Get Audit Logs - Security Cloud Control Firewall Manager API Documentation

{"type":"api","title":"Get Audit Logs","meta":{"id":"/apps/pubhub/media/cdo-api-documentation/ee9bdf946673e45c4f256a22e0a754e29a9b2098/9b0e4c9a-48cb-3530-a00a-1f32fbf2438c","info":{"title":"Cisco Security Cloud Control Firewall Manager API","version":"1.15.0","description":"Use the documentation to explore the endpoints Security Cloud Control Firewall Manager has to offer","contact":{"name":"Cisco Security Cloud Control TAC","email":"cdo.tac@cisco.com"}},"openapi":"3.0.1","servers":[{"url":"https://api.us.security.cisco.com/firewall","description":"US"},{"url":"https://api.eu.security.cisco.com/firewall","description":"EU"},{"url":"https://api.apj.security.cisco.com/firewall","description":"APJ"},{"url":"https://api.au.security.cisco.com/firewall","description":"AUS"},{"url":"https://api.in.security.cisco.com/firewall","description":"IN"},{"url":"https://api.int.security.cisco.com/firewall","description":"Staging"},{"url":"https://scale.manage.security.cisco.com/api/rest","description":"Scale"},{"url":"https://ci.manage.security.cisco.com/api/rest","description":"CI"},{"url":"https://manage.stg.secure.cisco/api/rest","description":"Stgf9"}],"securitySchemes":{"bearerAuth":{"bearerFormat":"JWT","scheme":"bearer","type":"http"}}},"spec":{"description":"Get a list of Audit Logs.","operationId":"getAuditLogs","parameters":[{"description":"Number of results to retrieve.","in":"query","name":"limit","required":false,"schema":{"maximum":200,"minimum":0,"type":"string"}},{"description":"Offset of the results retrieved. The Security Cloud Control APIs use the offset field to determine the index of the first result retrieved, and will retrieve `limit` results from the offset specified.","in":"query","name":"offset","required":false,"schema":{"minimum":0,"type":"string"}},{"description":"The searchText parameter serves as a flexible search option that allows for text-based filtering across the username fields of the Audit Log object. This parameter can be used independently to search for entries containing the specified text, or in combination with the q query parameter for more targeted results. When used with q, the search conditions of searchText are logically ANDed with the q parameter's criteria, ensuring that the returned entries satisfy both sets of conditions.","in":"query","name":"searchText","required":false,"schema":{"type":"string"}},{"description":"The time range for which to retrieve Audit Logs. This parameter cannot be used in conjunction with a query on the eventTime field.","in":"query","name":"timeRange","required":false,"schema":{"enum":["5m","15m","30m","1h"],"type":"string"}},{"description":"The query to execute. Use the Lucene Query Syntax to construct your query.","example":"fieldName:fieldValue","in":"query","name":"q","required":false,"schema":{"type":"string"}},{"description":"The fields to sort results by.","example":"name:DESC","in":"query","name":"sort","required":false,"schema":{"items":{"type":"string"},"type":"array"}}],"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"count":{"description":"The total number of results available.","example":100,"format":"int32","type":"integer"},"items":{"description":"The list of items retrieved.","items":{"properties":{"eventDescription":{"description":"The description of the Audit Log event.","example":"test@cisco.com logged in","type":"string"},"eventTime":{"description":"The time (UTC; represented using the RFC-3339 standard) at which the Audit Log event was created.","example":"2024-06-26T20:44:06Z","format":"date-time","type":"string"},"eventType":{"description":"The type of the Audit Log event.","enum":["USER_LOGGED_IN","USER_ADDED_TO_TENANT","USER_REMOVED_FROM_TENANT","USER_ROLE_CHANGED","AD_GROUP_ADDED","AD_GROUP_DELETED","AD_GROUP_ROLE_CHANGED","USER_LOGIN_DATA"],"example":"USER_LOGGED_IN","type":"string"},"roles":{"description":"The roles of the user who did the Audit log operation","example":"[ROLE_READ_ONLY, ROLE_DEPLOY_ONLY]","items":{"type":"string"},"type":"array","uniqueItems":true},"uid":{"description":"The unique identifier, represented as a UUID, of the Audit Log.","example":"7131daad-e813-4b8f-8f42-be1e241e8cdb","format":"uuid","type":"string"},"username":{"description":"The name/email of the of user the Audit Log refers to.","example":"test@cisco.com","type":"string"}},"required":["uid"],"type":"object","$$ref":"#/components/schemas/AuditLog"},"type":"array"},"limit":{"description":"The number of results retrieved.","example":50,"format":"int32","type":"integer"},"offset":{"description":"The offset of the results retrieved. The Security Cloud Control API uses the offset field to determine the index of the first result retrieved, and will retrieve `limit` results from the offset specified.","example":0,"format":"int32","type":"integer"}},"type":"object","$$ref":"#/components/schemas/AuditLogPage"}}},"description":"List of Audit Logs objects"},"400":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, about the error.","example":{},"type":"object"},"description":"Additional details, if any, about the error.","example":{},"type":"object"},"errorCode":{"description":"Unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"Human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"Invalid input provided. Check the response for details.","$$ref":"#/components/responses/http400BadRequest"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"A human-readable error description in English.","example":"invalid_token","type":"string"},"errorDescription":{"description":"A human-readable error description in English.","example":"Your token is invalid","type":"string"}},"$$ref":"#/components/schemas/AuthenticationError"}}},"description":"Request not authorized.","$$ref":"#/components/responses/http401Unauthorised"},"403":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, about the error.","example":{},"type":"object"},"description":"Additional details, if any, about the error.","example":{},"type":"object"},"errorCode":{"description":"Unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"Human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"User does not have sufficient privileges to perform this operation.","$$ref":"#/components/responses/http403Forbidden"},"405":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, about the error.","example":{},"type":"object"},"description":"Additional details, if any, about the error.","example":{},"type":"object"},"errorCode":{"description":"Unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"Human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"Method not allowed.","$$ref":"#/components/responses/http405MethodNotAllowed"},"500":{"content":{"application/json":{"schema":{"properties":{"details":{"additionalProperties":{"description":"Additional details, if any, about the error.","example":{},"type":"object"},"description":"Additional details, if any, about the error.","example":{},"type":"object"},"errorCode":{"description":"Unique code that describes the error.","enum":["INVALID_INPUT","UNAUTHORIZED","FORBIDDEN","NOT_FOUND","METHOD_NOT_ALLOWED","CONFLICT","TOO_MANY_REQUESTS","SERVER_ERROR","PROXY_ERROR","BAD_REQUEST","UNPROCESSABLE_ENTITY"],"example":"INVALID_INPUT","type":"string"},"errorMsg":{"description":"Human-readable error description in English.","example":"sample error","type":"string"}},"$$ref":"#/components/schemas/CommonApiError"}}},"description":"Internal server error."}},"security":[{"bearerAuth":[]}],"summary":"Get Audit Logs","tags":["Audit Logs"],"__originalOperationId":"getAuditLogs","method":"get","path":"/v1/auditlogs"}}