This is the audit REST API that can be used to search the audit log. It only provides the method

GET /audit

16.1.1.1. Audit endpoint

GET /audit/

return a paginated list of audit entries.

Params can be passed as key-value-pairs.

Httpparam timelimit:

A timelimit, that limits the recent audit entries. This param gets overwritten by a policy auditlog_age. Can be 1d, 1m, 1h.

Example request:

GET /audit?realm=realm1 HTTP/1.1
Host: example.com
Accept: application/json

Example response:

HTTP/1.1 200 OK
Content-Type: application/json

 {
   "id": 1,
   "jsonrpc": "2.0",
   "result": {
     "status": true,
     "value": [
       {
          "serial": "....",
          "missing_line": "..."
       }
     ]
   },
   "version": "privacyIDEA unknown"
 }

GET /audit/(csvfile)

Download the audit entry as CSV file.

Params can be passed as key-value-pairs.

Example request:

GET /audit/audit.csv?realm=realm1 HTTP/1.1
Host: example.com
Accept: text/csv

Example response:

HTTP/1.1 200 OK
Content-Type: text/csv

 {
   "id": 1,
   "jsonrpc": "2.0",
   "result": {
     "status": true,
     "value": [
       {
          "serial": "....",
          "missing_line": "..."
       }
     ]
   },
   "version": "privacyIDEA unknown"
 }