List Admin Audit Events
List admin audit events in your organization. Several query parameters are available to filter the response.
Long result sets will be split into pages.
NOTE: A maximum of one year of audit events can be returned per request.
Query Parameters
List events in this organization, by ID.
List events which occurred after a specific date and time.
List events which occurred before a specific date and time.
List events performed by this person, by ID.
Limit the maximum number of events in the response. The maximum value is 200
.
Offset from the first result that you want to fetch.
List events, by event categories.
Response Properties
An array of audit event objects. See this article for details about each event type.
The display name of the organization.
The name of the resource being acted upon.
A description for the event.
The name of the person who performed the action.
The email of the person who performed the action.
Admin roles for the person.
A tracking identifier for the event.
The type of resource changed by the event.
The identifier for the resource changed by the event.
The category of resource changed by the event.
The browser user agent of the person who performed the action.
The IP address of the person who performed the action.
The orgId
of the organization.
A more detailed description of the change made by the person.
The name of the organization being acted upon.
The date and time the event took place.
The orgId
of the person who made the change.
A unique identifier for the event.
The personId
of the person who made the change.
Response Codes
The list below describes the common success and error responses you should expect from the API:
Code | Status | Description |
---|---|---|
200 | OK | Successful request with body content. |
201 | Created | The request has succeeded and has led to the creation of a resource. |
202 | Accepted | The request has been accepted for processing. |
204 | No Content | Successful request without body content. |
400 | Bad Request | The request was invalid or cannot be otherwise served. An accompanying error message will explain further. |
401 | Unauthorized | Authentication credentials were missing or incorrect. |
403 | Forbidden | The request is understood, but it has been refused or access is not allowed. |
404 | Not Found | The URI requested is invalid or the resource requested, such as a user, does not exist. Also returned when the requested format is not supported by the requested method. |
405 | Method Not Allowed | The request was made to a resource using an HTTP request method that is not supported. |
409 | Conflict | The request could not be processed because it conflicts with some established rule of the system. For example, a person may not be added to a room more than once. |
410 | Gone | The requested resource is no longer available. |
415 | Unsupported Media Type | The request was made to a resource without specifying a media type or used a media type that is not supported. |
423 | Locked | The requested resource is temporarily unavailable. A Retry-After header may be present that specifies how many seconds you need to wait before attempting the request again. |
428 | Precondition Required | File(s) cannot be scanned for malware and need to be force downloaded. |
429 | Too Many Requests | Too many requests have been sent in a given amount of time and the request has been rate limited. A Retry-After header should be present that specifies how many seconds you need to wait before a successful request can be made. |
500 | Internal Server Error | Something went wrong on the server. If the issue persists, feel free to contact the Webex Developer Support team. |
502 | Bad Gateway | The server received an invalid response from an upstream server while processing the request. Try again later. |
503 | Service Unavailable | Server is overloaded with requests. Try again later. |
504 | Gateway Timeout | An upstream server failed to respond on time. If your query uses max parameter, please try to reduce it. |
Header
Query Parameters
- orgIdstringRequiredList events in this organization, by ID.
- fromstringRequiredList events which occurred after a specific date and time.
- tostringRequiredList events which occurred before a specific date and time.
- actorIdstringList events performed by this person, by ID.
- maxnumberLimit the maximum number of events in the response. The maximum value is `200`.
- offsetnumberOffset from the first result that you want to fetch.
- eventCategorieslistList events, by event categories.
{ "items": [ { "data": { "actorOrgName": "Acme Inc.", "targetName": "Acme Inc.", "eventDescription": "An Admin logged in", "actorName": "Joe Smith", "actorEmail": "joe@example.com", "adminRoles": [ "User", "Full_Admin", "id_full_admin" ], "trackingId": "ATLAS_6f23a878-bcd4-c204-a4db-e701b42b0e5c_0", "targetType": "TargetResourceType.ORG", "targetId": "NWIzZTBiZDgtZjg4Ni00MjViLWIzMTgtYWNlYjliN2EwZGFj", "eventCategory": "EventCategory.LOGINS", "actorUserAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36", "actorIp": "128.107.241.191", "targetOrgId": "Y2lzY29zcGFyazovL3VzL09SR0FOSVpBVElPTi85NmFiYzJhYS0zZGNjLTExZTUtYTE1Mi1mZTM0ODE5Y2RjOWE", "actionText": "Joe Smith logged into organization Acme Inc.", "targetOrgName": "Acme Inc." }, "created": "2019-01-02T16:58:36.845Z", "actorOrgId": "Y2lzY29zcGFyazovL3VzL09SR0FOSVpBVElPTi85NmFiYzJhYS0zZGNjLTExZTUtYTE1Mi1mZTM0ODE5Y2RjOWE", "id": "MjQ0ODhiZTYtY2FiMS00ZGRkLTk0NWQtZDFlYjkzOGQ4NGUy", "actorId": "MjQ4Njg2OTYtYWMwZC00ODY4LWJkMjEtZGUxZDc4MzhjOTdm" } ] }