View Audit History in the Log Files

Owned by Valerio Ciotta
Last updated: May 31, 2018


The Server Administrator can find and read the Audit Log files in:


/var/log/xcally/api-info.log


These log files report all the CRUD actions made on the Motion Server via API and the agent/user id and name that performed that action.


Here you find some examples of the activities traced in the log files:

  • Authentication
  • Create/Read/Update/Delete entries 


The audit log files have a maximum capacity of 100 MB  (10 files of 10 MB each on rotation) .


A typical format of the log file is the following:


[2018-05-30 13:41:01] [INFO] api - GET 66.249.70.28 /api/variables?fields=createdAt,updatedAt,id,name,description&limit=10&offset=0&sort=-updatedAt 206 31ms id=1 name=admin role=admin


where:

  • [2018-05-30 13:41:01] - Log date
  • [INFO] - Log level
  • GET - HTTP METHOD
  • 66.249.70.28 - Remote Client IP Address
  • /api/variables?fields=createdAt,updatedAt,id,name,description&limit=10&offset=0&sort=-updatedAt - Requested endpoint and its parameters 
  • 206 - HTTP RESPONSE CODE
  • 31ms - Time elapsed between request and API response 
  • id=1 - Requester User/Agent Id
  • name=admin - Requester User/Agent Name
  • role=admin - Requester User/Agent Role



In the following example instead, we see the log for the actions performed by an Administrator on the queue id 47 (create, update, delete):

[2018-05-31 11:51:52] [INFO] api - POST 151.0.175.186 /api/voice/queues 201 37ms id=1 name=admin role=admin
[2018-05-31 11:52:04] [INFO] api - PUT 151.0.175.186 /api/voice/queues/47 200 30ms id=1 name=admin role=admin
[2018-05-31 11:53:04] [INFO] api - DELETE 151.0.175.186 /api/voice/queues/47 204 24ms id=1 name=admin role=admin