REST API:auditLog Resource

From AgileApps Support Wiki

Access the Audit Log using the REST API.

Learn more: REST API Conventions and Considerations.

Dynamic Search for auditLog Records

Method
GET
URI
https://{yourDomain}/networking/rest/auditLog?{query_parameters}
Query Parameters
  • fieldList - A comma-separated list of field names to retrieve
  • The asterisk (*) wildcard specifies all fields
  • {fieldname} specifies an individual field (e.g. name)
(Use the REST API:field Resource to get a complete list of fields.)
  • For a Composite Object, specify {alias}.{fieldname} to select a related-record field, where the alias is defined in the Object Relationships.
  • For a Database View, specify {alias}.{fieldname}, where the object alias is defined in the Database View.
  • alias.* specifies all fields in the aliased object.
  • filter - Filtering criteria to filter the records
  • pageSize - Number of records to retrieve from the result set in order to make a "page".
  • page - Number of the logical page in a database result set. The first page is page "zero" (0).
Page zero is returned by default, so appending &pageSize=1 to your query returns a single record.
  • getTotalRecordCount returns the number of total records.
    Causes the following structure to be returned, where N is the total number of records:
<platform> 
   <status>
   <packageDeploy>
   ...
   </packageDeploy>
   </status>
   <message>
      <code>0</code>
      <description>Success</description>
   </message>

   <!-- added by the query param -->
   <totalRecordCount>N</totalRecordCount> 
</platform>
  • sortBy - Field name for primary sort
    Ex: &sortBy=name
  • sortOrder - Sort order of the primary field, either asc or desc (ascending or descending)
    Ex: &sortOrder=desc
  • sortBy2 - Field name for secondary sort
  • sortOrder2 - Sort order of the second field, either asc or desc (ascending or descending)
For more information, see: Specifying Query Parameters in REST APIs
Response
<platform>
    <auditLog>
        <id>1464</id>
        <object>NETWORK_088rc78cc8fa4e732</object>
        <object_key>NETWORK_088rc78cc8fa4e732</object_key>
        <type_code>52</type_code>
        <type>Custom Object Data</type>
        <operation_code>3</operation_code>
        <operation>Delete</operation>
        <description_key>
         User: System has deleted record: 918646212 from the Recycle Bin
        </description_key>
        <description>
         User: System has deleted record: 918646212 from the Recycle Bin
        </description>
        <old_name/>
        <new_name/>
        <int_col1/>
        <int_col2/>
        <int_col3/>
        <char_col1/>
        <char_col3/>
        <char_col4/>
        <date_created>2011-04-21T15:39:27.000Z</date_created>
        <created_id type="USER" ...>xyz123rty345</created_id>
    </auditLog>
    ...
    <message>
        <code>0</code>
        <description>Success</description>
    </message>
    <recordCount>1282</recordCount>
</platform>
See also: REST API:Error Codes

Get an auditLog Record

Method
GET
URI
https://{yourDomain}/networking/rest/auditLog
Response
<platform>
     <auditLog>
          <id>187</id>
          <object>62685da588af49e8943d99</object>
          <object_key>62685da588af49e8943d99</object_key>
          <type_code>118</type_code>
          <type>Record Locators</type>
          <operation_code>2</operation_code>
          <operation>Update</operation>
          <description_key/>
          <description/>
          <old_name/>
          <new_name/>
          <int_col1/>
          <int_col2/>
          <int_col3/>
          <char_col1/>
          <char_col3/>
          <char_col4/>
          <date_created>2011-04-21T15:46:47.000Z</date_created>
          <created_id type="USER"...>xyz123rty345</created_id>
     </auditLog>
     ...

    <message>
        <code>0</code>
        <description>Success</description>
    </message>
    <recordCount>N</recordCount>      <!-- Number of __ records returned -->
</platform>
See also: REST API:Error Codes

Fields

Highlighted and asterisked fields* are used for network policy logs and the field audit log, and can have different meaning based on the context.

Note: Unless otherwise indicated, the attribute for a field is "Editable on Add or Update".
Field Attribute Description
record_id Read Only
  • Record Id for this Audit Log entry
  • This field acts as primary key for this table
  • A new unique id is generated for every record inserted in this table
reference_id
  • Record Id of the record being logged
  • This can be used to fetch more details about the record
type Read Only Description of the Log Code
type_code
  • Code indicating type of log activity, see Log Codes for more information
  • User can optionally search the type by type_code
operation Read Only Description of the Operation Code
operation_code
  • Code indicating type of operation, see Operation Codes for more information
  • User can optionally search the operation by operation_code
description Read Only Description of the action
description_key Token for the description, which is used in search actions
object_key Token for the object, which is used in search actions
old_name Previous field name, for example:
name in System Objects
or
field_name in Objects
new_name New field name, for example:
name in System Objects
or
field_name in Objects
date_created Read Only Date the activity is logged
owner_id Read Only Record owner identifier
date_col1* Read Only Start date of policy
date_col2* Read Only End date policy
int_col1* Read Only Status code for policy execution
int_col3* Read Only Access violations entry in Audit Log, contains the -1 value
char_col1* Read Only Field Id
object* Read Only Generic fields used to log specific information, Object Type Identifier in most cases
  • Status for policy execution
  • Note: This is not a searchable field, use object_key instead to search by object
char_col3* Read Only User Id
char_col4* Read Only Name of the record which is being accessed or a Search String in a Search action

Audit Log for Scheduled Activities

Field Description
reference_id policy_id
description detailed description
date_col1 start date of activity
date_col2 end date of activity
char_col1 status message
object object_id (Object Type Identifier)
char_col3 user_id
int_col1 status code
1 - started
2 - completed
3 - completed with errors
4 - unable to schedule

Field Audit Log

Field Description
reference_id stores record_id (Record Id)
description Field status messages
type 61, see Log Codes
operation Log Type: 1, 2, 3
char_col1 field_id(s)
object object_id (Object Type Identifier)
old_name Previous field name, for example:
name in System Objects
or
field_name in Objects
new_name New field name, for example:
name in System Objects
or
field_name in Objects
ownerid Record owner identifier
Access Violation
int_col3: To identify the access violations entry in Audit Log, this field contains the -1 value
Picklist Items
char_col1:Id of the Picklist for which the Picklist Item is being maintained
Application Role Workspace Preferences
char_col1:Role Id for specific tab application role tab preference is of type 64
Tab Access
object_singular_name:Object Id (Object Type Identifier)
Record Access
reference_id:Record Id (Record Id) of the record being accessed
object:Object Id (Object Type Identifier) of the record
char_col4 - Name of the record being accessed
Search
object_singular_name:Object Id (Object Type Identifier) of the searched object
char_col4:Search string

Governance Log

When global Service Configuration code-execution limits ("Develop Configuration") or tenant-specific limits ("Java Code Governors") are exceeded, an audit log entry is generated.

Field Description
user_name Login User Name of user who caused the limit to be exceeded
user_id User's ID
type Governance Threshold Violation
type_code 137, see Log Codes
operation
  • Data Policy - Invoke Method
  • Controller
  • Page
  • Job Scheduler
  • REST - Class Execution
operation_code
  • 1 - Data Policy - Invoke Method
  • 2 - Controller
  • 3 - Page
  • 4 - Job Scheduler
  • 5 - REST - Class Execution
description Name of the Class or Page and a Threshold Violation Message
reference_id
  • Record Id for "Data Policy - Invoke Method"
  • Class name or Page name for other Threshold violations


Example - Search Contacts

Search the Contacts object for the search string "Test". The following entry is logged (NETWORK_LOG).

reference_id type operation description object_singular_name char_col4
-1 66 1 Search Contacts for "Test" Contacts Test

Example - Search All

Search all objects for the search string "Test". The following entry is logged (NETWORK_LOG).

reference_id type operation description object_singular_name char_col4
-1 66 1 Search all objects for "Test" TEST

Log Codes

type_code type User documentation related to this platform element
1 Account Accounts
2 Contact Contacts
3 - 6 reserved
7 Ownership Record Owners
8 - 9 reserved
10 Report Reports
11 - 12 reserved
14 Billing Plan
16 reserved
19 Roles Roles
20 Team Teams
21 Link User to Team and Role Manage Users
22 User Users
24 Team Ownership Operation Teams
25 Login/Logout Login/Logout
26 Custom Field Fields
27 - 28 reserved
29 Merge Case Merge
30 Policy Management Team Data Sharing Policies
31 - 35 reserved
36 Import Data Import Data
40 Picklist Dependencies Dependent Picklist
48 Custom Forms Forms
49 Custom Objects Custom Object
50 Custom Layouts Forms
51 Password Policy Password Policy
52 Custom Object Data Objects
53 reserved
54 Team Resource Sharing Policies
55 Mass Data Operation Mass Operations
56 View/Report Views/Reports
57 - 58 reserved
59 Service Provider Settings Service Provider Settings
60 Scheduled Policies
61 Field Audit Trail Field Audit Log
62 Global Picklists Global Picklists
63 Picklist Items
64 Application Role Workspace Preferences Tab Preferences for objects in applications
65 Application Role View Preferences View Preferences for objects in applications
66 Search Search
67 View View
68 Access Violation Access violations are logged when Enhanced Security Audit is enabled
69 Tab
70 - 71 reserved
72 Web Tab Web Tabs
73 reserved
74 Custom Action Custom Form Actions
75-79 reserved
80 Document Template Document Templates
81 reserved
82 reserved
83 Tab Preference Tab Preferences
84-85 reserved
86 Layout Section Section
87 Related Information Related Information
88 Related Information Button
89 reserved
90 Recycle Bin Recycle Bin
91-93 reserved
94 Application Application Concepts
95 Page Pages
97 Class Classes
98 Static Resource Static Resources
99 Debug Log Debug Log
100 Global Broadcast Global Broadcast Message
101 View Management Views and Reports
102 Export Data Export Data
103 reserved
104 Company Information Company Information
105 Web Form Web Forms
106 Package Packages
107 Audit Log Audit Log
109-110 reserved
111 reserved
112 Report Folder
113 Data Validation Data Validation
114 Layout Rule Layout Rules
115 Database View Database View
116 Package Item Package Items
117 Indexes Indexes
118 Record Locator Record Locator
120 Notes Notes
121 Attachments Attachments
122 Media
123 Folder Templates
124 Scratch Pad
137 Governance Threshold Violation Develop Configuration, Java Code Governors

Operation Codes

The following operation codes can be returned, and apply to all Log Code Types

operation_code operation
0 View
1 Add
2 Update
3 Delete
1001 View Access Violation
1002 Add Access Violation
1003 Update Access Violation
1004 Delete Access Violation