Introduction
If we want to keep a record of our audit log offline we can make use of the API.
The endpoint we will be making use of in this article is:
GET api/v1/audit/events
Via API tool - postman, insomnia etc.
- Setup environment of choice
- Setup Postman for IriusRisk API
- Setup Insomnia for IriusRisk API
- ensure all variables are set and you have sufficient permissions and a valid api-token
- query GET api/v1/audit/events endpoint
- set any variables required - max, offset, filter
- Send request and save output
Via console
The steps here will depend on your environment. Steps shown will be using a curl command on a linux console. This will be different if you are on a different environment.
curl https://<your-endpoint>.iriusrisk.com/api/v1/audit/events?max=100 --header "api-token: <your-api-token>" --header "Content-Type: application/json"
feel free to remove the ?max=100 variable, but this should help by adding pagination as audit logs can be very large.
To export it simply add the following output value:
> filename.json
Improving console output
if install the jq package, we can format the output so it is no longer in a block and closer to what we get from a tool such as postman/insomnia etc.
curl https://<your-endpoint>.iriusrisk.com/api/v1/audit/events?max=100 --header "api-token: <your-api-token>" --header "Content-Type: application/json" | jq
In the above example I have added '| jq' to the end. This gives the following, cleaner output.
> filename.json
to save the output.
Additional Tips
The usage of filtering can help us search the audit log within certain parameters. This is explained in the swaggerhub documentation on the API.
filter='timestamp'>='2023-09-01T00:00:00.000%2B0200':AND:'timestamp'<='2023-09-30T23:59:59.999%2B0200'
applied at the code or API application level. We can also set other filters as we see fit.
Troubleshooting:
- Ensure API is enabled via Settings > API > API Enabled (tick). This is available inside IriusRisk.
- Ensure the api-token is correct. This will show if authentication issues arise
- ensure your user has access to the audit log.
Comments
0 comments
Article is closed for comments.