Audit log
Learn how to keep track of all API calls made to the entity resources.
Monite keeps an audit log of all API calls made to entity resources, as well as the responses returned. Entity administrators and auditors can use the audit trail to understand which business objects were accessed, when, and by whom.
Access the audit log
To get the audit log, call GET /audit_logs
. The request can be authenticated using either a partner access token or an entity user token. A partner access token provides access to the complete audit trail of that entity’s business logic objects, whereas an entity user token provides access only to the events triggered by that entity user.
Parameters
You can filter the returned audit log events by using the following query parameters. If multiple filter parameters are provided, the filters are combined using logical AND
.
All parameters are optional.
Examples
-
Get events logged since June 1, 2023 UTC:
-
Get events logged between June 1 and 5, 2023 UTC, inclusively:
-
Get events related to the manual creation of payables:
Pagination
The GET /audit_logs
endpoint supports pagination. The default page size is 100 entries but can be changed using the page_size
query parameter (1..100).
To paginate through the audit log:
-
Send the initial GET request with the desired filters and
page_size
. For example: -
Examine the response and note down the
next_pagination_token
. This token can be used to access the next page of the audit log. If thenext_pagination_token
value isnull
, it means the last page was reached. -
Process the
data
contained in the response as needed. -
Call
GET /audit_logs
again with thepagination_token
query parameter containing thenext_pagination_token
value from the last response:There is no need to provide the
page_size
and filter parameters in subsequent requests because they are encoded in the pagination token. -
Repeat steps 2-4 until you reach the last page.
Audit log data
The data is returned in the JSON format.
Field | Description |
---|---|
body | JSON data send in the request body or response body. The value is null if the request or response did not have a body or had a non-JSON body. |
content_type | The Content-Type of the request or response. Example: application/json . |
entity_id | Entity ID. |
entity_user_id | The ID of the entity user who made the request, or 00000000-0000-0000-0000-000000000000 if the request was made with a partner-level token. |
headers | An object containing the request headers and their values, or |
id | ID of the audit log entry. |
method | HTTP request method, for example, GET . |
params | Request query string (without the ? character), or null if the request did not use query parameters. Example: type=product&counterpart_id=5e4e1148-d746-42f3-bde0-f8434ec9548f |
parent_log_id | Unused. Always null . |
partner_id | Partner’s client ID. |
path | Request URL without the domain part. Example: /v1/payables/3f6c67f3-0d73-4bfd-b403-27f733dfd218 |
status_code | HTTP status code of the response, or 0 in entries with type = request . |
target_service | Reserved for internal use. |
timestamp | The date and time (in the ISO 8601 format) when this audit log entry was created. |
type | request or response |