The Server Administrator can find and read the Audit Log files in:
/var/log/xcally/api-info.log
These log files report all the CRUD actions made on the Motion Server via API and the agent/user id and name that performed that action.
Here you find some examples of the activities traced in the log files:
- Authentication
- Create/Read/Update/Delete entries
The audit log files have a maximum capacity of 100 MB (10 files of 10 MB each on rotation) .
A typical format of the log file is the following:
[2018-05-30 13:41:01] [INFO] api - GET 66.249.70.28 /api/variables?fields=createdAt,updatedAt,id,name,description&limit=10&offset=0&sort=-updatedAt 206 31ms id=1 name=admin role=admin
where:
- [2018-05-30 13:41:01] - Log date
- [INFO] - Log level
- GET - HTTP METHOD
- 66.249.70.28 - Remote Client IP Address
- /api/variables?fields=createdAt,updatedAt,id,name,description&limit=10&offset=0&sort=-updatedAt - Requested endpoint and its parameters
- 206 - HTTP RESPONSE CODE
- 31ms - Time elapsed between request and API response
- id=1 - Requester User/Agent Id
- name=admin - Requester User/Agent Name
- role=admin - Requester User/Agent Role
In the following example instead, we see the log for the actions performed by an Administrator on the queue id 47 (create, update, delete):
[2018-05-31 11:51:52] [INFO] api - POST 151.0.175.186 /api/voice/queues 201 37ms id=1 name=admin role=admin [2018-05-31 11:52:04] [INFO] api - PUT 151.0.175.186 /api/voice/queues/47 200 30ms id=1 name=admin role=admin [2018-05-31 11:53:04] [INFO] api - DELETE 151.0.175.186 /api/voice/queues/47 204 24ms id=1 name=admin role=admin