Secure Audit Log API Reference
The Secure Audit Log API is designed for recording a trail of application-based user activity in a scalable, tamper-proof log.
Base URL
audit.<csp>.<region>.pangea.cloud
curl -sSLX POST 'https://audit.aws.us.pangea.cloud/v1/log' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Log an entry
Create a log entry in the Secure Audit Log.
curl -sSLX POST 'https://audit.aws.us.pangea.cloud/v2/log' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Log multiple entries
Create multiple log entries in the Secure Audit Log.
curl -sSLX POST 'https://audit.aws.us.pangea.cloud/v2/log_async' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Log multiple entries asynchronously
Asynchronously create multiple log entries in the Secure Audit Log.
curl -sSLX POST 'https://audit.aws.us.pangea.cloud/v1/search' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Search the log
Search the Secure Audit Log.
curl -sSLX POST 'https://audit.aws.us.pangea.cloud/v1/results' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Search results
Page through results from a previous search.
curl -sSLX POST 'https://audit.aws.us.pangea.cloud/v1/export' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Export from the audit log
Bulk export data from the Secure Audit Log, with optional filtering. Use the request parameters to define the log data to export. Providing no filtering will request all of the available logs.
Make sure that your account has enough credits to complete the call before making the request. The API checks the account balance against the cost of the request and will exit before attempting the call if the account balance is too low to fulfill the request.
The export request is asynchronous and could take hours to complete, depending on the number of records. You can make a GET
request to https://audit.<csp>.<region>.pangea.cloud/request/<request_id>
to poll for the completion.
After the export request completes, use the /v1/download_results
endpoint to download the exported logs. Provide the request_id
from the export request as the request_id
parameter of the download request.
curl -sSLX POST 'https://audit.aws.us.pangea.cloud/v1/download_results' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response
Download search results
Retrieve all search or export results as a compressed (gzip) CSV file.
To download search results, use result.id
provided in the search API response as the result_id
parameter.
To download export results, use request_id
from the export API request as the request_id
parameter.
The download API returns a presigned GET URL in result.dest_url
, where the log data can be downloaded.
curl -sSLX POST 'https://audit.aws.us.pangea.cloud/v1/log_stream' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json'
Response
Log streaming endpoint
This API allows third-party vendors like Auth0 to stream log events to this endpoint. The payload structure may vary across different vendors. Please refer to examples in the SDKs to test this functionality and consult the Log Streaming documentation for details.
curl -sSLX POST 'https://audit.aws.us.pangea.cloud/v1/root' \
-H 'Authorization: Bearer <your_token>' \
-H 'Content-Type: application/json' \
-d '{}'
Response