Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

back

DPoD APIs

About the Audit Query API

search

About the Audit Query API

About the Audit Query API

Data Protection on Demand (DPoD) collects audit logs for Luna Cloud HSM Services. Users can generate audit log files and retrieve signed URLs for access to audit log files using the Audit Query API /v1/audit-log-exports endpoint. Audit log files contain an array of audit logs. Audit logs provide a record of the outcome of an action by an actor on a resource in a DPoD tenant.

Service Provider Administrators cannot access their tenant's audit logs. Tenant Administrators can access logs for all Luna Cloud HSM Services in their tenant. Application Owners can access logs for Luna Cloud HSM Services in their subscriber group.

Audit logs are supported for Luna Cloud HSM Services using client version 10.2 or newer.

Example requests

See Generate Audit Log File and Retrieve Audit Log File in Using the APIs for example Audit Query API requests.

Audit logs

Audit logs provide a record of the outcome (status) of an action (action) by an actor (actorID) on a resource (resourceID). The audit log file is a .ZIP that contains a JSON list of audit logs. Audit logs are available for one year (365 days). Audit logs have the following format:


{
    "time":"<logTime>", 
    "source":"<logSource>",
    "resourceID":"<logResource>",
    "actorID":"<logActor>",
    "tenantID":"<logTenantId>",
    "action":"<logAction>",
    "status":"<logStatus>",
    "traceID":"<traceID>",
    "meta":{"<logMeta>"}
}

Common values

The following values are common and will appear in all DPoD audit logs:

Value Description
"time" The time of the action. A timestamp in RFC3339 format. If the use case records the audit log time to a fraction of a second DPoD counts those fractions of a second in microseconds. The timestamp takes the format <YYYY>-<MM>-<DD> <hour>:<minute>:<second>.<microsecond> UTC.
"tenantID" The GUID of the tenant that owns the log.
"traceID" A unique identifier for the audit log for tracking audit logs throughout the audit system.

Use case specific values

The source, resourceid, actorid, action, status, and meta values have use case specific descriptions. Please see the use case specific audit log documentation for more information.