Versions Compared

Old Version 3

changes.mady.by.user Todd Barczak

Saved on

compared with

New Version 4

changes.mady.by.user Todd Barczak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Opsera provides audit logging for key operations in the platform. These logs can be accessed via the Opsera API.

Table of Contents

...

Audit Scope

The following actions are logged:

ScopeEvents

Event / Action

ID (type)

User Authentication

All login events for a given user.

authentication

Pipeline Actions

  • Start

  • Stop

  • Reset

  • Resume

  • Approve

  • Edit/Change Pipeline Steps

  • Edit/Change Pipeline Settings

  • Create New Pipeline from template

  • Delete Pipeline

  • Duplicate Pipeline

  • Publish Pipeline to Catalog

pipeline

Access Token Usage

All uses of a given token are logged

n/a

...

The following API’s are available for consuming the audit logs. All Opsera API’s require a valid Access Token.

API Server:

https://app.opsera.io

URL

METHOD

DESCRIPTION

DATA

RESPONSE

/api/v1/logs/user/actions

GET

Gets the User Activity Logs for the system. This is a route limited to Site Admins and Power users and requires a token of either API scope or Security Logs scope.

If no date parameter is passed, the last 7 days of logs will be returned (up to a max of 1000 records)

Optional Query Parameters:

?date=YYYY-MM-DD

?type=<value from type field>

Code Block
{
    "count": 6,
    "data": [
        {
            "_id": "61042540e1d666c9ded178c4",
            "user_id": "5e1cbf251c26d68f7ce6361e",
            "user_email": "support@opsera.io",
            "type": "pipeline",
            "action": "update",
            "target_id": "5fbe589a0fae8b021e137534",
            "account": "org-opsera-dnd-acc0",
            "createdAt": "2021-07-30T16:13:52.109Z",
            "updatedAt": "2021-07-30T16:13:52.109Z",
            "__v": 0
        },
  ]
}

/api/v1/logs/user/tokens

GET

Gets the Personal Access Tokens' Activity Logs. This is a route limited to Site Admins and Power users and requires a token of either API scope or Security Logs scope.

If no date parameter is passed, the last 7 days will be returned.(up to a max of 1000 records)

Optional Query Parameters:

?date=YYYY-MM-DD

?scope=<value from scope field>

Code Block
{
    "count": 6,
    "data": [
        {
            "_id": "61057f3a1429a35336563240",
            "token_id": "61043b2bbcb6d95b55adc5fd",
            "scope": "api",
            "target": "/v1/logs/user/tokens",
            "user_id": "5e1cbf251c26d68f7ce6361e",
            "account": "org-opsera-dnd-acc0",
            "createdAt": "2021-07-31T16:50:02.242Z",
            "updatedAt": "2021-07-31T16:50:02.242Z",
            "__v": 0
        },
  ]
}

Data Model

Two data models exist for the Audit Logs: Actions and Tokens. Details on what the fields mean are listed below:

...

Code Block
{
            "user_id": Opsera User ID,
            "user_email": Email Address associated with Opsera Account,
            "type": Maps to the area of Opsera the record is from (see above table),
            "action": Action being logged (see above table),
            "target_id": Opsera ID of object aciton is taken on, maps to type,
            "createdAt": Date action occured,
        }

...

Code Block
{
            "token_id": Opsera ID of token used,
            "scope": Scope of token,
            "target": Relative URL target of API call,
            "user_id": Opsera User ID,
            "createdAt": Date action occured,
        }