Audit event fields
An audit event is logged from each management node when there are changes to the API lifecycle or to the organization. For example, publishing a product or creating an organization would trigger this event. The audit event record contains information about the changes to the API lifecycle or organization.
Table 1 lists the fields that are included in an audit event record.
| Field name | Type | Description |
|---|---|---|
| @timestamp | Date | A time stamp that records when the record was written on the management node by the Logstash data collection engine that feeds data into Elasticsearch. |
| assetType | String | The asset type. |
| consumerOrgid | String | The identifier of the consumer organization that generated the audit event.” |
| datetime | Date | Date and time of the audit event. |
| eventId | String | The identifier of the catalog that generated the audit event. |
| eventType | String | The type of event. |
| id | String | Identifier of the event. |
| message | String | The audit event message. |
| nlsMessage | Object | Metadata that is related to the audit notification. |
| notificationType | String | The type of notification. |
| orgID | String | The identifier of the provider organization that generated the audit event. |
| source | String | The node where the event was requested. |
| userId | String | The ID of the user who generated the event. |
The following events are listed in the record and contain internal information that does not
convey any useful audit event information:
- @version – Always 1
- assetId
- client_geoip, gateway_geoip – Empty array
- headers.field_name – Contains internal headers
- host - Always 127.0.0.1
- tags – Empty JSON array