Test Environment. You are currently using the Webex for Developers test environment. Apps created here will not be available for use with Webex Teams. Please visit Webex for Developers to manage your apps.

List Admin Audit Events

List admin audit events in your organization. Several query parameters are available to filter the response.

Long result sets will be split into pages.

GET/v1/adminAudit/events
Query Parameters
orgId
stringrequired

List events in this organization, by ID.

from
required

List events which occurred after a specific date and time.

to
required

List events which occurred before a specific date and time.

actorId
string

List events performed by this person, by ID.

max
number

Limit the maximum number of events in the response. The maximum value is 200.

Default: 100
offset
number

Offset from the first result that you want to fetch.

Default: 0
Response Properties
items
array

An array of audit event objects.

data
object
actorOrgName
string

The display name of the organization.

targetName
string

The name of the resource being acted upon.

eventDescription
string

A description for the event.

actorName
string

The name of the person who performed the action.

actorEmail
string

The email of the person who performed the action.

adminRoles
array

Admin roles for the person.

trackingId
string

A tracking identifier for the event.

targetType
string

The type of resource changed by the event.

targetId
string

The identifier for the resource changed by the event.

eventCategory
string

The category of resource changed by the event.

actorUserAgent
string

The browser user agent of the person who performed the action.

actorIp
string

The IP address of the person who performed the action.

targetOrgId
string

The orgId of the organization.

actionText
string

A more detailed description of the change made by the person.

targetOrgName
string

The name of the organization being acted upon.

created
string

The date and time the event took place.

actorOrgId
string

The orgId of the person who made the change.

id
string

A unique identifier for the event.

actorId
string

The personId of the person who made the change.

Response Codes

The list below describes the common success and error responses you should expect from the API.

CodeStatusDescription
200OKSuccessful request with body content.
204No ContentSuccessful request without body content.
400Bad RequestThe request was invalid or cannot be otherwise served. An accompanying error message will explain further.
401UnauthorizedAuthentication credentials were missing or incorrect.
403ForbiddenThe request is understood, but it has been refused or access is not allowed.
404Not FoundThe URI requested is invalid or the resource requested, such as a user, does not exist. Also returned when the requested format is not supported by the requested method.
405Method Not AllowedThe request was made to a resource using an HTTP request method that is not supported.
409ConflictThe request could not be processed because it conflicts with some established rule of the system. For example, a person may not be added to a room more than once.
415Unsupported Media TypeThe request was made to a resource without specifying a media type or used a media type that is not supported.
429Too Many RequestsToo many requests have been sent in a given amount of time and the request has been rate limited. A Retry-After header should be present that specifies how many seconds you need to wait before a successful request can be made.
500Internal Server ErrorSomething went wrong on the server. If the issue persists, feel free to contact the Webex Developer Support team.
502Bad GatewayThe server received an invalid response from an upstream server while processing the request. Try again later.
503Service UnavailableServer is overloaded with requests. Try again later.
GET
/v1/adminAudit/events{?orgId,from,to,actorId,max,offset}
Log in to try the API.
Header
Query Parameters
  • List events in this organization, by ID.
  • List events which occurred after a specific date and time.
  • List events which occurred before a specific date and time.
  • List events performed by this person, by ID.
  • Limit the maximum number of events in the response. The maximum value is `200`.
  • Offset from the first result that you want to fetch.
https://api.ciscospark.com/v1/adminAudit/events?orgId=Y2lzY29zcGFyazovL3VzL09SR0FOSVpBVElPTi85NmFiYzJhYS0zZGNjLTExZTUtYTE1Mi1mZTM0ODE5Y2RjOWE&from=2018-01-01T13:12:11.789Z&to=2018-01-01T14:12:11.789Z&actorId=ZWUzNDNmYjEtNGQzNS00ZjNmLWE2ZDctMzZkNzVlYjk0ZWVm&max=100&offset=0
{
  "items": [
    {
      "data": {
        "actorOrgName": "Acme Inc.",
        "targetName": "Acme Inc.",
        "eventDescription": "An Admin logged in",
        "actorName": "Joe Smith",
        "actorEmail": "joe@acme.com",
        "adminRoles": [
          "User",
          "Full_Admin",
          "id_full_admin"
        ],
        "trackingId": "ATLAS_6f23a878-bcd4-c204-a4db-e701b42b0e5c_0",
        "targetType": "TargetResourceType.ORG",
        "targetId": "NWIzZTBiZDgtZjg4Ni00MjViLWIzMTgtYWNlYjliN2EwZGFj",
        "eventCategory": "EventCategory.LOGINS",
        "actorUserAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36",
        "actorIp": "128.107.241.191",
        "targetOrgId": "Y2lzY29zcGFyazovL3VzL09SR0FOSVpBVElPTi85NmFiYzJhYS0zZGNjLTExZTUtYTE1Mi1mZTM0ODE5Y2RjOWE",
        "actionText": "Joe Smith logged into organization Acme Inc.",
        "targetOrgName": "Acme Inc."
      },
      "created": "2019-01-02T16:58:36.845Z",
      "actorOrgId": "Y2lzY29zcGFyazovL3VzL09SR0FOSVpBVElPTi85NmFiYzJhYS0zZGNjLTExZTUtYTE1Mi1mZTM0ODE5Y2RjOWE",
      "id": "MjQ0ODhiZTYtY2FiMS00ZGRkLTk0NWQtZDFlYjkzOGQ4NGUy",
      "actorId": "MjQ4Njg2OTYtYWMwZC00ODY4LWJkMjEtZGUxZDc4MzhjOTdm"
    }
  ]
}