1",
"timestamp": "2017-10-06T17:05:01.898-04:00",
"typeCode": "ADMINWEB_LOGIN",
"typeDisplay": "Log into the Web Admin Console",
"typeSystem": "https://smilecdr.com/ns/CodeSystem/CdrAuditEvents",
"familyName": "Admin",
"givenName": "GenericUser",
"userId": 2,
"username": "ADMIN"
}