Skip to main content
A newer release of this product is available.

Retrieve an S3 audit configurations

Contributors

GET /protocols/audit/{svm.uuid}/object-store

Introduced In: 9.10

Retrieves S3 audit configurations.

  • vserver object-store-server audit show

Parameters

Name Type In Required Description

events.management

boolean

query

False

Filter by events.management

events.data

boolean

query

False

Filter by events.data

log_path

string

query

False

Filter by log_path

log.rotation.size

integer

query

False

Filter by log.rotation.size

log.rotation.schedule.hours

integer

query

False

Filter by log.rotation.schedule.hours

  • Max value: 23

  • Min value: 0

log.rotation.schedule.days

integer

query

False

Filter by log.rotation.schedule.days

  • Max value: 31

  • Min value: 1

log.rotation.schedule.weekdays

integer

query

False

Filter by log.rotation.schedule.weekdays

  • Max value: 6

  • Min value: 0

log.rotation.schedule.minutes

integer

query

False

Filter by log.rotation.schedule.minutes

  • Max value: 59

  • Min value: 0

log.rotation.schedule.months

integer

query

False

Filter by log.rotation.schedule.months

  • Max value: 12

  • Min value: 1

log.format

string

query

False

Filter by log.format

log.retention.count

integer

query

False

Filter by log.retention.count

log.retention.duration

string

query

False

Filter by log.retention.duration

enabled

boolean

query

False

Filter by enabled

svm.name

string

query

False

Filter by svm.name

svm.uuid

string

path

True

UUID of the SVM to which this object belongs.

fields

array[string]

query

False

Specify the fields to return.

max_records

integer

query

False

Limit the number of records returned.

return_records

boolean

query

False

The default is true for GET calls. When set to false, only the number of records is returned.

  • Default value: 1

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.

  • Max value: 120

  • Min value: 0

  • Default value: 1

order_by

array[string]

query

False

Order results by specified fields and optional [asc

Response

Status: 200, Ok
Name Type Description

enabled

boolean

Specifies whether or not auditing is enabled on the SVM.

events

events

log

s3_log

log_path

string

The audit log destination path where consolidated audit logs are stored.

svm

svm

SVM, applies only to SVM-scoped objects.

Example response
{
  "log": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "format": "string",
    "retention": {
      "duration": "P4DT12H30M5S"
    },
    "rotation": {
      "schedule": {
        "days": [
          "integer"
        ],
        "hours": [
          "integer"
        ],
        "minutes": [
          "integer"
        ],
        "months": [
          "integer"
        ],
        "weekdays": [
          "integer"
        ]
      }
    }
  },
  "log_path": "string",
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  }
}

Error

Status: Default, Error
Name Type Description

error

returned_error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

events

Name Type Description

data

boolean

Data events

management

boolean

Management events

href

Name Type Description

href

string

Name Type Description

self

href

retention

Name Type Description

count

integer

Determines how many audit log files to retain before rotating the oldest log file out. This is mutually exclusive with "duration".

duration

string

Specifies an ISO-8601 format date and time to retain the audit log file. The audit log files are deleted once they reach the specified date/time. This is mutually exclusive with "count".

audit_schedule

Rotates the audit logs based on a schedule by using the time-based rotation parameters in any combination. The rotation schedule is calculated by using all the time-related values.

Name Type Description

days

array[integer]

Specifies the day of the month schedule to rotate audit log. Leave empty for all.

hours

array[integer]

Specifies the hourly schedule to rotate audit log. Leave empty for all.

minutes

array[integer]

Specifies the minutes schedule to rotate the audit log.

months

array[integer]

Specifies the months schedule to rotate audit log. Leave empty for all.

weekdays

array[integer]

Specifies the weekdays schedule to rotate audit log. Leave empty for all.

rotation

Audit event log files are rotated when they reach a configured threshold log size or are on a configured schedule. When an event log file is rotated, the scheduled consolidation task first renames the active converted file to a time-stamped archive file, and then creates a new active converted event log file.

Name Type Description

now

boolean

Manually rotates the audit logs. Optional in PATCH only. Not available in POST.

schedule

audit_schedule

Rotates the audit logs based on a schedule by using the time-based rotation parameters in any combination. The rotation schedule is calculated by using all the time-related values.

size

integer

Rotates logs based on log size in bytes.

s3_log

Name Type Description

_links

_links

format

string

Format in which the logs are generated by the consolidation process. Possible values are:

  • json - ONTAP-specific Json log format.

    • Default value: 1

    • enum: ["json"]

    • Introduced in: 9.10

    • x-nullable: true

retention

retention

rotation

rotation

Audit event log files are rotated when they reach a configured threshold log size or are on a configured schedule. When an event log file is rotated, the scheduled consolidation task first renames the active converted file to a time-stamped archive file, and then creates a new active converted event log file.

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

_links

_links

name

string

The name of the SVM. This field cannot be specified in a PATCH method.

uuid

string

The unique identifier of the SVM. This field cannot be specified in a PATCH method.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.