Documentation
Public API > Auditlog API.
Documentation Menu
Auditlog API
This page explains how to get your auditlog data extracted. Note that the example array of audit log entries further down shows only the first entry and a subset of scan results for readability. You can use query parameters to filter your search.
Resources
Headers
Filters
Filters can be supplied either as URL parameters or headers.
- Example filtered url to get 10 entries: /auditlog?startid=4050334&take=10&wantscandetails=1
- Pagination works by using the last id in the list and feeding it as startid in the next query
- To copy new data to your own system, we recommend to store the highest id (last entry in list) you have retrieved from a previous call and pass this number plus 1 as “startid”
- Please DO NOT consistently use a high “take” number or flood the api. We will automatically throttle your account
Delta Data
To avoid having to download a full auditlog to find changed auditlog data, you can ask for changed entries (delta). A scenario could be a request is made by a user (new entry). Then it is approved by an administrator (changed entry) and in turn being used by the end user (changed entry again). To get changed entries, follow this procedure:
- Call /auditlog/delta without parameters one time to get an initial “timeNow”
- Use this time to get delta data since last call. In the case below, the next call should be /auditlog/delta?deltaTime=637795099840708375
- Repeat the process of saving “timeNow” to feed to next call as “deltaTime” parameter
- In the example below, there were no changes in the interval
- Note that timeNow is often the same value from call to call. This is intended, as it represents the time of the last change – not the actual time now
{
"entries": [],
"timeNow": 637795099840708375
}
Fields
Example of Successful Request
[
{
"id": 615669,
"traceNo": "34376579",
"settingsName": "Global",
"type": "Run As Admin",
"typeCode": 0,
"status": "Finished",
"statusCode": 2,
"reason": "Need to update reader. It says out of date when trying to open PDF files from our supplier.",
"approvedBy": "Jim Kerr",
"deniedReason": null,
"deniedBy": null,
"ssoValidated": false,
"requestTime": "2020-04-01T12:03:00",
"requestTimeUTC": "2020-04-01T12:03:00",
"startTime": "2020-04-01T12:03:30",
"startTimeUTC": "2020-04-01T12:03:30",
"endTime": "2020-04-01T12:09:11",
"endTimeUTC": "2020-04-01T12:09:11",
"responseTime": "00:00:05.4100000",
"auditlogLink": "https://www.adminbyrequest.com/AuditLog?Page=AppElevations&ID=34376579&ShowFilter=false",
"user": {
"account": "ACME\\PDH",
"fullName": "Paul David Hewson",
"email": "pdh@acme.com",
"phone": "555.345.6789",
"isAdmin": false
},
"computer": {
"name": "W1005623",
"platform": "Windows",
"platformCode": 0,
"make": "Dell Inc.",
"model": "XPS 15 9550"
},
"application": {
"file": "readerdc_uk_fb_crd_install.exe",
"path": "C:\installers",
"name": "Adobe Download Manager",
"vendor": "Adobe Inc.",
"version": "2.0.0.495s",
"sha256": "9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99",
"scanResult": "Clean",
"scanResultCode": 0,
"threat": null,
"virustotalLink": "https://www.virustotal.com/latest-scan/9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99",
"preapproved": false
},
"installs": [
{
"application": "Adobe Acrobat Reader DC",
"version": "20.006.20042",
"vendor": "Adobe Systems Incorporated"
}
],
"uninstalls": [
{
"application": "Adobe Reader XI (11.0.23) MUI",
"version": "11.0.23",
"vendor": "Adobe Systems Incorporated"
}
],
"elevatedApplications": [
{
"name": "Adobe Download Manager",
"path": "C:\\Users\\pdh\\Downloads",
"file": "readerdc_uk_fb_crd_install.exe",
"version": "2.0.0.495s",
"vendor": "Adobe Inc.",
"sha256": "9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99",
"scanResult": "Clean",
"scanResultCode": 0,
"threat": null,
"virustotalLink": "https://www.virustotal.com/latest-scan/9369FB712545F6B6FEC5FBF8B1DD228E57CA7899933BBE354B7C4351C8700C99"
},
{
"name": "Adobe Self Extractor",
"path": "C:\\Users\\pdh\\AppData\\Local\\Adobe\\E1F06F26-140E-4556-A421-788F6C2015BD\\DA1C2141-106A-4BC6-B096-658FCF15DBFC",
"file": "C12D10CF-96D9-4985-BE1E-00B35267FB0C",
"version": "20.6.20042.371103",
"vendor": "Adobe Inc.",
"sha256": "912525F339CFC46D2CE7402366FC213084D79DEAD70D754F4A73C8BA4AA40650",
"scanResult": "Clean",
"scanResultCode": 0,
"threat": null,
"virustotalLink": "https://www.virustotal.com/latest-scan/912525F339CFC46D2CE7402366FC213084D79DEAD70D754F4A73C8BA4AA40650"
},
{
"name": "Adobe Acrobat Reader DC",
"path": "C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader",
"file": "AcroRd32.exe",
"version": "20.6.20042.371103",
"vendor": "Adobe Inc.",
"sha256": "DCD82008D913BFB6FA1ACBC209CB113E24042919FBB8C3E4E9431F194C5B3B47",
"scanResult": "Clean",
"scanResultCode": 0,
"threat": null,
"virustotalLink": "https://www.virustotal.com/latest-scan/DCD82008D913BFB6FA1ACBC209CB113E24042919FBB8C3E4E9431F194C5B3B47"
}
],
"scanResults": [
{
"scanResult": "Clean",
"scanResultCode": 0,
"engine": "BitDefender",
"threat": null
},
{
"scanResult": "Clean",
"scanResultCode": 0,
"engine": "CrowdStrike",
"threat": null
},
{
"scanResult": "Clean",
"scanResultCode": 0,
"engine": "McAfee",
"threat": null
}
]
}
]
