Audit | C# SDK

The audit API is designed for recording a trail of application-based user activity in a scalable, tamper-proof log.

Audit

AuditClient

Audit client.

var config = new Config("pangea_token", "pangea_domain");
var builder = new AuditClient.Builder(config);
var client = builder.Build();

Log an entry

AuditClient.Log(IEvent, LogConfig)

Log an event to Audit Secure Log. By default does not sign event and verbose is left as server default

required parameters

evt

IEvent

Event to log

config

LogConfig

Include verbosity, local signature and verify events setup

Response Object

Task<Response<LogResult>>

Response<LogResult>

string msg = "hello world";
var event = new StandardEvent.Builder(msg)
    .Build();

var config = new LogConfig.Builder()
    .WithVerbose(true)
    .Build();

var response = await client.Log(event, config);

Log multiple entries

AuditClient.LogBulk(IEvent[], LogConfig)

Create multiple log entries in the Secure Audit Log.

required parameters

events

IEvent[]

Events to log

config

LogConfig

Include verbosity, local signature and verify events setup

Response Object

Task<Response<LogBulkResult>>

Response<LogBulkResult>

var event = new StandardEvent.Builder("hello world").Build();
StandardEvent[] events = {event};

var response = await client.LogBulk(events, new LogConfig.Builder().Build());

Log multiple entries asynchronously

AuditClient.LogBulkAsync(IEvent[], LogConfig)

Asynchronously create multiple log entries in the Secure Audit Log.

required parameters

events

IEvent[]

config

LogConfig

Response Object

Task<Response<LogBulkResult>>

Response<LogBulkResult>

var event = new StandardEvent.Builder("hello world").Build();
StandardEvent[] events = {event};

var response = await client.LogBulkAsync(events, new LogConfig.Builder().Build());

Get last root

AuditClient.GetRoot()

Get last root from Pangea Server

Response Object

Task<Response<RootResult>>

Response<RootResult>

var response = await client.GetRoot();

Tamperproof Verification

AuditClient.GetRoot(int?)

Return current root hash and consistency proof.

required parameters

treeSize

int?

tree size to get root

Response Object

Task<Response<RootResult>>

Response<RootResult>

var response = await client.GetRoot(1);

Search

AuditClient.Search(SearchRequest, SearchConfig)

Perform a search of logs according to input param. By default verify logs consistency and events hash and signature.

required parameters

request

SearchRequest

Request to be sent to /search endpoint

config

SearchConfig

Config include event and consistency verification setup

Response Object

Task<Response<SearchOutput>>

Response<SearchOutput>

var request = new SearchRequest
    .Builder("message:hello world")
    .Build();
var config = new SearchConfig
    .Builder()
    .Build();

var response = await client.Search(request, config);

Results

AuditClient.Results(ResultRequest, SearchConfig)

Return result's page from search id.

required parameters

request

ResultRequest

Request to be sent to /results endpoint

config

SearchConfig

Config include event and consistency verification setup

Response Object

Task<Response<ResultsOutput>>

Response<ResultsOutput>

var request = new ResultRequest
    .Builder("pas_sqilrhruwu54uggihqj3aie24wrctakr")
    .Build();
var config = new SearchConfig
    .Builder()
    .Build();

var response = await client.Results(request, config);

Download search results

AuditClient.DownloadResults(DownloadRequest, CancellationToken)

Get all search results as a compressed (gzip) CSV file.

required parameters

request

DownloadRequest

Request parameters.

cancellationToken

CancellationToken

Cancellation token.

Response Object

Task<Response<DownloadResult>>

URL where search results can be downloaded.

var response = await client.DownloadResults(
    new DownloadRequest
    {
        ResultID = "pas_[...]",
        Format = DownloadFormat.CSV
    }
);

Log streaming endpoint

AuditClient.LogStream(BaseRequest, CancellationToken)

This API allows 3rd party vendors (like Auth0) to stream events to this endpoint where the structure of the payload varies across different vendors.

required parameters

data

BaseRequest

Event data. The exact schema of this will vary by vendor.

cancellationToken

CancellationToken

Cancellation token.

Response Object

Task<Response<object>>

A Pangea response.

// Extend `BaseRequest` and model what the streaming data looks like.
private sealed class LogStreamRequest : BaseRequest
{
    [JsonProperty("logs")]
    public IEnumerable<LogStreamEvent> Logs { get; set; } = Enumerable.Empty<LogStreamEvent>();
}

// Then later on, log it like so:
var input = new LogStreamRequest { /* ... */ };
var response = await client.LogStream(input);

Export from the audit log

AuditClient.Export(ExportRequest, CancellationToken)

Bulk export of data from the Secure Audit Log, with optional filtering.

required parameters

request

ExportRequest

Request parameters.

cancellationToken

CancellationToken

Cancellation token.

Response Object

Task<Response<object>>

var response = await client.Export(new ExportRequest
{
    End = DateTimeOffset.Now,
    Verbose = false,
});