AuditEvent

Realm Operations

Audit events are logged through a realm audit service.

Resource path:

/realm-audit/{topic}

Resource version: 1.0

create

Create a new audit event, which will be handled and logged by the configured audit service.

Usage

am> create AuditEvent --realm Realm --topic topic --body body

Parameters

--topic

Audit events are logged through a realm audit service.

--body

The resource in JSON format, described by the following JSON schema:

{
  "$schema" : "http://json-schema.org/draft-04/schema#",
  "description" : "The schema contains properties that are common to all topics and some that are unique to a specific topic. The description of each property indicates which topic the property applies to.",
  "title" : "Audit event schema",
  "type" : "object",
  "properties" : {
    "_id" : {
      "title" : "ID",
      "description" : "The ID of the event, used by all topics",
      "type" : "string"
    },
    "timestamp" : {
      "title" : "Timestamp",
      "description" : "The time at which the event occurred, used by all topics",
      "type" : "string"
    },
    "eventName" : {
      "title" : "Event name",
      "description" : "The name of the event, used by all topics",
      "type" : "string"
    },
    "transactionId" : {
      "title" : "Transaction ID",
      "description" : "The transaction ID of the event, used by all topics",
      "type" : "string"
    },
    "userId" : {
      "title" : "User ID",
      "description" : "The ID of the user responsible for the event, used by all topics",
      "type" : "string"
    },
    "trackingIds" : {
      "title" : "Tracking IDs",
      "description" : "The tracking IDs of the event, used by all topics",
      "type" : "array",
      "items" : {
        "id" : "0",
        "type" : "string"
      }
    },
    "component" : {
      "title" : "Component",
      "description" : "The component responsible for the event, used by all topics",
      "type" : "string"
    },
    "realm" : {
      "title" : "Realm",
      "description" : "The realm in which the event occurred, used by all topics",
      "type" : "string"
    },
    "server" : {
      "title" : "Server",
      "description" : "The server details for an access event",
      "type" : "object",
      "properties" : {
        "ip" : {
          "title" : "Server IP address",
          "description" : "The server ip address for an access event",
          "type" : "string"
        },
        "port" : {
          "title" : "Server port",
          "description" : "The server port for an access event",
          "type" : "integer"
        }
      }
    },
    "client" : {
      "title" : "Client",
      "description" : "The client details for an access event",
      "type" : "object",
      "properties" : {
        "ip" : {
          "title" : "Client IP address",
          "description" : "The client IP address for an access event",
          "type" : "string"
        },
        "port" : {
          "title" : "Client port",
          "description" : "The client port for an access event",
          "type" : "integer"
        }
      }
    },
    "request" : {
      "title" : "Request",
      "description" : "The request details for an access event",
      "type" : "object",
      "properties" : {
        "protocol" : {
          "title" : "Request protocol",
          "description" : "The request protocol for an access event",
          "type" : "string"
        },
        "operation" : {
          "title" : "Request operation",
          "description" : "The request operation for an access event",
          "type" : "string"
        },
        "detail" : {
          "title" : "Request detail",
          "description" : "The request detail for an access event",
          "type" : "object"
        }
      }
    },
    "http" : {
      "title" : "Http details",
      "description" : "The Http details for an access event",
      "type" : "object",
      "properties" : {
        "request" : {
          "title" : "Http request",
          "description" : "The http request for an access event",
          "type" : "object",
          "properties" : {
            "secure" : {
              "title" : "Http secure",
              "description" : "The http secure property for an access event",
              "type" : "boolean"
            },
            "method" : {
              "title" : "Http method",
              "description" : "The http method for an access event",
              "type" : "string"
            },
            "path" : {
              "title" : "Http path",
              "description" : "The http path for an access event",
              "type" : "string"
            },
            "queryParameters" : {
              "title" : "Http query parameters",
              "description" : "The http query parameters for an access event",
              "type" : "object",
              "additionalProperties" : {
                "type" : "array",
                "items" : {
                  "type" : "string"
                }
              }
            },
            "headers" : {
              "title" : "Http headers",
              "description" : "The http headers for an access event",
              "type" : "object",
              "additionalProperties" : {
                "type" : "array",
                "items" : {
                  "type" : "string"
                }
              }
            },
            "cookies" : {
              "title" : "Http cookies",
              "description" : "The http cookies for an access event",
              "type" : "object",
              "additionalProperties" : {
                "type" : "string"
              }
            }
          }
        },
        "response" : {
          "title" : "Http response",
          "description" : "The http response for an access event",
          "type" : "object",
          "properties" : {
            "headers" : {
              "title" : "Http request headers",
              "description" : "The http request headers for an access event",
              "type" : "object",
              "additionalProperties" : {
                "type" : "array",
                "items" : {
                  "type" : "string"
                }
              }
            }
          }
        }
      }
    },
    "response" : {
      "title" : "Response",
      "description" : "The response details for an access event",
      "type" : "object",
      "properties" : {
        "status" : {
          "title" : "Response status",
          "description" : "The response status for an access event",
          "type" : "string"
        },
        "statusCode" : {
          "title" : "Response status code",
          "description" : "The response status code for an access event",
          "type" : "string"
        },
        "detail" : {
          "title" : "Response detail",
          "description" : "The response detail for an access event",
          "type" : "object"
        },
        "elapsedTime" : {
          "title" : "Response elapsed time",
          "description" : "The response elapsedTime for an access event",
          "type" : "integer"
        },
        "elapsedTimeUnits" : {
          "title" : "Response elapsed time units",
          "description" : "The response elapsed time units for an access event",
          "type" : "string"
        }
      }
    },
    "runAs" : {
      "title" : "Run as",
      "description" : "What the change that triggered an activity or config event was run as",
      "type" : "string"
    },
    "objectId" : {
      "title" : "Object ID",
      "description" : "The object ID of the change that triggered an activity or config event",
      "type" : "string"
    },
    "operation" : {
      "title" : "Operation",
      "description" : "The operation that triggered an activity or config event",
      "type" : "string"
    },
    "before" : {
      "title" : "Before state",
      "description" : "The state before an activity or config event occurred",
      "type" : "object"
    },
    "after" : {
      "title" : "After state",
      "description" : "The state after an activity or config event occurred",
      "type" : "object"
    },
    "changedFields" : {
      "title" : "Changed fields",
      "description" : "The changed fields after an activity or config event occurred",
      "type" : "array",
      "items" : {
        "id" : "1",
        "type" : "string"
      }
    },
    "revision" : {
      "title" : "Revision",
      "description" : "The revision for an activity or config event",
      "type" : "string"
    },
    "result" : {
      "title" : "Result",
      "description" : "The result of the authentication event",
      "type" : "string"
    },
    "principal" : {
      "title" : "Principal",
      "description" : "The principal responsible for the authentication event",
      "type" : "array",
      "items" : {
        "type" : "string"
      }
    },
    "context" : {
      "title" : "Context",
      "description" : "The context of an authentication event",
      "type" : "object",
      "properties" : { }
    },
    "entries" : {
      "title" : "Entries",
      "description" : "The entries for an authentication event",
      "type" : "array",
      "items" : {
        "type" : "object",
        "properties" : {
          "moduleId" : {
            "title" : "Module ID",
            "description" : "The module ID for the authentication event",
            "type" : "string"
          },
          "result" : {
            "title" : "Module result",
            "description" : "The result of the module authentication event",
            "type" : "string"
          },
          "info" : {
            "title" : "Entries information",
            "description" : "The entries information for an authentication event",
            "type" : "object",
            "properties" : { }
          }
        }
      }
    }
  },
  "required" : [ "transactionId", "timestamp" ]
}

Global Operations

Audit events are logged through the global audit service.

Resource path:

/global-audit/{topic}

Resource version: 1.0

create

Create a new audit event, which will be handled and logged by the configured audit service.

Usage

am> create AuditEvent --global --topic topic --body body

Parameters

--topic

Audit events are logged through the global audit service.

--body

The resource in JSON format, described by the following JSON schema:

{
  "$schema" : "http://json-schema.org/draft-04/schema#",
  "description" : "The schema contains properties that are common to all topics and some that are unique to a specific topic. The description of each property indicates which topic the property applies to.",
  "title" : "Audit event schema",
  "type" : "object",
  "properties" : {
    "_id" : {
      "title" : "ID",
      "description" : "The ID of the event, used by all topics",
      "type" : "string"
    },
    "timestamp" : {
      "title" : "Timestamp",
      "description" : "The time at which the event occurred, used by all topics",
      "type" : "string"
    },
    "eventName" : {
      "title" : "Event name",
      "description" : "The name of the event, used by all topics",
      "type" : "string"
    },
    "transactionId" : {
      "title" : "Transaction ID",
      "description" : "The transaction ID of the event, used by all topics",
      "type" : "string"
    },
    "userId" : {
      "title" : "User ID",
      "description" : "The ID of the user responsible for the event, used by all topics",
      "type" : "string"
    },
    "trackingIds" : {
      "title" : "Tracking IDs",
      "description" : "The tracking IDs of the event, used by all topics",
      "type" : "array",
      "items" : {
        "id" : "0",
        "type" : "string"
      }
    },
    "component" : {
      "title" : "Component",
      "description" : "The component responsible for the event, used by all topics",
      "type" : "string"
    },
    "realm" : {
      "title" : "Realm",
      "description" : "The realm in which the event occurred, used by all topics",
      "type" : "string"
    },
    "server" : {
      "title" : "Server",
      "description" : "The server details for an access event",
      "type" : "object",
      "properties" : {
        "ip" : {
          "title" : "Server IP address",
          "description" : "The server ip address for an access event",
          "type" : "string"
        },
        "port" : {
          "title" : "Server port",
          "description" : "The server port for an access event",
          "type" : "integer"
        }
      }
    },
    "client" : {
      "title" : "Client",
      "description" : "The client details for an access event",
      "type" : "object",
      "properties" : {
        "ip" : {
          "title" : "Client IP address",
          "description" : "The client IP address for an access event",
          "type" : "string"
        },
        "port" : {
          "title" : "Client port",
          "description" : "The client port for an access event",
          "type" : "integer"
        }
      }
    },
    "request" : {
      "title" : "Request",
      "description" : "The request details for an access event",
      "type" : "object",
      "properties" : {
        "protocol" : {
          "title" : "Request protocol",
          "description" : "The request protocol for an access event",
          "type" : "string"
        },
        "operation" : {
          "title" : "Request operation",
          "description" : "The request operation for an access event",
          "type" : "string"
        },
        "detail" : {
          "title" : "Request detail",
          "description" : "The request detail for an access event",
          "type" : "object"
        }
      }
    },
    "http" : {
      "title" : "Http details",
      "description" : "The Http details for an access event",
      "type" : "object",
      "properties" : {
        "request" : {
          "title" : "Http request",
          "description" : "The http request for an access event",
          "type" : "object",
          "properties" : {
            "secure" : {
              "title" : "Http secure",
              "description" : "The http secure property for an access event",
              "type" : "boolean"
            },
            "method" : {
              "title" : "Http method",
              "description" : "The http method for an access event",
              "type" : "string"
            },
            "path" : {
              "title" : "Http path",
              "description" : "The http path for an access event",
              "type" : "string"
            },
            "queryParameters" : {
              "title" : "Http query parameters",
              "description" : "The http query parameters for an access event",
              "type" : "object",
              "additionalProperties" : {
                "type" : "array",
                "items" : {
                  "type" : "string"
                }
              }
            },
            "headers" : {
              "title" : "Http headers",
              "description" : "The http headers for an access event",
              "type" : "object",
              "additionalProperties" : {
                "type" : "array",
                "items" : {
                  "type" : "string"
                }
              }
            },
            "cookies" : {
              "title" : "Http cookies",
              "description" : "The http cookies for an access event",
              "type" : "object",
              "additionalProperties" : {
                "type" : "string"
              }
            }
          }
        },
        "response" : {
          "title" : "Http response",
          "description" : "The http response for an access event",
          "type" : "object",
          "properties" : {
            "headers" : {
              "title" : "Http request headers",
              "description" : "The http request headers for an access event",
              "type" : "object",
              "additionalProperties" : {
                "type" : "array",
                "items" : {
                  "type" : "string"
                }
              }
            }
          }
        }
      }
    },
    "response" : {
      "title" : "Response",
      "description" : "The response details for an access event",
      "type" : "object",
      "properties" : {
        "status" : {
          "title" : "Response status",
          "description" : "The response status for an access event",
          "type" : "string"
        },
        "statusCode" : {
          "title" : "Response status code",
          "description" : "The response status code for an access event",
          "type" : "string"
        },
        "detail" : {
          "title" : "Response detail",
          "description" : "The response detail for an access event",
          "type" : "object"
        },
        "elapsedTime" : {
          "title" : "Response elapsed time",
          "description" : "The response elapsedTime for an access event",
          "type" : "integer"
        },
        "elapsedTimeUnits" : {
          "title" : "Response elapsed time units",
          "description" : "The response elapsed time units for an access event",
          "type" : "string"
        }
      }
    },
    "runAs" : {
      "title" : "Run as",
      "description" : "What the change that triggered an activity or config event was run as",
      "type" : "string"
    },
    "objectId" : {
      "title" : "Object ID",
      "description" : "The object ID of the change that triggered an activity or config event",
      "type" : "string"
    },
    "operation" : {
      "title" : "Operation",
      "description" : "The operation that triggered an activity or config event",
      "type" : "string"
    },
    "before" : {
      "title" : "Before state",
      "description" : "The state before an activity or config event occurred",
      "type" : "object"
    },
    "after" : {
      "title" : "After state",
      "description" : "The state after an activity or config event occurred",
      "type" : "object"
    },
    "changedFields" : {
      "title" : "Changed fields",
      "description" : "The changed fields after an activity or config event occurred",
      "type" : "array",
      "items" : {
        "id" : "1",
        "type" : "string"
      }
    },
    "revision" : {
      "title" : "Revision",
      "description" : "The revision for an activity or config event",
      "type" : "string"
    },
    "result" : {
      "title" : "Result",
      "description" : "The result of the authentication event",
      "type" : "string"
    },
    "principal" : {
      "title" : "Principal",
      "description" : "The principal responsible for the authentication event",
      "type" : "array",
      "items" : {
        "type" : "string"
      }
    },
    "context" : {
      "title" : "Context",
      "description" : "The context of an authentication event",
      "type" : "object",
      "properties" : { }
    },
    "entries" : {
      "title" : "Entries",
      "description" : "The entries for an authentication event",
      "type" : "array",
      "items" : {
        "type" : "object",
        "properties" : {
          "moduleId" : {
            "title" : "Module ID",
            "description" : "The module ID for the authentication event",
            "type" : "string"
          },
          "result" : {
            "title" : "Module result",
            "description" : "The result of the module authentication event",
            "type" : "string"
          },
          "info" : {
            "title" : "Entries information",
            "description" : "The entries information for an authentication event",
            "type" : "object",
            "properties" : { }
          }
        }
      }
    }
  },
  "required" : [ "transactionId", "timestamp" ]
}