Audit Log API
- 11 Jan 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
Audit Log API
- Updated on 11 Jan 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Netreo's API system must be enabled to use this API. See How to Enable Netreo API Access
Calls to this API are made using HTTP/HTTPS and are sent as key/value pairs in a POST request.
Security Considerations
Netreo recommends always using POST for API calls if possible. If security is a concern we recommend the use of HTTPS and POST requests.
Resource
The resource accessed by this API is the Netreo audit log, which records all events that occur in Netreo caused by any user.
This resource offers the following endpoints:
- Audit Log Entries
Resource URL
{your.netreo.ip.or.name}/fw/index.php?r=restfulEndpoints
Audit Log Entries
POST/audit-log/log-list
Retrieves the Netreo audit log for the time period supplied in a parameter.
Parameters
The parameters for this endpoint can be included as request body parameters in a POST request.
password
String/Required if authentication is enabled.
The API key set in Netreo’s API Administration. Case-sensitive.
pin
String/Required when using Netreo SaaS-based APIs. Not applicable to on-premise deployments.
The pin number supplied in Netreo’s API Administration.
timeperiod
String/Required
Specifies the volume of time contained within the retrieved log. Acceptable values: lasthr, 24hr, 7dy. All times are relative to the time of the call.
Request Examples
Retrieve audit log entries for the last hour using POST with API Authentication Enabled
curl -X POST "http://38.2.11.62/fw/index.php?r=restful/audit-log/log-list" -F timeperiod=lasthr -F password=test123
Response
A successful or unsuccessful call to this API will return an array of standard JSON objects for the time period specified.
Response Examples
Note: The output will be returned as standard JSON without indentation or line breaks. It is formatted here to make the example easier to read.
Log Retrieval Success
(Each entry from the audit log will be a JSON object in the returned array.)
[
{
"time":"2018-10-28 17:02:45",
"device":"Houston-R1.netreo.net",
"user":"Netreo",
"location":"Configuration Manager",
"message":"Unable to retrieve configuration."
},
{
"time":"2018-10-28 16:20:26",
"device":"WinSQL",
"user":"Netreo",
"location":"Automated Process",
"message":"Device Rediscovered, templates applied. Device Type (ww)"
},
{
"time":"2018-10-28 16:20:25",
"device":"WinSQL",
"user":"Netreo",
"location":"Automated Process",
"message":"Device Rediscovered, templates applied. Everything (Default)."
},
{
"time":"2018-10-28 16:20:23",
"device":"WinAD",
"user":"Netreo",
"location":"Automated Process",
"message":"Device Rediscovered, templates applied. Site (Internal)"
},
{
"time":"2018-10-28 16:20:23",
"device":"WinAD",
"user":"Netreo",
"location":"Automated Process",
"message":"Device Rediscovered, templates applied. Device Type (ww)"
},
{
"time":"2018-10-28 16:20:21",
"device":"WinAD",
"user":"Netreo",
"location":"Automated Process",
"message":"Device Rediscovered, templates applied. Everything (Default)."
},
]Log Retrieval Failure
{
"Failure": "Log does not exist in given time period"
}Response Schema
The key/value pairs of a "successful" log retrieval reflect their counterparts in the UI version of the audit log.
| Output | Type | Value |
|---|---|---|
time | string | Returns the date and time the log entry was made, relative to the Netreo server. |
device | string | Returns the device that generated the log entry. |
user | string | Returns the logged-in username of the user that caused the entry to be made. A user of "Netreo" means that the event was caused by an automatic action taken by Netreo. |
location | string | Returns the module or process that generated the log entry. |
message | string | Returns the actual log entry. |
Failure | string | Returns the reason for a call failure. |
Was this article helpful?