Download OpenAPI specification:Download
The API for configuring Kong Konnect Audit Logs.
Updates a job to re-send audit logs to an organization's webhook.
The request schema to replace an audit log replay job.
| start_at required | string <date-time> The start of a date-time range in RFC3339 format e.g. 2017-07-21T17:32:28Z. Must be within the last 7 days. |
| end_at required | string <date-time> The end of a date-time range in RFC3339 format e.g. 2017-07-21T17:32:28Z. Must be within the last 7 days. |
{- "start_at": "2019-08-24T14:15:22Z",
- "end_at": "2019-08-24T14:15:22Z"
}{- "start_at": "2017-07-21T17:32:28Z",
- "end_at": "2017-07-21T17:32:28Z",
- "status": "unconfigured",
- "updated_at": "2019-08-24T14:15:22Z"
}Returns the audit log replay job's configuration and status.
{- "start_at": "2017-07-21T17:32:28Z",
- "end_at": "2017-07-21T17:32:28Z",
- "status": "unconfigured",
- "updated_at": "2019-08-24T14:15:22Z"
}Updates the configuration for a webhook to receive audit logs.
The request schema to modify an audit log webhook.
| endpoint | string The endpoint that will receive audit log messages. |
| authorization | string The value to include in the |
| enabled | boolean Default: false Indicates if the data should be sent to the webhook. |
| log_format | string Default: "cef" Enum: "cef" "json" The output format of each log message. |
| skip_ssl_verification | boolean Default: false Indicates if the SSL certificate verification of the host endpoint should be skipped when delivering payloads. We strongly recommend not setting this to 'true' as you are subject to man-in-the-middle and other attacks. This option should be considered only for self-signed SSL certificates used in a non-production environment. |
{- "enabled": false
}{- "enabled": true,
- "log_format": "cef",
- "skip_ssl_verification": false,
- "updated_at": "2023-03-21T09:29:14.52Z"
}Returns configuration for the audit log webhook.
{- "enabled": true,
- "log_format": "cef",
- "skip_ssl_verification": false,
- "updated_at": "2023-03-21T09:29:14.52Z"
}Returns status of the audit log webhook.
{- "webhook_enabled": true,
- "webhook_status": "inactive",
- "last_attempt_at": "2023-03-21T09:29:14.52Z",
- "last_response_code": 401,
- "last_response_message": "Unauthorized"
}Returns the public keys used to sign audit log entries in order to verify the validity of audit log entries.
{- "keys": [
- {
- "kty": "OKP",
- "alg": "EdDSA",
- "kid": "3f60bc4376c937154f3c004ebd180433ac0d03e6",
- "crv": "Ed25519",
- "x": "XWxGtApfcqmKI7p0OKnF5JSEWMVoLsytFXLEP7xZ_l8"
}
]
}Returns configuration for the audit log destinations.
| page[size] | integer Example: page[size]=10 The maximum number of items to include per page. The last page of a collection may include fewer items. |
| page[after] | string Example: page[after]=ewogICJpZCI6ICJoZWxsbyB3b3JsZCIKfQ Request the next page of data, starting with the item after this parameter. |
| page[before] | string Example: page[before]=ewogICJpZCI6ICJoZWxsbyB3b3JsZCIKfQ Request the next page of data, starting with the item before this parameter. |
object Filter destinations returned in the response. |
{- "data": [
- {
- "id": "07ec3858-066b-4629-bdc5-d4aa893b424d",
- "name": "Destination-1",
- "log_format": "cef",
- "skip_ssl_verification": false,
- "created_at": "2023-03-20T09:29:14.52Z",
- "updated_at": "2023-03-21T09:29:14.52Z"
}, - {
- "id": "e4374fdc-1f15-4da9-b2e8-7f13d822efe8",
- "name": "Destination-2",
- "log_format": "json",
- "skip_ssl_verification": false,
- "created_at": "2023-03-20T09:29:14.52Z",
- "updated_at": "2023-03-21T09:29:14.52Z"
}
], - "meta": {
- "next": "/api/v2/audit-log-destinations?page%5Bafter%5D=f11CXlAMGEVFB0AEQw19QhNYMV5CCkFYSltZUFgPSBJHFwwWFg%3D%3D&page%5Bsize%5=1",
- "previous": "/api/v2/audit-log-destinations?page%5Bbefore%5D=dl8UWVYPEUZFA0sHQw19EUVYMV5BDhcISl1WWVgNQRBBS1gSFw%3D%3D&page%5Bsize%5D=1",
- "size": 10
}
}Creates a configuration for the audit log destination.
The request schema to create an audit log destination.
| name required | string The name of the audit log destination. |
| endpoint required | string The endpoint that will receive audit log messages. |
| authorization | string The value to include in the |
| log_format required | string Default: "cef" Enum: "cef" "json" The output format of each log message. |
| skip_ssl_verification | boolean Default: false Indicates if the SSL certificate verification of the host endpoint should be skipped when delivering payloads. We strongly recommend not setting this to 'true' as you are subject to man-in-the-middle and other attacks. This option should be considered only for self-signed SSL certificates used in a non-production environment. |
{- "id": "07ec3858-066b-4629-bdc5-d4aa893b424d",
- "name": "My Destination",
- "authorization": "Bearer token",
- "log_format": "cef",
- "skip_ssl_verification": false
}{- "id": "07ec3858-066b-4629-bdc5-d4aa893b424d",
- "name": "My Destination",
- "log_format": "cef",
- "skip_ssl_verification": false,
- "created_at": "2023-03-20T09:29:14.52Z",
- "updated_at": "2023-03-21T09:29:14.52Z"
}Returns configuration for the audit log destination.
| auditLogDestinationId required | string <uuid> ID of the Audit Log Destination. |
{- "id": "07ec3858-066b-4629-bdc5-d4aa893b424d",
- "name": "My Destination",
- "log_format": "cef",
- "skip_ssl_verification": false,
- "created_at": "2023-03-20T09:29:14.52Z",
- "updated_at": "2023-03-21T09:29:14.52Z"
}Updates configuration for the audit log destination.
| auditLogDestinationId required | string <uuid> ID of the Audit Log Destination. |
The request schema to modify an audit log destination.
| name | string The name of the audit log destination. |
| endpoint | string The endpoint that will receive audit log messages. |
| authorization | string The value to include in the |
| log_format | string Default: "cef" Enum: "cef" "json" The output format of each log message. |
| skip_ssl_verification | boolean Default: false Indicates if the SSL certificate verification of the host endpoint should be skipped when delivering payloads. We strongly recommend not setting this to 'true' as you are subject to man-in-the-middle and other attacks. This option should be considered only for self-signed SSL certificates used in a non-production environment. |
{- "log_format": "json",
- "skip_ssl_verification": false
}{- "id": "07ec3858-066b-4629-bdc5-d4aa893b424d",
- "name": "My Destination",
- "log_format": "cef",
- "skip_ssl_verification": false,
- "created_at": "2023-03-20T09:29:14.52Z",
- "updated_at": "2023-03-21T09:29:14.52Z"
}Deletes configuration for the audit log destination.
| auditLogDestinationId required | string <uuid> ID of the Audit Log Destination. |
{- "status": 401,
- "title": "Unauthorized",
- "instance": "kong:trace:8347343766220159418",
- "detail": "Unauthorized"
}This webhook endpoint Creates login failure audit logs using log stream sent by external vendor services (Currently Auth0).
The request schema to create authentication failure audit logs.
Array of objects (StreamLog) |
{- "logs": [
- {
- "data": {
- "user_id": "auth0|1234",
- "date": "2024-09-03T04:23:06.115Z",
- "ip": "127.0.0.1",
- "type": "fp",
- "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36"
}
}
]
}{- "status": 403,
- "title": "Forbidden",
- "instance": "kong:trace:2723154947768991354",
- "detail": "You do not have permission to perform this action"
}