Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

Opsera provides audit logging for key operations in the platform. These logs can be accessed via the Opsera API.

Audit Scope

The following actions are logged:

Scope

Event / Action

ID (type)

User Authentication

A new login event for a given user.

authentication

Pipeline Actions

  • Start

  • Stop

  • Reset

  • Resume

  • Approve

  • Edit/Change Pipeline Steps

  • Edit/Change Pipeline Settings

  • Create New Pipeline from template

  • Delete Pipeline

  • Duplicate Pipeline

  • Publish Pipeline to Catalog

  • Webhook-Start

pipeline

Access Token Usage

All uses of a given token are logged

n/a

Tool Registry

  • Create Tool

  • Edit/Change Tool Attributes or Connection Settings

  • Delete

registry

Audit Logs API

The following API’s are available for consuming the audit logs. All Opsera API’s require a valid Access Token with either API Access OR Security Logs (Read Only)scope.

API Server: https://app.opsera.io

URL

METHOD

DESCRIPTION

Scope

DATA

RESPONSE

/api/v1/logs/user/actions

GET

Gets the User Activity Logs for the system. This is a route limited to Site Admins and Power users and requires a token of either API scope or Security Logs scope.

If no date parameter is passed, the last 7 days of logs will be returned (up to a max of 1000 records)

API Access

Security Logs (Read Only)

Optional Query Parameters:

?date=YYYY-MM-DD

?type=<value from type field>

?count=<integer, number of records>

{
    "count": 6,
    "data": [
        {
            "_id": "61042540e1d666c9ded178c4",
            "user_id": "5e1cbf251c26d68f7ce6361e",
            "user_email": "support@opsera.io",
            "type": "pipeline",
            "action": "update",
            "target_id": "5fbe589a0fae8b021e137534",
            "account": "org-opsera-dnd-acc0",
            "createdAt": "2021-07-30T16:13:52.109Z",
            "updatedAt": "2021-07-30T16:13:52.109Z",
            "__v": 0
        },
  ]
}

/api/v1/logs/user/tokens

GET

Gets the Personal Access Tokens' Activity Logs. This is a route limited to Site Admins and Power users and requires a token of either API scope or Security Logs scope.

If no date parameter is passed, the last 7 days will be returned.(up to a max of 1000 records)

API Access

Security Logs (Read Only)

Optional Query Parameters:

?date=YYYY-MM-DD

?scope=<value from scope field>

{
    "count": 6,
    "data": [
        {
            "_id": "61057f3a1429a35336563240",
            "token_id": "61043b2bbcb6d95b55adc5fd",
            "scope": "api",
            "target": "/v1/logs/user/tokens",
            "user_id": "5e1cbf251c26d68f7ce6361e",
            "account": "org-opsera-dnd-acc0",
            "createdAt": "2021-07-31T16:50:02.242Z",
            "updatedAt": "2021-07-31T16:50:02.242Z",
            "__v": 0
        },
  ]
}

Data Model

Two data models exist for the Audit Logs: Actions and Tokens. Details on what the fields mean are listed below:

{
            "user_id": Opsera User ID,
            "user_email": Email Address associated with Opsera Account,
            "type": Maps to the area of Opsera the record is from (see above table),
            "action": Action being logged (see above table),
            "target_id": Opsera ID of object aciton is taken on, maps to type,
            "createdAt": Date action occured,
        }
{
            "token_id": Opsera ID of token used,
            "scope": Scope of token,
            "target": Relative URL target of API call,
            "user_id": Opsera User ID,
            "createdAt": Date action occured,
        }

  • No labels