# Audit Export GraphQL Reference Guide

{% hint style="info" %}
**Public preview**: This feature is available to all accounts.
{% endhint %}

Use these audit export configuration commands to manage exporting your audit logs to S3 and ADLS Gen2. To configure an audit export see the [Export to S3](https://documentation.immuta.com/saas/govern/detect-your-data/audit/how-to-guides/enable-uam) or [Export to ADLS](https://documentation.immuta.com/saas/govern/detect-your-data/audit/how-to-guides/export-adls) guides.

## Disable a configuration

To disable a configuration, use the `disableExportConfiguration` mutation:

{% tabs %}
{% tab title="Mutation" %}

```graphql
mutation {
  disableExportConfiguration(
    id: "<export configuration ID>"
  )
  {
    id
  }
}
```

{% endtab %}

{% tab title="Response" %}

```graphql
"data": {
  "disableExportConfiguration": {
    "id": "<export configuration ID>"
  }
}
```

{% endtab %}
{% endtabs %}

## Enable a configuration

To enable a disabled configuration, use the `enableExportConfiguration` mutation:

{% tabs %}
{% tab title="Mutation" %}

```graphql
mutation {
  enableExportConfiguration(
    id: "<export configuration ID>"
  )
  {
    id
  }
}
```

{% endtab %}

{% tab title="Response" %}

```graphql
"data": {
  "enableExportConfiguration": {
    "id": "<export configuration ID>"
  }
}
```

{% endtab %}
{% endtabs %}

### Delete a configuration

To delete a configuration, use the `deleteExportConfiguration` mutation:

{% tabs %}
{% tab title="Mutation" %}

```graphql
mutation {
  deleteExportConfiguration(
    id: "<export configuration ID>"
  )
  {
    id
  }
}
```

{% endtab %}

{% tab title="Response" %}

```graphql
"data": {
  "deleteExportConfiguration": {
    "id": "<export configuration ID>"
  }
}
```

{% endtab %}
{% endtabs %}

## Update a configuration

To update an existing configuration, use the mutation for your specific export configuration:

* [Export to S3 with access key](https://documentation.immuta.com/saas/govern/detect-your-data/how-to-guides/enable-uam#how-to-export-using-an-access-key): `updateS3AccessKeyExportConfiguration`
* [Export to S3 with assumed role](https://documentation.immuta.com/saas/govern/detect-your-data/how-to-guides/enable-uam#how-to-export-using-an-aws-iam-role): `updateS3AssumedRoleExportConfiguration`
* [Export to ADLS](https://documentation.immuta.com/saas/govern/detect-your-data/audit/how-to-guides/export-adls): `updateAdlsSasTokenExportConfiguration`

Update the configuration to make small changes, i.e., to rotate the token, rather than deleting the existing one and creating a new one.

{% tabs %}
{% tab title="Mutation" %}

```graphql
mutation {
    updateAdlsSasTokenExportConfiguration(
        data: {
            id: "<export configuration ID>"
            interval: EVERY_2_HOURS
            storageAccount: "your-adls-storage-account",
            fileSystem: "audit-output",
            path: "immuta-audit",
            sasToken: "your-sas-token"
        } 
     ) 
     {
       id
       interval
       enabled
       endpointConfiguration {
            __typename
            ... on AdlsSasTokenEndpointConfiguration {
                storageAccount
                path
                fileSystem
            }
        }
    }
}
```

{% endtab %}

{% tab title="Response" %}

```graphql
{
    "data": {
        "updateAdlsSasTokenExportConfiguration": {
            "id": "<export configuration ID>",
            "interval": "EVERY_12_HOURS",
            "enabled": true,
            "endpointConfiguration": {
                "storageAccount": "your-adls-storage-account",
                "fileSystem": "audit-output",
                "path": "immuta-audit"
            }
        }
    }
}
```

{% endtab %}
{% endtabs %}