Audit Logs

Audit logs in Nexla provide comprehensive tracking of all notification activities, changes, and system events, enabling you to maintain complete visibility into your monitoring operations and meet compliance requirements.

Audit Overview

Audit logs maintain detailed records of all notification-related activities, including creation, modification, deletion, and status changes, providing a complete audit trail for operational transparency and compliance.

View Notification Audit Logs

Retrieve comprehensive audit information for notifications to track all changes and activities.

Audit Logs Endpoint

To view notification audit logs:

GET /notifications/{notification_id}/audit

Nexla API

View Notification Audit: Request
GET /notifications/5007/audit

Audit Response

The response provides detailed audit information for the notification:

Nexla API

View Notification Audit: Response
{
  "status": "success",
  "notification": {
    "id": 5007,
    "message": "Data source connected successfully"
  },
  "audit_entries": [
    {
      "id": 1001,
      "timestamp": "2023-01-15T22:25:00.000Z",
      "action": "mark_read",
      "user_id": 42,
      "user_name": "John Smith",
      "details": {
        "previous_status": "unread",
        "new_status": "read",
        "read_at": "2023-01-15T22:25:00.000Z"
      }
    },
    {
      "id": 1000,
      "timestamp": "2023-01-15T21:04:48.000Z",
      "action": "create",
      "user_id": "system",
      "user_name": "System",
      "details": {
        "level": "INFO",
        "resource_type": "SOURCE",
        "resource_id": 1002,
        "message": "Data source connected successfully"
      }
    }
  ]
}

System-Wide Audit Logs

View audit logs across all notifications for comprehensive system monitoring.

All Notifications Audit

To view audit logs for all notifications:

GET /notifications/audit

Nexla API

View All Notifications Audit: Request
GET /notifications/audit

Filtered Audit Logs

Use filters to focus on specific audit events and time periods.

Filter by Action Type

Filter audit logs by specific actions:

Nexla API

Filter by Action: Request
GET /notifications/audit?action=mark_read

Filter by Time Range

Filter audit logs by time periods:

Nexla API

Filter by Time Range: Request
GET /notifications/audit?from=2023-01-01T00:00:00&to=2023-01-31T23:59:59

Filter by User

Filter audit logs by specific users:

Nexla API

Filter by User: Request
GET /notifications/audit?user_id=42

Audit Entry Types

Understanding different audit entry types helps you track various notification activities.

Creation Events

Track notification creation activities:

System Creation: Automatic notification generation by the system
Manual Creation: Notifications created by users or administrators
Bulk Creation: Multiple notifications created simultaneously
Template Creation: Notifications created from templates

Status Change Events

Monitor notification status modifications:

Mark as Read: Tracking when notifications are marked as read
Mark as Unread: Tracking when notifications are marked as unread
Bulk Status Updates: Multiple status changes in single operations
Status Synchronization: Status updates across multiple systems

Modification Events

Track notification content changes:

Message Updates: Changes to notification content
Level Changes: Modifications to severity levels
Resource Updates: Changes to associated resources
Metadata Updates: Modifications to notification metadata

Deletion Events

Monitor notification removal activities:

Individual Deletion: Single notification deletions
Bulk Deletion: Multiple notification deletions
Conditional Deletion: Deletions based on specific criteria
System Cleanup: Automatic deletion by system processes

Audit Log Structure

Understanding the audit log structure helps you effectively analyze and use the information.

Basic Audit Information

Essential audit entry details:

id: Unique audit entry identifier
timestamp: When the audit event occurred
action: Type of action performed
user_id: ID of the user who performed the action
user_name: Name of the user who performed the action

Action Details

Detailed information about the action performed:

details: Object containing action-specific information
Previous State: Information about the state before the action
New State: Information about the state after the action
Parameters: Any parameters or options used in the action

Context Information

Additional context for the audit event:

Resource Information: Details about affected resources
System Context: System state and configuration at time of action
Environmental Data: Additional context about the action environment
Related Events: Links to related audit events

Audit Log Use Cases

Audit logs serve various operational and compliance purposes.

Compliance and Auditing

Use audit logs for compliance requirements:

Regulatory Compliance: Meet industry and regulatory requirements
Internal Auditing: Conduct internal compliance audits
External Auditing: Support external audit processes
Policy Enforcement: Verify policy compliance and enforcement

Operational Monitoring

Use audit logs for operational purposes:

Change Tracking: Monitor all notification changes and modifications
User Activity: Track user actions and system usage
Performance Analysis: Analyze system performance and usage patterns
Troubleshooting: Investigate issues and system problems

Security Monitoring

Use audit logs for security purposes:

Access Control: Monitor access to notification resources
Unauthorized Activity: Detect suspicious or unauthorized actions
User Accountability: Track user actions for accountability
Incident Response: Support security incident investigation

Audit Log Management

Effectively manage and maintain your audit log system.

Log Retention

Manage audit log retention policies:

Retention Periods: Define how long to retain audit logs
Storage Management: Manage storage requirements for audit data
Archival Policies: Implement archival and backup procedures
Compliance Requirements: Ensure retention meets compliance needs

Log Analysis

Analyze audit logs for insights:

Pattern Recognition: Identify patterns in user behavior and system usage
Trend Analysis: Track changes and trends over time
Anomaly Detection: Identify unusual or suspicious activities
Performance Insights: Extract performance and efficiency insights

Audit Log Best Practices

To effectively use and manage audit logs:

Regular Review: Periodically review audit logs for insights
Retention Planning: Plan appropriate retention periods for different log types
Access Control: Control access to audit logs based on user roles
Monitoring: Implement monitoring for critical audit events
Documentation: Maintain clear documentation of audit log structure and usage

Error Handling

Common audit log issues and solutions:

Permission Denied: Ensure you have appropriate access rights
Resource Not Found: Verify the specified notification exists
Invalid Parameters: Check that query parameters are correctly formatted
Large Result Sets: Use pagination for large audit log collections

After viewing audit logs, you may need to:

Export Audit Data

GET /notifications/audit/export
GET /notifications/{notification_id}/audit/export

Filter Audit Logs

GET /notifications/audit?action=create
GET /notifications/audit?user_id=42

Monitor Audit Events

GET /notifications/audit/recent
GET /notifications/audit/alerts

Audit Overview​

View Notification Audit Logs​

Audit Logs Endpoint​

Audit Response​

System-Wide Audit Logs​

All Notifications Audit​

Filtered Audit Logs​

Filter by Action Type​

Filter by Time Range​

Filter by User​

Audit Entry Types​

Creation Events​

Status Change Events​

Modification Events​

Deletion Events​

Audit Log Structure​

Basic Audit Information​

Action Details​

Context Information​

Audit Log Use Cases​

Compliance and Auditing​

Operational Monitoring​

Security Monitoring​

Audit Log Management​

Log Retention​

Log Analysis​

Audit Log Best Practices​

Error Handling​

Related Operations​

Export Audit Data​

Filter Audit Logs​

Monitor Audit Events​