About Domino
Domino Data LabKnowledge BaseData Science BlogTraining

Using the Audit Trail API

The audit trail service provides an API to programmatically query and retrieve various audit logs. The endpoint to get this information is:

<DOMINO-HOST>/api/audittrail/v1/auditevents

API Parameters

The API supports a list of parameters that can be used to filter for audit events:

  • startTimestamp: Unix timestamp in milliseconds.

  • endTimestamp: Unix timestamp in milliseconds.

  • actorId: Login ID of the user who performed the action.

  • actorName: Login name of the user who performed the action.

  • event: Name of the action that occurred.

  • targetType: The type of the object that receives the action.

  • targetId: The ID of the object that receives the action.

  • targetName: The name of the object that receives the action.

  • withinProjectId: ID of the project where the action took place.

  • withinProjectName: Name of the project where the action took place.

  • sort: A comma-separated list of fields to sort the data.

  • limit: Maximum number of events to retrieve.

  • Offset: Number of matching events to not include for pagination.

Export the audit trail data

You can export audit trail data through the API. The export requires several parameters, including a required hostname and authentication details like JWT tokens or API keys.

The data is JSON but can be parsed and stored in a CSV file containing all events that match the query.

Sample export script

Domino provides a sample script that runs on Python 3. You can use the script to customize for your own use to export data into CSV format. The script requires a hostname and one way to authenticate: either a JWT or an API key.

There are a few things to be aware of before you get started:

  • The --hostname and an authentication method (either --jwt or --api-key) must be provided, or the export script will fail.

  • Optional parameters can be combined to customize the behavior and context of the export action.

  • Events are exported in time-descending order.

  • The date and time of events are displayed in UTC.

Arguments

Note
 The --hostname and an authentication method (either --jwt or --api-key) must be provided, or the export script will fail.
ArgumentRequiredDescription

--hostname

Yes*

The hostname to connect to.

--jwt

Yes*

The JWT token for authentication.

--api-key

Yes*

The Domino API key for authentication.

--event

No

The event name.

--user_name

No

The name of the user performing the export action.

--target_name

No

The object that received the action.

--project_name

No

The name of the project.

--start_date

No

Timestamp for the beginning of a date range for data. Format: YYYY-MM-DD HH:MM:SS

--end_date

No

Timestamp for the end of a date range for data. Format: YYYY-MM-DD HH:MM:SS

Script templates

There are a few common scripts that you can edit for use in your environment.

Use JWT for authentication

python3 export_audit_trail.py --hostname https://domino_instance.com --jwt my-jwt-token

Use API key for authentication and specify an event

python3 export_audit_trail.py --hostname https://domino_instance.com --api-key my-api-key --event "Create Dataset"

Provide parameters to filter export data

python3 export_audit_trail.py --hostname https://domino_instance.com --jwt my-jwt-token --user_name "Alice" --event "Create Dataset"

Use start- and end- timestamps

python3 export_audit_trail.py --hostname https://domino_instance.com --jwt my-jwt-token --start_date "2024-10-18 14:10:04" --end_date "2024-10-22 09:04:33"

Export all available data through an env file

DOMINO_HOSTNAME=<A-DOMINO-INSTANCE>
JWT=<A-JWT>

Next steps

  • Create filters and view audit events with a dashboard for flexible search options, quick insights, and detailed historical analysis.

  • The Audit Trail Data Glossary has a complete list of events being tracked. You can use these in the event filter to search for events.

  • Application logs capture application-level logging including user execution from Jobs, Workspaces, and front-end logs.