Hello!
I am trying to write a script that would use Audit API to get audit logs from Apigee Edge.
The mission is to get alerted whenever somebody grants a user Administrative or Foo Role.
However the response from the audit api returns for example:
{ operation: 'UPDATE',
request: '\'\'auditwatcher@foo.com\'\'',
requestUri: '/v1/organizations/foo/userroles/user/users',
responseCode: '200',
timeStamp: 1675324669152,
user: ‘foo@foo.com’
}
No trace of what role that actually was given to the user.
Can somebody guide me how to achieve this?
The payload of the request is not captured in the audit logs, which would contain the specific data you are likely asking for. If you are building a “watcher” for audit alerting and notifications, you should review the sample Dino has created at https://github.com/DinoChiesa/Apigee-Audit-Watcher
This limitation does not exist in Apigee X and hybrid as Cloud Identity and IAM are leveraged. Full audit capabilities are provided and events can be triggered (e.g. eventarc) directly for the audit entries. This allows for practical alerting and notification, without the use of out of band “watchers”.