Zabbix Documentation 5.0

3.04.04.4 (current)| In development:5.0 (devel)| Unsupported:1.82.02.22.43.23.44.2Guidelines

User Tools

Site Tools


manual:api:reference:auditlog:auditlog.get

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
manual:api:reference:auditlog:auditlog.get [2020/02/13 15:24]
gcalenko removed
— (current)
Line 1: Line 1:
-===== auditlog.get ===== 
  
-==== Description ==== 
- 
-''​integer/​array auditlog.get(object **parameters**)''​ 
- 
-The method allows to retrieve audit log records according to the given parameters. 
- 
-==== Parameters ==== 
- 
-''​(object)''​ Parameters defining the desired output. 
- 
-The method supports the following parameters. 
- 
-^ Parameter ^ Type ^ Description ^ 
-| auditids | string/​array | Return only audit log with the given IDs. | 
-| userids ​ | string/​array | Return only audit log that were created by the given users. | 
-^ ||| 
-| time_from | timestamp | Returns only audit log entries that have been created after or at the given time. | 
-| time_till | timestamp | Returns only audit log entries that have been created before or at the given time. | 
-^ ||| 
-| selectDetails | query | Returns audit log entries with per field changes as ''​[[manual:​api:​reference:​auditlog:​audit_log_object#​audit_log_details|details]]''​ property. \\ \\ Available only for entries with action //​AUDIT_ACTION_UPDATE//​ for actions of other types returns empty array. | 
-^ ||| 
-| sortfield | string/​array | Sort the result by the given properties. \\ \\ Possible values are: ''​auditid'',​ ''​userid'',​ ''​clock''​. ​ | 
-| filter | object | Return only results that exactly match the given filter. \\ \\ Accepts an array, where the keys are property names, and the values are either a single value or an array of values to match against. \\ \\ Allows filtering by details properties: ''​table_name'',​ ''​field_name''​. | 
-| search | object | Case insensitive sub-string search in content of fields: ''​note'',​ ''​ip'',​ ''​resourcename'',​ ''​oldvalue'',​ ''​newvalue''​. | 
-| countOutput |boolean|These parameters being common for all ''​get''​ methods are described in the [[manual:​api:​reference_commentary#​common_get_method_parameters|reference commentary]]. ​ | 
-| excludeSearch |boolean|:::​| 
-| limit |integer|:::​| 
-| output |query|:::| 
-| preservekeys |boolean|:::​| 
-| searchByAny |boolean|:::​| 
-| searchWildcardsEnabled |boolean|:::​| 
-| sortorder | string/​array | ::: | 
-| startSearch |boolean|:::​| 
- 
-==== Return values ==== 
- 
-''​(integer/​array)''​ Returns either: 
-  * an array of objects; 
-  * the count of retrieved objects, if the ''​countOutput''​ parameter has been used. 
- 
-==== Examples ==== 
- 
-=== Retrieve audit log === 
- 
-Retrieve two latest audit log records. 
- 
-Request: 
-<code java> 
-{ 
-    "​jsonrpc":​ "​2.0",​ 
-    "​method":​ "​auditlog.get",​ 
-    "​params":​ { 
-        "​output":​ "​extend",​ 
-        "​sortfield":​ "​clock",​ 
-        "​sortorder":​ "​DESC",​ 
-        "​limit":​ 2 
-    }, 
-    "​auth":​ "​038e1d7b1735c6a5436ee9eae095879e",​ 
-    "​id":​ 1 
-} 
-</​code>​ 
- 
-Response: 
-<code java> 
-{ 
-    "​jsonrpc":​ "​2.0",​ 
-    "​result":​ [ 
-        { 
-            "​auditid":​ "​189",​ 
-            "​userid":​ "​1",​ 
-            "​clock":​ "​1580913141",​ 
-            "​action":​ "​3",​ 
-            "​resourcetype":​ "​0",​ 
-            "​note":​ "",​ 
-            "​ip":​ "​127.0.0.1",​ 
-            "​resourceid":​ "​0",​ 
-            "​resourcename":​ ""​ 
-        }, 
-        { 
-            "​auditid":​ "​188",​ 
-            "​userid":​ "​1",​ 
-            "​clock":​ "​1580903029",​ 
-            "​action":​ "​3",​ 
-            "​resourcetype":​ "​0",​ 
-            "​note":​ "",​ 
-            "​ip":​ "​127.0.0.1",​ 
-            "​resourceid":​ "​0",​ 
-            "​resourcename":​ ""​ 
-        } 
-    ], 
-    "​id":​ 2 
-} 
-</​code>​ 
- 
-Retrieve audit log records having substring "​test"​ in oldvalue field. 
- 
-Request: 
-<code java> 
-{ 
-    "​jsonrpc":​ "​2.0",​ 
-    "​method":​ "​auditlog.get",​ 
-    "​params":​ { 
-        "​output":​ ["​clock"​],​ 
-        "​search":​ { 
-            "​oldvalue":​ "​test"​ 
-        } 
-        "​selectDetails":​ ["​field_name",​ "​oldvalue",​ "​newvalue"​],​ 
-        "​limit":​ 3 
-    }, 
-    "​auth":​ "​038e1d7b1735c6a5436ee9eae095879e",​ 
-    "​id":​ 1 
-} 
-</​code>​ 
- 
-Response: 
-<code java> 
-{ 
-    "​jsonrpc":​ "​2.0",​ 
-    "​result":​ [ 
-        { 
-            "​auditid":​ "​24",​ 
-            "​clock":​ "​1570633499",​ 
-            "​details":​ [ 
-                { 
-                  "​field_name":​ "​script",​ 
-                  "​oldvalue":​ "​return '​test'",​ 
-                  "​newvalue":​ "​return false;"​ 
-                }, 
-                { 
-                  "​field_name":​ "​event_menu_name",​ 
-                  "​oldvalue":​ "​test",​ 
-                  "​newvalue":​ "​google.com {EVENT.TAGS.test}"​ 
-                } 
-           ] 
-        }, 
-        { 
-            "​auditid":​ "​25",​ 
-            "​clock":​ "​1570633675",​ 
-            "​details":​ [ 
-                { 
-                  "​field_name":​ "​script",​ 
-                  "​oldvalue":​ "​return '​test'",​ 
-                  "​newvalue":​ "​return false;"​ 
-                } 
-            ] 
-        } 
-    ], 
-    "​id":​ 2 
-} 
-</​code>​ 
- 
-==== See also ==== 
- 
-  * [[manual:​api:​reference:​auditlog:​audit_log_object|Audit log object]] 
- 
-==== Source ==== 
- 
-CAuditLog::​get() in //​frontends/​php/​include/​classes/​api/​services/​CAuditLog.php//​.