Audit Events (auditevents
)
The auditevents
endpoint provides information about the application’s audit events.
Retrieving Audit Events
To retrieve the audit events, make a GET
request to /actuator/auditevents
, as shown in the following curl-based example:
$ curl 'http://localhost:8080/actuator/auditevents?principal=alice&after=2024-12-19T11%3A43%3A06.951450273Z&type=logout' -i -X GET
The preceding example retrieves logout
events for the principal, alice
, that occurred after 09:37 on 7 November 2017 in the UTC timezone.
The resulting response is similar to the following:
HTTP/1.1 200 OK
Content-Type: application/vnd.spring-boot.actuator.v3+json
Content-Length: 127
{
"events" : [ {
"timestamp" : "2024-12-19T11:43:06.951995965Z",
"principal" : "alice",
"type" : "logout"
} ]
}
Query Parameters
The endpoint uses query parameters to limit the events that it returns. The following table shows the supported query parameters:
Parameter | Description |
---|---|
|
Restricts the events to those that occurred after the given time. Optional. |
|
Restricts the events to those with the given principal. Optional. |
|
Restricts the events to those with the given type. Optional. |
Response Structure
The response contains details of all of the audit events that matched the query. The following table describes the structure of the response:
Path | Type | Description |
---|---|---|
|
|
An array of audit events. |
|
|
The timestamp of when the event occurred. |
|
|
The principal that triggered the event. |
|
|
The type of the event. |