The audit trail service provides an API to programmatically query and retrieve various audit logs. The endpoint to get this information is:
<DOMINO-HOST>/api/audittrail/v1/auditevents
The API supports a list of parameters that can be used to filter for audit events:
-
startTimestamp: Unix timestamp in milliseconds.
-
endTimestamp: Unix timestamp in milliseconds.
-
actorId: Login ID of the user who performed the action.
-
actorName: Login name of the user who performed the action.
-
event: Name of the action that occurred.
-
targetType: The type of the object that receives the action.
-
targetId: The ID of the object that receives the action.
-
targetName: The name of the object that receives the action.
-
withinProjectId: ID of the project where the action took place.
-
withinProjectName: Name of the project where the action took place.
-
sort: A comma-separated list of fields to sort the data.
-
limit: Maximum number of events to retrieve.
-
Offset: Number of matching events to not include for pagination.
You can export audit trail data through the API. The export requires several parameters, including a required hostname and authentication details like JWT tokens or API keys.
The data is JSON but can be parsed and stored in a CSV file containing all events that match the query.
Sample export script
Domino provides a sample script that runs on Python 3. You can use the script to customize for your own use to export data into CSV format. The script requires a hostname and one way to authenticate: either a JWT or an API key.
There are a few things to be aware of before you get started:
-
The
--hostname
and an authentication method (either--jwt
or--api-key
) must be provided, or the export script will fail. -
Optional parameters can be combined to customize the behavior and context of the export action.
-
Events are exported in time-descending order.
-
The date and time of events are displayed in UTC.
Note
|
The --hostname and an authentication method (either --jwt or --api-key ) must be provided, or the export script will fail.
|
Argument | Required | Description |
---|---|---|
| Yes* | The hostname to connect to. |
| Yes* | The JWT token for authentication. |
| Yes* | The Domino API key for authentication. |
| No | The event name. |
| No | The name of the user performing the export action. |
| No | The object that received the action. |
| No | The name of the project. |
| No | Timestamp for the beginning of a date range for data.
Format: |
| No | Timestamp for the end of a date range for data.
Format: |
There are a few common scripts that you can edit for use in your environment.
-
Create filters and view audit events with a dashboard for flexible search options, quick insights, and detailed historical analysis.
-
The Audit Trail Data Glossary has a complete list of events being tracked. You can use these in the event filter to search for events.
-
Application logs capture application-level logging including user execution from Jobs, Workspaces, and front-end logs.