Export log events
The endpoint provides functionality to export log events with provided query parameters.
HTTP request
GET https://$instanceId.id.nevis.cloud/nevis/api/v1/events/export
Parameters
Parameter | In | Type | Required / Optional | Description |
---|---|---|---|---|
instanceId | path | string | required | The ID of your Identity Cloud instance |
fromDate | query | string | optional | Query events by starting date. The date is in the ISO 8061 timestamp format YYYY-MM-DDThh:mm:ss.SSSZ |
toDate | query | string | optional | Query events by end date. The date is in the ISO 8061 timestamp format YYYY-MM-DDThh:mm:ss.SSSZ |
timespan | query | string | optional | Query events by a timespan. The timespan is in the ISO 8061 duration format P<date>T<time> . Default: P30D |
status | query | enum | optional | Query events status. Values: succeeded , failed |
filter | query | string | optional | Query events by content |
filterType | query | enum | optional | The type of the filter Values: loginId , userId , description . No value defaults to query events by content. Specified value will restrict query to the given field |
Example request
Export all events in the last hour.
timespan=P0DT1H
curl "https://$instanceId.id.nevis.cloud/nevis/api/v1/events/export?timespan=$timespan" \
--header "Authorization: Bearer $accessKey"
HTTP response
The response content is in comma-separated values (CSV) format and contains the following response headers.
Content-Type: application/octet-stream
Content-Disposition: attachment; filename=logs-export.csv
On success
HTTP/1.1 200
is returned on success.
Example response
eventId,timestamp,name,status,actor.type,actor.id,user.id,accessKey.id,accessKey.name,actor.loginId,actor.userAgent,application.id,application.name,user.firstName,user.lastName,user.loginId,user.state,user.languageCode
62143bf4-fdd3-11ec-811b-6045bd95012c,2022-07-07T09:00:54.328Z,user.deleted,succeeded,admin,78f89c75-8223-4546-a8ac-0ff9f233c6ee,eff5ff9a-1ff5-43a6-836e-eb13886b4ee3,,,[email protected],"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",,,Abraham,George,[email protected],active,en
4aab5eef-fdd3-11ec-8119-000d3aac87a0,2022-07-07T09:00:17.242Z,user.password.reset,succeeded,admin,78f89c75-8223-4546-a8ac-0ff9f233c6ee,c3fe8690-46ab-427a-aeb4-91a506f903a9,,,[email protected],"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",,,Abigail,Mackay,[email protected],active,en
4110403f-fdd3-11ec-811b-6045bd918f8a,2022-07-07T08:59:46.637Z,user.password.reset,succeeded,user,c3fe8690-46ab-427a-aeb4-91a506f903a9,c3fe8690-46ab-427a-aeb4-91a506f903a9,,,[email protected],"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",,,Abigail,Mackay,[email protected],active,en
On failure
HTTP/1.1 401
is returned if the authorization fails due to an invalid access key.
HTTP/1.1 500
is returned if an unexpected error occurs.