List Audit Events
Headers
Bearer authentication of the form Bearer <token>, where token is your auth token.
Query parameters
Member who sent the request. Depending on actorType
, this may be a user ID or a service account ID.
HTTP Origin request header (including scheme, hostname, and port) of the request.
Authentication mode the actor
used.
Resources with a specified ID. If a resource matches at least one ID, the associated event is returned. Format is a comma-separated list of “<resourceType>/<resourceID>”. For example, “VAULT/12345, USER/67890”.
Fully-qualified field by which to sort results. Field names should be in camel case (for example, “capitalization.camelCase”).
Timestamp provided in the previous audit response’s nextOps
attribute. An alternate way to manage response pagination. Can’t be used with sortOps
or offset
. For the first request in a series of audit requests, leave blank.
Change ID provided in the previous audit response’s nextOps
attribute. An alternate way to manage response pagination. Can’t be used with sortOps
or offset
. For the first request in a series of audit requests, leave blank.