Audit events
Reference table and example use cases for audit event based engagement rules.
The following are some of the example use cases for audit event based engagement rules:
An API Provider can use Engagement to get notified:
- When catalogs are created, updated, or deleted.
- When Catalog or Cloud configuration settings are modified.
- On user login, logout, and failed login.
The following table shows the list of fields available for an audit event record. These fields are used as filters in the Rule definition list and you can select an option based on the data that is used to trigger the rule.
| Field name | Type | Description |
|---|---|---|
| action | String | The type of action performed. |
| attachments.component | String | The name of the system or module where the event originated. |
| attachments.scope | String | The contextual boundary or scope of the event. For example, org, catalog, cloud. |
| attachments.method | String | The HTTP method or action method involved in the operation. For example, POST, GET |
| attachments.summary | String | A brief description or summary of the event or action. |
| attachments.operation | String | The specific operation or function executed. |
| attachments.resource | String | The type or name of the resource that is affected. |
| attachments.user.url | String | The URL involved in the action. |
| attachments.user.context | String | The context from which the user initiated the action. |
| attachments.user.idp_name | String | The name of the Identity Provider. |
| attachments.user.name | String | The display name of the user who initiated the action. |
| attachments.registration.url | String | The registration URL. |
| attachments.registration.type | String | The type of registration. |
| catalogId | String | The identifier for the catalog associated with the action. |
| initiator.host | String | The hostname of the initiator system. |
| initiator.host.address | String | The network address of the initiating system (for example, an IP address). It can be enriched with GeoIP data to provide geographic and location details. For more information, see #reference_j2j_s4x_32c1__table_bdt_v3v_1h. |
| initiator.host.agent | String | The software agent or process running on the initiator system. |
| initiator.id | String | The unique identifier that initiated the action. |
| initiator.name | String | The name of the initiator of the action. |
| initiator.typeURI | String | The URI indicating the type or classification of the initiator. |
| outcome | String | The result or outcome of the action. |
| reason.reasonCode | String | The code representing the reason for the action or outcome. |
| reason.reasonType | String | The category or type of the reason provided. |
| spaceId | String | The Identifier for the space where the action occurred. |
| target.id | String | The Identifier of the target resource affected by the action. |
| target.typeURI | String | The URI indicating the type of the target resource. |
| typeURI | String | The URI representing the type of the event . |