This page describes the audit
endpoint API. The audit API allows users to programmatically search for audit records in Immuta.
Additional fields may be included in some responses you receive; however, these attributes are for internal purposes and are therefore undocumented.
Workflow
Search for audit records
GET
/audit
Search for audit records.
Query parameters
Response parameters
Request example
The following request searches for all audit records.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://your-immuta-url.com/audit?size=2&sortField=dateTime&sortOrder=desc
Response example
{
"hits": [
{
"dateTime": "1632756753272",
"dataSourceName": null,
"projectName": null,
"recordType": "auditQuery",
"blobId": null,
"userId": "first.last@immuta.com",
"profileId": 2,
"purposeIds": null,
"success": true,
"failureReason": null,
"id": "480d9d3f-4128-445d-8eec-3cccb34f9935",
"fingerprintVersionName": null,
"email": "first.last@immuta.com"
},
{
"dateTime": "1632755783628",
"dataSourceName": null,
"projectName": null,
"recordType": "authenticate",
"blobId": null,
"userId": "first.last@immuta.com",
"profileId": 2,
"purposeIds": null,
"success": true,
"failureReason": null,
"id": "d143719b-6af9-4af3-aa99-8055be40e877",
"fingerprintVersionName": null,
"email": "first.last@immuta.com"
}
],
}
Retrieve a specific audit record
GET
/audit/{recordId}
Retrieve a specific audit record.
Query parameters
Response parameters
Request example
The following request retrieves a specific audit record.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://your-immuta-url.com/audit/480d9d3f-4128-445d-8eec-3cccb34f9935
Response Example
{
"id": "480d9d3f-4128-445d-8eec-3cccb34f9935",
"dateTime": "1632756753272",
"month": 1460,
"profileId": 2,
"userId": "first.last@immuta.com",
"dataSourceId": null,
"dataSourceName": null,
"projectId": null,
"projectName": null,
"purposeIds": null,
"policyId": null,
"policyName": null,
"fingerprintVersionId": null,
"fingerprintVersionName": null,
"count": 1,
"recordType": "auditQuery",
"success": true,
"failureReason": null,
"failureDetails": null,
"subscriptionState": null,
"accessedId": null,
"accessedIdType": null,
"accessedIamId": null,
"accessedUserId": null,
"groupAccessType": null,
"groupIamId": null,
"accessedGroupId": null,
"component": "audit",
"accessType": null,
"blobId": null,
"query": null,
"queryId": null,
"extra": {
"params": {
"size": 50,
"sortField": "dateTime",
"sortOrder": "desc",
"offset": 0
}
},
"dataSourceSchemaName": null,
"dataSourceTableName": null,
"featureKey": null,
"sqlUser": null,
"action": null,
"blobSize": null,
"hardDelete": null,
"keyAction": null,
"keyId": null,
"keyIamId": null,
"keyUserId": null,
"createdAt": "2021-09-27T15:32:33.274Z",
"updatedAt": "2021-09-27T15:32:33.274Z"
}
Query for activity by API key
GET
/audit/apikey/activity
Queries for the recent activity using the API key.
Query parameters
Response parameters
Request example
The following request queries for the recent activity using the API key.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://your-immuta-url.com/audit/apikey/activity?keyid=650&count=1
Response example
{
"id": "480d9d3f-4128-445d-8eec-3cccb34f9935",
"dateTime": "1632756753272",
"month": 1460,
"profileId": 2,
"userId": "first.last@immuta.com",
"dataSourceId": null,
"dataSourceName": null,
"projectId": null,
"projectName": null,
"purposeIds": null,
"policyId": null,
"policyName": null,
"fingerprintVersionId": null,
"fingerprintVersionName": null,
"count": 1,
"recordType": "auditQuery",
"success": true,
"failureReason": null,
"failureDetails": null,
"subscriptionState": null,
"accessedId": null,
"accessedIdType": null,
"accessedIamId": null,
"accessedUserId": null,
"groupAccessType": null,
"groupIamId": null,
"accessedGroupId": null,
"component": "audit",
"accessType": null,
"blobId": null,
"query": null,
"queryId": null,
"extra": {
"params": {
"size": 50,
"sortField": "dateTime",
"sortOrder": "desc",
"offset": 0
}
},
"dataSourceSchemaName": null,
"dataSourceTableName": null,
"featureKey": null,
"sqlUser": null,
"action": null,
"blobSize": null,
"hardDelete": null,
"keyAction": null,
"keyId": null,
"keyIamId": null,
"keyUserId": null,
"createdAt": "2021-09-27T15:32:33.274Z",
"updatedAt": "2021-09-27T15:32:33.274Z"
}
Search for query list by data source
GET
/audit/queries/dataSource/{dataSourceId}/mine
Returns the list of the current user's distinct queries for the specified data source.
Query parameters
Response parameters
Request example
The following request returns the list of the current user's distinct queries.
curl \
--request GET \
--header "Content-Type: application/json" \
--header "Authorization: Bearer dea464c07bd07300095caa8" \
https://your-immuta-url.com/audit/queries/dataSource/23/mine?size=10&sortField=lastrun&sortOrder=desc
Response example
{
"hits": [
{
"auditId": "ff264e8e-2ccc-468f-9129-bb0995c9cdf5",
"query": "select * from \"public\".\"foobar\"",
"lastrun": "1631627763345",
"timesrun": "5",
"name": "Name"
},
{
"auditId": "f722042f-f0f3-4c83-bd33-7672892d918f",
"query": "SELECT * FROM \"public\".\"foobar\" LIMIT 100",
"lastrun": "1631200121550",
"timesrun": "3",
"name": null
}
],
"count": 2
}
Last updated