Help us learn about your current experience with the documentation. Take the survey.
审计事件 API
- Tier: Premium, Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
实例审计事件
- Tier: Premium, Ultimate
- Offering: GitLab Self-Managed, GitLab Dedicated
使用此 API 检索实例审计事件。
要通过 API 检索审计事件,您必须以管理员身份进行身份验证。
检索所有实例审计事件
GET /audit_events| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
created_after |
string | 否 | 返回在指定时间或之后创建的审计事件。格式:ISO 8601 (YYYY-MM-DDTHH:MM:SSZ) |
created_before |
string | 否 | 返回在指定时间或之前创建的审计事件。格式:ISO 8601 (YYYY-MM-DDTHH:MM:SSZ) |
entity_type |
string | 否 | 返回指定实体类型的审计事件。有效值为:User、Group、Project 或 Gitlab::Audit::InstanceScope。 |
entity_id |
integer | 否 | 返回指定实体 ID 的审计事件。需要提供 entity_type 属性。 |
Offset-based pagination was deprecated in GitLab 17.8 and is planned for removal in 19.0. Use keyset-based pagination instead. This change is a breaking change.
此端点支持基于偏移量的和keyset-based分页。当请求连续的结果页面时,您应该使用 keyset-based 分页。
了解更多关于分页的信息。
curl --request GET \
--header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://primary.example.com/api/v4/audit_events"示例响应:
[
{
"id": 1,
"author_id": 1,
"entity_id": 6,
"entity_type": "Project",
"details": {
"custom_message": "Project archived",
"author_name": "Administrator",
"author_email": "[email protected]",
"target_id": "flightjs/flight",
"target_type": "Project",
"target_details": "flightjs/flight",
"ip_address": "127.0.0.1",
"entity_path": "flightjs/flight"
},
"created_at": "2019-08-30T07:00:41.885Z"
},
{
"id": 2,
"author_id": 1,
"entity_id": 60,
"entity_type": "Group",
"details": {
"add": "group",
"author_name": "Administrator",
"author_email": "[email protected]",
"target_id": "flightjs",
"target_type": "Group",
"target_details": "flightjs",
"ip_address": "127.0.0.1",
"entity_path": "flightjs"
},
"created_at": "2019-08-27T18:36:44.162Z"
},
{
"id": 3,
"author_id": 51,
"entity_id": 51,
"entity_type": "User",
"details": {
"change": "email address",
"from": "[email protected]",
"to": "[email protected]",
"author_name": "Andreas",
"author_email": "[email protected]",
"target_id": 51,
"target_type": "User",
"target_details": "Andreas",
"ip_address": null,
"entity_path": "Andreas"
},
"created_at": "2019-08-22T16:34:25.639Z"
},
{
"id": 4,
"author_id": 43,
"entity_id": 1,
"entity_type": "Gitlab::Audit::InstanceScope",
"details": {
"author_name": "Administrator",
"author_class": "User",
"target_id": 32,
"target_type": "AuditEvents::Streaming::InstanceHeader",
"target_details": "unknown",
"custom_message": "Created custom HTTP header with key X-arg.",
"ip_address": "127.0.0.1",
"entity_path": "gitlab_instance"
},
"ip_address": "127.0.0.1",
"author_name": "Administrator",
"entity_path": "gitlab_instance",
"target_details": "unknown",
"created_at": "2023-08-01T11:29:44.764Z",
"target_type": "AuditEvents::Streaming::InstanceHeader",
"target_id": 32,
"event_type": "audit_events_streaming_instance_headers_create"
}
]检索单个实例审计事件
GET /audit_events/:id| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
id |
integer | 是 | 审计事件的 ID |
curl --request GET \
--header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://primary.example.com/api/v4/audit_events/1"示例响应:
{
"id": 1,
"author_id": 1,
"entity_id": 6,
"entity_type": "Project",
"details": {
"custom_message": "Project archived",
"author_name": "Administrator",
"author_email": "[email protected]",
"target_id": "flightjs/flight",
"target_type": "Project",
"target_details": "flightjs/flight",
"ip_address": "127.0.0.1",
"entity_path": "flightjs/flight"
},
"created_at": "2019-08-30T07:00:41.885Z"
}群组审计事件
使用此 API 检索群组审计事件。
具有以下角色的用户:
- 所有者角色可以检索所有用户的群组审计事件。
- 开发者或维护者角色只能检索基于其个人操作的群组审计事件。
Offset-based pagination was deprecated in GitLab 17.8 and is planned for removal in 19.0. Use keyset-based pagination instead. This change is a breaking change.
此端点支持基于偏移量的和keyset-based分页。当请求连续的结果页面时,建议使用 keyset-based 分页。
检索所有群组审计事件
GET /groups/:id/audit_events| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
id |
integer/string | 是 | 群组的 ID 或URL 编码路径 |
created_after |
string | 否 | 返回在指定时间或之后创建的群组审计事件。格式:ISO 8601 (YYYY-MM-DDTHH:MM:SSZ) |
created_before |
string | 否 | 返回在指定时间或之前创建的群组审计事件。格式:ISO 8601 (YYYY-MM-DDTHH:MM:SSZ) |
默认情况下,GET 请求一次返回 20 个结果,因为 API 结果是分页的。
了解更多关于分页的信息。
curl --request GET \
--header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://primary.example.com/api/v4/groups/60/audit_events"示例响应:
[
{
"id": 2,
"author_id": 1,
"entity_id": 60,
"entity_type": "Group",
"details": {
"custom_message": "Group marked for deletion",
"author_name": "Administrator",
"author_email": "[email protected]",
"target_id": "flightjs",
"target_type": "Group",
"target_details": "flightjs",
"ip_address": "127.0.0.1",
"entity_path": "flightjs"
},
"created_at": "2019-08-28T19:36:44.162Z"
},
{
"id": 1,
"author_id": 1,
"entity_id": 60,
"entity_type": "Group",
"details": {
"add": "group",
"author_name": "Administrator",
"author_email": "[email protected]",
"target_id": "flightjs",
"target_type": "Group",
"target_details": "flightjs",
"ip_address": "127.0.0.1",
"entity_path": "flightjs"
},
"created_at": "2019-08-27T18:36:44.162Z"
}
]检索特定的群组审计事件
仅对群组所有者和管理员可用。
GET /groups/:id/audit_events/:audit_event_id| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
id |
integer/string | 是 | 群组的 ID 或URL 编码路径 |
audit_event_id |
integer | 是 | 审计事件的 ID |
curl --request GET \
--header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://primary.example.com/api/v4/groups/60/audit_events/2"示例响应:
{
"id": 2,
"author_id": 1,
"entity_id": 60,
"entity_type": "Group",
"details": {
"custom_message": "Group marked for deletion",
"author_name": "Administrator",
"author_email": "[email protected]",
"target_id": "flightjs",
"target_type": "Group",
"target_details": "flightjs",
"ip_address": "127.0.0.1",
"entity_path": "flightjs"
},
"created_at": "2019-08-28T19:36:44.162Z"
}项目审计事件
使用此 API 检索项目审计事件。
具有维护者角色(或更高)的用户可以检索所有用户的项目审计事件。 具有开发者角色的用户只能检索基于其个人操作的项目审计事件。
检索所有项目审计事件
GET /projects/:id/audit_events| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
id |
integer/string | 是 | 项目的 ID 或URL 编码路径 |
created_after |
string | 否 | 返回在指定时间或之后创建的项目审计事件。格式:ISO 8601 (YYYY-MM-DDTHH:MM:SSZ) |
created_before |
string | 否 | 返回在指定时间或之前创建的项目审计事件。格式:ISO 8601 (YYYY-MM-DDTHH:MM:SSZ) |
Offset-based pagination was deprecated in GitLab 17.8 and is planned for removal in 19.0. Use keyset-based pagination instead. This change is a breaking change.
默认情况下,GET 请求一次返回 20 个结果,因为 API 结果是分页的。
当请求连续的结果页面时,您应该使用keyset 分页。
了解更多关于分页的信息。
curl --request GET \
--header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://primary.example.com/api/v4/projects/7/audit_events"示例响应:
[
{
"id": 5,
"author_id": 1,
"entity_id": 7,
"entity_type": "Project",
"details": {
"change": "prevent merge request approval from committers",
"from": "",
"to": "true",
"author_name": "Administrator",
"author_email": "[email protected]",
"target_id": 7,
"target_type": "Project",
"target_details": "twitter/typeahead-js",
"ip_address": "127.0.0.1",
"entity_path": "twitter/typeahead-js"
},
"created_at": "2020-05-26T22:55:04.230Z"
},
{
"id": 4,
"author_id": 1,
"entity_id": 7,
"entity_type": "Project",
"details": {
"change": "prevent merge request approval from authors",
"from": "false",
"to": "true",
"author_name": "Administrator",
"author_email": "[email protected]",
"target_id": 7,
"target_type": "Project",
"target_details": "twitter/typeahead-js",
"ip_address": "127.0.0.1",
"entity_path": "twitter/typeahead-js"
},
"created_at": "2020-05-26T22:55:04.218Z"
}
]检索特定的项目审计事件
仅对至少具有项目维护者角色的用户可用。
GET /projects/:id/audit_events/:audit_event_id| 属性 | 类型 | 必需 | 描述 |
|---|---|---|---|
id |
integer/string | 是 | 项目的 ID 或URL 编码路径 |
audit_event_id |
integer | 是 | 审计事件的 ID |
curl --request GET \
--header "PRIVATE-TOKEN: <your_access_token>" \
--url "https://primary.example.com/api/v4/projects/7/audit_events/5"示例响应:
{
"id": 5,
"author_id": 1,
"entity_id": 7,
"entity_type": "Project",
"details": {
"change": "prevent merge request approval from committers",
"from": "",
"to": "true",
"author_name": "Administrator",
"author_email": "[email protected]",
"target_id": 7,
"target_type": "Project",
"target_details": "twitter/typeahead-js",
"ip_address": "127.0.0.1",
"entity_path": "twitter/typeahead-js"
},
"created_at": "2020-05-26T22:55:04.230Z"
}