retraced.events

Collect Audit Log events from a running Audit Log instance

retraced.events

Collect Audit Log events from a running Audit Log instance

collect:
  v1:
    - retraced.events:
        output_dir: /audit/events
        api_endpoint: 'https://auditlogs.mycorp.internal:8080'
        api_token: aef342f32f22f3edf1f1f3f3ef
        project_id: f3edf1f1f3f3efaef342f32f22
collect:
  v1:
    - retraced.events:
        output_dir: /audit/events
        api_endpoint: 'https://auditlogs.mycorp.internal:8080'
        api_token: aef342f32f22f3edf1f1f3f3ef
        project_id: f3edf1f1f3f3efaef342f32f22
        insecure: true
        timeout_seconds: 10
        mask:
          Action: true
          Description: true
          ActorID: true
          ActorName: true
          CanonicalTime: true
        query:
          CRUD: 'c,u,d'

Required Parameters

  • api_endpoint - The location of the Audit Logs API endpoint in the form http(s)://<host>:<port>

  • api_token - An API token for communicating with the audit log instance

  • project_id - The Audit Log Project ID

Optional Parameters

Outputs

  • audit_events.csv - The audit events in CSV format


Shared Parameters

This spec also inherits all of the required and optional Shared Parameters