AuditEvent
Realm Operations
Audit events are logged through a realm audit service.
Resource path:
/realm-audit/{topic}
Resource version: 1.0
create
Create a new audit event, which will be handled and logged by the configured audit service.
Usage
am> create AuditEvent --realm Realm --topic topic --body body
Parameters
- --topic
-
Audit events are logged through a realm audit service.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "$schema" : "http://json-schema.org/draft-04/schema#", "description" : "The schema contains properties that are common to all topics and some that are unique to a specific topic. The description of each property indicates which topic the property applies to.", "title" : "Audit event schema", "type" : "object", "properties" : { "_id" : { "title" : "ID", "description" : "The ID of the event, used by all topics", "type" : "string" }, "timestamp" : { "title" : "Timestamp", "description" : "The time at which the event occurred, used by all topics", "type" : "string" }, "eventName" : { "title" : "Event name", "description" : "The name of the event, used by all topics", "type" : "string" }, "transactionId" : { "title" : "Transaction ID", "description" : "The transaction ID of the event, used by all topics", "type" : "string" }, "userId" : { "title" : "User ID", "description" : "The ID of the user responsible for the event, used by all topics", "type" : "string" }, "trackingIds" : { "title" : "Tracking IDs", "description" : "The tracking IDs of the event, used by all topics", "type" : "array", "items" : { "id" : "0", "type" : "string" } }, "component" : { "title" : "Component", "description" : "The component responsible for the event, used by all topics", "type" : "string" }, "realm" : { "title" : "Realm", "description" : "The realm in which the event occurred, used by all topics", "type" : "string" }, "server" : { "title" : "Server", "description" : "The server details for an access event", "type" : "object", "properties" : { "ip" : { "title" : "Server IP address", "description" : "The server ip address for an access event", "type" : "string" }, "port" : { "title" : "Server port", "description" : "The server port for an access event", "type" : "integer" } } }, "client" : { "title" : "Client", "description" : "The client details for an access event", "type" : "object", "properties" : { "ip" : { "title" : "Client IP address", "description" : "The client IP address for an access event", "type" : "string" }, "port" : { "title" : "Client port", "description" : "The client port for an access event", "type" : "integer" } } }, "request" : { "title" : "Request", "description" : "The request details for an access event", "type" : "object", "properties" : { "protocol" : { "title" : "Request protocol", "description" : "The request protocol for an access event", "type" : "string" }, "operation" : { "title" : "Request operation", "description" : "The request operation for an access event", "type" : "string" }, "detail" : { "title" : "Request detail", "description" : "The request detail for an access event", "type" : "object" } } }, "http" : { "title" : "Http details", "description" : "The Http details for an access event", "type" : "object", "properties" : { "request" : { "title" : "Http request", "description" : "The http request for an access event", "type" : "object", "properties" : { "secure" : { "title" : "Http secure", "description" : "The http secure property for an access event", "type" : "boolean" }, "method" : { "title" : "Http method", "description" : "The http method for an access event", "type" : "string" }, "path" : { "title" : "Http path", "description" : "The http path for an access event", "type" : "string" }, "queryParameters" : { "title" : "Http query parameters", "description" : "The http query parameters for an access event", "type" : "object", "additionalProperties" : { "type" : "array", "items" : { "type" : "string" } } }, "headers" : { "title" : "Http headers", "description" : "The http headers for an access event", "type" : "object", "additionalProperties" : { "type" : "array", "items" : { "type" : "string" } } }, "cookies" : { "title" : "Http cookies", "description" : "The http cookies for an access event", "type" : "object", "additionalProperties" : { "type" : "string" } } } }, "response" : { "title" : "Http response", "description" : "The http response for an access event", "type" : "object", "properties" : { "headers" : { "title" : "Http request headers", "description" : "The http request headers for an access event", "type" : "object", "additionalProperties" : { "type" : "array", "items" : { "type" : "string" } } } } } } }, "response" : { "title" : "Response", "description" : "The response details for an access event", "type" : "object", "properties" : { "status" : { "title" : "Response status", "description" : "The response status for an access event", "type" : "string" }, "statusCode" : { "title" : "Response status code", "description" : "The response status code for an access event", "type" : "string" }, "detail" : { "title" : "Response detail", "description" : "The response detail for an access event", "type" : "object" }, "elapsedTime" : { "title" : "Response elapsed time", "description" : "The response elapsedTime for an access event", "type" : "integer" }, "elapsedTimeUnits" : { "title" : "Response elapsed time units", "description" : "The response elapsed time units for an access event", "type" : "string" } } }, "runAs" : { "title" : "Run as", "description" : "What the change that triggered an activity or config event was run as", "type" : "string" }, "objectId" : { "title" : "Object ID", "description" : "The object ID of the change that triggered an activity or config event", "type" : "string" }, "operation" : { "title" : "Operation", "description" : "The operation that triggered an activity or config event", "type" : "string" }, "before" : { "title" : "Before state", "description" : "The state before an activity or config event occurred", "type" : "object" }, "after" : { "title" : "After state", "description" : "The state after an activity or config event occurred", "type" : "object" }, "changedFields" : { "title" : "Changed fields", "description" : "The changed fields after an activity or config event occurred", "type" : "array", "items" : { "id" : "1", "type" : "string" } }, "revision" : { "title" : "Revision", "description" : "The revision for an activity or config event", "type" : "string" }, "result" : { "title" : "Result", "description" : "The result of the authentication event", "type" : "string" }, "principal" : { "title" : "Principal", "description" : "The principal responsible for the authentication event", "type" : "array", "items" : { "type" : "string" } }, "context" : { "title" : "Context", "description" : "The context of an authentication event", "type" : "object", "properties" : { } }, "entries" : { "title" : "Entries", "description" : "The entries for an authentication event", "type" : "array", "items" : { "type" : "object", "properties" : { "moduleId" : { "title" : "Module ID", "description" : "The module ID for the authentication event", "type" : "string" }, "result" : { "title" : "Module result", "description" : "The result of the module authentication event", "type" : "string" }, "info" : { "title" : "Entries information", "description" : "The entries information for an authentication event", "type" : "object", "properties" : { } } } } } }, "required" : [ "transactionId", "timestamp" ] }
Global Operations
Audit events are logged through the global audit service.
Resource path:
/global-audit/{topic}
Resource version: 1.0
create
Create a new audit event, which will be handled and logged by the configured audit service.
Usage
am> create AuditEvent --global --topic topic --body body
Parameters
- --topic
-
Audit events are logged through the global audit service.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "$schema" : "http://json-schema.org/draft-04/schema#", "description" : "The schema contains properties that are common to all topics and some that are unique to a specific topic. The description of each property indicates which topic the property applies to.", "title" : "Audit event schema", "type" : "object", "properties" : { "_id" : { "title" : "ID", "description" : "The ID of the event, used by all topics", "type" : "string" }, "timestamp" : { "title" : "Timestamp", "description" : "The time at which the event occurred, used by all topics", "type" : "string" }, "eventName" : { "title" : "Event name", "description" : "The name of the event, used by all topics", "type" : "string" }, "transactionId" : { "title" : "Transaction ID", "description" : "The transaction ID of the event, used by all topics", "type" : "string" }, "userId" : { "title" : "User ID", "description" : "The ID of the user responsible for the event, used by all topics", "type" : "string" }, "trackingIds" : { "title" : "Tracking IDs", "description" : "The tracking IDs of the event, used by all topics", "type" : "array", "items" : { "id" : "0", "type" : "string" } }, "component" : { "title" : "Component", "description" : "The component responsible for the event, used by all topics", "type" : "string" }, "realm" : { "title" : "Realm", "description" : "The realm in which the event occurred, used by all topics", "type" : "string" }, "server" : { "title" : "Server", "description" : "The server details for an access event", "type" : "object", "properties" : { "ip" : { "title" : "Server IP address", "description" : "The server ip address for an access event", "type" : "string" }, "port" : { "title" : "Server port", "description" : "The server port for an access event", "type" : "integer" } } }, "client" : { "title" : "Client", "description" : "The client details for an access event", "type" : "object", "properties" : { "ip" : { "title" : "Client IP address", "description" : "The client IP address for an access event", "type" : "string" }, "port" : { "title" : "Client port", "description" : "The client port for an access event", "type" : "integer" } } }, "request" : { "title" : "Request", "description" : "The request details for an access event", "type" : "object", "properties" : { "protocol" : { "title" : "Request protocol", "description" : "The request protocol for an access event", "type" : "string" }, "operation" : { "title" : "Request operation", "description" : "The request operation for an access event", "type" : "string" }, "detail" : { "title" : "Request detail", "description" : "The request detail for an access event", "type" : "object" } } }, "http" : { "title" : "Http details", "description" : "The Http details for an access event", "type" : "object", "properties" : { "request" : { "title" : "Http request", "description" : "The http request for an access event", "type" : "object", "properties" : { "secure" : { "title" : "Http secure", "description" : "The http secure property for an access event", "type" : "boolean" }, "method" : { "title" : "Http method", "description" : "The http method for an access event", "type" : "string" }, "path" : { "title" : "Http path", "description" : "The http path for an access event", "type" : "string" }, "queryParameters" : { "title" : "Http query parameters", "description" : "The http query parameters for an access event", "type" : "object", "additionalProperties" : { "type" : "array", "items" : { "type" : "string" } } }, "headers" : { "title" : "Http headers", "description" : "The http headers for an access event", "type" : "object", "additionalProperties" : { "type" : "array", "items" : { "type" : "string" } } }, "cookies" : { "title" : "Http cookies", "description" : "The http cookies for an access event", "type" : "object", "additionalProperties" : { "type" : "string" } } } }, "response" : { "title" : "Http response", "description" : "The http response for an access event", "type" : "object", "properties" : { "headers" : { "title" : "Http request headers", "description" : "The http request headers for an access event", "type" : "object", "additionalProperties" : { "type" : "array", "items" : { "type" : "string" } } } } } } }, "response" : { "title" : "Response", "description" : "The response details for an access event", "type" : "object", "properties" : { "status" : { "title" : "Response status", "description" : "The response status for an access event", "type" : "string" }, "statusCode" : { "title" : "Response status code", "description" : "The response status code for an access event", "type" : "string" }, "detail" : { "title" : "Response detail", "description" : "The response detail for an access event", "type" : "object" }, "elapsedTime" : { "title" : "Response elapsed time", "description" : "The response elapsedTime for an access event", "type" : "integer" }, "elapsedTimeUnits" : { "title" : "Response elapsed time units", "description" : "The response elapsed time units for an access event", "type" : "string" } } }, "runAs" : { "title" : "Run as", "description" : "What the change that triggered an activity or config event was run as", "type" : "string" }, "objectId" : { "title" : "Object ID", "description" : "The object ID of the change that triggered an activity or config event", "type" : "string" }, "operation" : { "title" : "Operation", "description" : "The operation that triggered an activity or config event", "type" : "string" }, "before" : { "title" : "Before state", "description" : "The state before an activity or config event occurred", "type" : "object" }, "after" : { "title" : "After state", "description" : "The state after an activity or config event occurred", "type" : "object" }, "changedFields" : { "title" : "Changed fields", "description" : "The changed fields after an activity or config event occurred", "type" : "array", "items" : { "id" : "1", "type" : "string" } }, "revision" : { "title" : "Revision", "description" : "The revision for an activity or config event", "type" : "string" }, "result" : { "title" : "Result", "description" : "The result of the authentication event", "type" : "string" }, "principal" : { "title" : "Principal", "description" : "The principal responsible for the authentication event", "type" : "array", "items" : { "type" : "string" } }, "context" : { "title" : "Context", "description" : "The context of an authentication event", "type" : "object", "properties" : { } }, "entries" : { "title" : "Entries", "description" : "The entries for an authentication event", "type" : "array", "items" : { "type" : "object", "properties" : { "moduleId" : { "title" : "Module ID", "description" : "The module ID for the authentication event", "type" : "string" }, "result" : { "title" : "Module result", "description" : "The result of the module authentication event", "type" : "string" }, "info" : { "title" : "Entries information", "description" : "The entries information for an authentication event", "type" : "object", "properties" : { } } } } } }, "required" : [ "transactionId", "timestamp" ] }