Audit Logging

Access Audit Logging

Users who have the Organization Administrator permission or the Audit Log Viewer permission on Anypoint Platform have access to both the UI and the Query API. The audit log service is business-group aware, which means you see only logs that are relevant to your own business group.

The audit log UI is embedded in Access Management.

Log in to Anypoint Platform.
In the navigation bar or the main Anypoint Platform page, click Access Management.
In the Access Management navigation menu, click Audit Logs.

The Audit Logs page displays the logs. You can:

Download audit logs.
Set a time period for audit logs to display.
Filter audit logs by product, type, and actions.
Search audit logs by environment, object, and user.

Export Audit Logs

You can use the Telemetry Exporter feature in Anypoint Monitoring to export audit logs to third-party analytics and observability apps.

When exported, audit logs have a unique ID in the mulesoft.audit.id attribute. In usual operations, each log is delivered only once, but under certain circumstances, some logs are delivered more than once. Duplicate log entries always share the unique mulesoft.audit.id attribute, so this attribute can be used to safely block or remove duplicate logs from the target system.

Telemetry Exporter for audit logs currently has the following data differences, limitations, and known issues:

The audit logs that the Telemetry Exporter sends to third-party apps often have different field names from the audit logs that appear in Access Management or the Audit Query Log API.
For example, audit logs shown in the UI or retrieved by the Audit Log Query API describe a user action (such as update or delete) as action, whereas the OpenTelemetry attribute refers to it as mulesoft.audit.action.
If the audit log entry metadata and payload field exceed 30KB when compressed, the payload is truncated before compression.

Audit Log Contents

Activities represented in the log are actions that occur at a particular time, involve one or more objects, have an action type (such as delete or approve) associated with the objects, and optionally a payload which can store application-specific information such as changed fields, environment information, etc.

Each log entry has a set of properties that provides information about the activity:

Time: The timestamp when the activity occurred.
Product: The product where the object resides, for example, Access Management
Type: The type of the object on which the action is performed, for example, Organization
Action: The action associated with the object, for example, Create
Object: The name of the object, for example, foo

User Name: The user who performed the action, for example, johndoe

Occasionally, there are Anypoint Staff log entries. This log entry is made when the audit action was performed by a user who does not belong to your organization.
Anypoint Staff entries are created for when these events occur:

An internal or system process that is a routine part of Anypoint Platform operations is performed
The MuleSoft procurement staff changes entitlements for your organization as a result of license grants
An action is performed by a MuleSoft employee on your behalf for other purposes, such as troubleshooting

Connected App: Name of the connected app that takes an action on behalf of a user or itself. If a connected app did not execute the action, the payload is N/A.
Environment: Environment names for events from API Manager, Runtime Manager, CloudHub, Partner Manager, and MQ.
Parent: (Optional) The parent of the object (if any) on which the action is performed. Mainly relevant to APIs.
Payload: (Optional) More information about the log properties. For example, if an Organization was created, then the payload would contain information about the organization and the owner, such as IDs.

The following is a list of actions per product and object type that Anypoint Platform audits:

User Action	Object Type	Object	Parent	Action	Payload
Set T&C	T&C	T&C	N/A	Create	Subaction: None Properties: New T&Cs
Modify T&C	T&C	T&C	N/A	Edit	Subaction: None Properties: New T&Cs
Set org custom theme	Portal theme	Org name	N/A	Create	Subaction: None Properties: Theme data
Edit org custom theme	Bus. Group	Org Name	N/A	Edit	Subaction: None Properties: Theme data
Add custom policy	Policy	PolicyID	N/A	Create	Subaction: None Properties: None
Delete custom policy	Policy	PolicyID	N/A	Delete	Subaction: None Properties: Policy data

User Action

Object Type

Object

Parent

Action

Payload

Set T&C

T&C

N/A

Create

Subaction: None
Properties: New T&Cs

Modify T&C

T&C

N/A

Edit

Subaction: None
Properties: New T&Cs

Set org custom theme

Portal theme

Org name

N/A

Create

Subaction: None
Properties: Theme data

Edit org custom theme

Bus. Group

Org Name

N/A

Edit

Subaction: None
Properties: Theme data

Add custom policy

Policy

PolicyID

N/A

Create

Subaction: None
Properties: None

Delete custom policy

Policy

PolicyID

N/A

Delete

Subaction: None
Properties: Policy data

APIs

User Action	Object Type	Object	Parent	Action	Payload
Create API	API	API ID	N/A	Create	Subaction: None Properties: None
Delete API	API	API ID	N/A	Delete	Subaction: None Properties: None
Import API	API	API ID	N/A	Create	Subaction: None Properties: None
Update label of API	API	API ID	N/A	Edit	Subaction: None Properties: API object
Update consumer endpoint of API	API	API ID	N/A	Edit - update endpoint	Subaction: None Properties: API object
Update endpoint URI of API	API	API ID	N/A	Edit - edit endpoint URI	Subaction: None Properties: API object

User Action

Object Type

Object

Parent

Action

Payload

Create API

API

API ID

N/A

Create

Subaction: None
Properties: None

Delete API

API

API ID

N/A

Delete

Subaction: None
Properties: None

Import API

API

API ID

N/A

Create

Subaction: None
Properties: None

Update label of API

API

API ID

N/A

Edit

Subaction: None
Properties: API object

Update consumer endpoint of API

API

API ID

N/A

Edit - update endpoint

Subaction: None
Properties: API object

Update endpoint URI of API

API

API ID

N/A

Edit - edit endpoint URI

Subaction: None
Properties: API object

API Versions

User Action	Object Type	Object	Parent	Action	Payload
Create API version	API version	Version ID	API ID	Create	Subaction: None Properties: None
Delete API version	API version	Version ID	API ID	Delete	Subaction: None Properties: None
Import API	API version	Version ID	API ID	Create	Subaction: Import API version Properties: None
Edit name of API version	API version	Version ID	API ID	Edit	Subaction: Edit name Properties: New name
Edit description of API version	API version	Version ID	API ID	Edit	Subaction: Edit description Properties: New description
Edit API URL of API version	API version	Version ID	API ID	Edit	Subaction: Edit API URL Properties: New API URL
Add tag	API Version	Version ID	API ID	Edit	Subaction: Add tag Properties: New tag
Remove tag	API Version	Version ID	API ID	Edit	Subaction: Remove tag Properties: Deleted tag
Deprecate API	API version	Version ID	API ID	Edit	Subaction: Deprecate API Properties: None
Set T&Cs	API Version	Version ID	API ID	Edit	Subaction: Set terms & conditions Properties: T&Cs
Create RAML	API Version	Version ID	API ID	Edit	Subaction: Create RAML Properties: None
Modify RAML	API Version	Version ID	API ID	Edit	Subaction: Edit RAML Properties: Updated RAML files
Create endpoint	API version	Version ID	API ID	Edit	Subaction: Create endpoint Properties: New endpoint
Update existing endpoint	API version	Version ID	API ID	Edit	Subaction: Update endpoint Properties: Create endpoint
Deploy proxy	API Version	Version ID	API ID	Deploy	Subaction: None Properties: Deploy location (app name & server name for hybrid)
Update deployed proxy	API version	Version ID	API ID	Edit	Subaction: Configure endpoint Properties: New endpoint
Redeploy proxy	API Version	Version ID	API ID	Deploy	Subaction: None Properties: Deploy location (app name & server name for hybrid)
Create SLA tier	Tier	SLA ID	Version ID	Create	Subaction: None Properties: SLA settings
Modify SLA tier	Tier	SLA ID	Version ID	Edit	Subaction: None Properties: SLA settings
Deprecate SLA tier	Tier	SLA ID	Version ID	Edit	Subaction: Deprecate SLA tier Properties: SLA settings
Delete SLA tier	Tier	SLA ID	Version ID	Delete	Subaction: None Properties: None
Apply policy	API policy	Policy ID	Version ID	Create	Subaction: None Properties: Policy settings
Edit policy	API policy	Policy ID	Version ID	Edit	Subaction: None Properties: Policy settings
Remove policy	API policy	Policy ID	Version ID	Delete	Subaction: None Properties: None

User Action

Object Type

Object

Parent

Action

Payload

Create API version

API version

Version ID

API ID

Create

Subaction: None
Properties: None

Delete API version

API version

Version ID

API ID

Delete

Subaction: None
Properties: None

Import API

API version

Version ID

API ID

Create

Subaction: Import API version
Properties: None

Edit name of API version

API version

Version ID

API ID

Edit

Subaction: Edit name
Properties: New name

Edit description of API version

API version

Version ID

API ID

Edit

Subaction: Edit description
Properties: New description

Edit API URL of API version

API version

Version ID

API ID

Edit

Subaction: Edit API URL
Properties: New API URL

Add tag

API Version

Version ID

API ID

Edit

Subaction: Add tag
Properties: New tag

Remove tag

API Version

Version ID

API ID

Edit

Subaction: Remove tag
Properties: Deleted tag

Deprecate API

API version

Version ID

API ID

Edit

Subaction: Deprecate API
Properties: None

Set T&Cs

API Version

Version ID

API ID

Edit

Subaction: Set terms & conditions
Properties: T&Cs

Create RAML

API Version

Version ID

API ID

Edit

Subaction: Create RAML
Properties: None

Modify RAML

API Version

Version ID

API ID

Edit

Subaction: Edit RAML
Properties: Updated RAML files

Create endpoint

API version

Version ID

API ID

Edit

Subaction: Create endpoint
Properties: New endpoint

Update existing endpoint

API version

Version ID

API ID

Edit

Subaction: Update endpoint
Properties: Create endpoint

Deploy proxy

API Version

Version ID

API ID

Deploy

Subaction: None
Properties: Deploy location (app name & server name for hybrid)

Update deployed proxy

API version

Version ID

API ID

Edit

Subaction: Configure endpoint
Properties: New endpoint

Redeploy proxy

API Version

Version ID

API ID

Deploy

Subaction: None
Properties: Deploy location (app name & server name for hybrid)

Create SLA tier

Tier

SLA ID

Version ID

Create

Subaction: None
Properties: SLA settings

Modify SLA tier

Tier

SLA ID

Version ID

Edit

Subaction: None
Properties: SLA settings

Deprecate SLA tier

Tier

SLA ID

Version ID

Edit

Subaction: Deprecate SLA tier
Properties: SLA settings

Delete SLA tier

Tier

SLA ID

Version ID

Delete

Subaction: None
Properties: None

Apply policy

API policy

Policy ID

Version ID

Create

Subaction: None
Properties: Policy settings

Edit policy

API policy

Policy ID

Version ID

Edit

Subaction: None
Properties: Policy settings

Remove policy

API policy

Policy ID

Version ID

Delete

Subaction: None
Properties: None

Application

User Action	Object Type	Object	Parent	Action	Payload
Create application	Application	App ID	N/A	Create	Subaction: None Properties: Application
Delete application	Application	App ID	N/A	Delete	Subaction: None Properties: None
Reset client secret	Application	App ID	N/A	Edit - reset client secret	Subaction: Reset client secret Properties: None
Request access	Contract	Object 1: App ID Object 2: API version ID	N/A	Create	Subaction: None Properties: SLA tier
Request tier change	Contract	Object 1: App ID Object 2: API version ID	N/A	Edit - request tier change	Subaction: Request tier change Properties: New tier
Request tier change approval	Contract	Object 1: App ID Object 2: API version ID	N/A	Edit - request tier change approval	Subaction: Request tier change approval Properties: New tier
Approve application	Contract	Object 1: App ID Object 2: API version ID	N/A	Edit - contract approval	Subaction: Contract approval Properties: SLA tier
Revoke application	Contract	Object 1: App ID Object 2: API version ID	N/A	Edit - contract revoke	Subaction: Contract revoked Properties: SLA tier
Restore application	Contract	Object 1: App ID Object 2: API version ID	N/A	Edit - contract restore	Subaction: Contract restored Properties: SLA tier

User Action

Object Type

Object

Parent

Action

Payload

Create application

Application

App ID

N/A

Create

Subaction: None
Properties: Application

Delete application

Application

App ID

N/A

Delete

Subaction: None
Properties: None

Reset client secret

Application

App ID

N/A

Edit - reset client secret

Subaction: Reset client secret
Properties: None

Request access

Contract

Object 1: App ID
Object 2: API version ID

N/A

Create

Subaction: None
Properties: SLA tier

Request tier change

Contract

Object 1: App ID
Object 2: API version ID

N/A

Edit - request tier change

Subaction: Request tier change
Properties: New tier

Request tier change approval

Contract

Object 1: App ID
Object 2: API version ID

N/A

Edit - request tier change approval

Subaction: Request tier change approval
Properties: New tier

Approve application

Contract

Object 1: App ID
Object 2: API version ID

N/A

Edit - contract approval

Subaction: Contract approval
Properties: SLA tier

Revoke application

Contract

Object 1: App ID
Object 2: API version ID

N/A

Edit - contract revoke

Subaction: Contract revoked
Properties: SLA tier

Restore application

Contract

Object 1: App ID
Object 2: API version ID

N/A

Edit - contract restore

Subaction: Contract restored
Properties: SLA tier

The Create Application and Delete Application actions are logged at the root organization level.

API Governance

User Action	Object Type	Object	Parent	Action	Payload
Create profile	Profile	Profile name	N/A	Create	Subaction: None Properties: None
Update profile	Profile	Profile name	N/A	Update	Subaction: None Properties: None
Delete profile	Profile	Profile name	N/A	Delete	Subaction: None Properties: None
Activate profile	Profile	Profile name	N/A	Activate	Subaction: None Properties: None

User Action

Object Type

Object

Parent

Action

Payload

Create profile

Profile

Profile name

N/A

Create

Subaction: None
Properties: None

Update profile

Profile

Profile name

N/A

Update

Subaction: None
Properties: None

Delete profile

Profile

Profile name

N/A

Delete

Subaction: None
Properties: None

Activate profile

Profile

Profile name

N/A

Activate

Subaction: None
Properties: None

API Designer APIs

User Action	Object Type	Object	Parent	Action	Payload
Create project	Project	Project ID	N/A	Create project	Subaction: None Properties: orgID userID projectName
Delete project	Project	Project ID	N/A	Delete project	Subaction: None Properties: orgID userID projectName
Delete files	Files	Project ID	N/A	Delete files	Subaction: None Properties: orgID userID projectName
Rename project	Project	Project ID	N/A	Rename project	Subaction: None Properties: orgID userID newProjectName
Clean branch	Project	Project ID	N/A	Clean branch	Subaction: None Properties: orgID userID branchName
Create branch	Project	Project ID	N/A	Create branch	Subaction: None Properties: orgID userID branchName
Delete branch	Project	Project ID	N/A	Delete branch	Subaction: None Properties: orgID userID branchName
Save branch	Project	Project ID	N/A	Save branch	Subaction: None Properties: orgID userID branchName
Delete file	Project	Project ID	N/A	Delete file	Subaction: None Properties: orgID userID File Path
Move file	Project	Project ID	N/A	Move file	Subaction: None Properties: orgID userID targetFile
Import project	Project	Project ID	N/A	Import project	Subaction: None Properties: orgID userID branchName
Publish to Exchange	Project	Project ID	N/A	Publish to Exchange	Subaction: None Properties: orgID userID projectName
Publish to API Platform	Project	Project ID	N/A	Publish to API Platform	Subaction: None Properties: orgID userID projectName
Add dependencies	Project	Project ID	N/A	Add dependencies	Subaction: None Properties: orgID userID dependencies
Remove dependencies	Project	Project ID	N/A	Remove dependencies	Subaction: None Properties: orgID userID dependencies
Change dependencies	Project	Project ID	N/A	Change dependencies	Subaction: None Properties: orgID userID addDependencies removeDependencies
Reload dependencies	Project	Project ID	N/A	Reload dependencies	Subaction: None Properties: orgID userID branchName
Merge Branch	Project	Project ID	N/A	Merge Branch	Subaction: None Properties: orgID projectID userID branchName
Share project	Project	Project ID	N/A	Share project	Subaction: None Properties: orgID projectID userID projectID
Sync with Github	Project	Project ID	N/A	Sync with Github	Subaction: None Properties: orgID projectID userID repositoryName
Unsync with Github	Project	Project ID	N/A	Unsync with Github	Subaction: None Properties: orgID projectID userID projectID
Modify organization settings	Project	Organization ID	N/A	Modify organization settings	Subaction: None Properties: orgID projectID userID projectID
Rename branch	Project	Project ID	N/A	Rename branch	Subaction: None Properties: orgID projectID userID branchName
Modify project settings	Project	Project ID	N/A	Modify project settings	Subaction: None Properties: orgID projectID userID projectID

User Action

Object Type

Object

Parent

Action

Payload

Create project

Project

Project ID

N/A

Create project

Subaction: None
Properties:

orgID
userID
projectName

Delete project

Project

Project ID

N/A

Delete project

Subaction: None
Properties:

orgID
userID
projectName

Delete files

Files

Project ID

N/A

Delete files

Subaction: None
Properties:

orgID
userID
projectName

Rename project

Project

Project ID

N/A

Rename project

Subaction: None
Properties:

orgID
userID
newProjectName

Clean branch

Project

Project ID

N/A

Clean branch

Subaction: None
Properties:

orgID
userID
branchName

Create branch

Project

Project ID

N/A

Create branch

Subaction: None
Properties:

orgID
userID
branchName

Delete branch

Project

Project ID

N/A

Delete branch

Subaction: None
Properties:

orgID
userID
branchName

Save branch

Project

Project ID

N/A

Save branch

Subaction: None
Properties:

orgID
userID
branchName

Delete file

Project

Project ID

N/A

Delete file

Subaction: None
Properties:

orgID
userID
File Path

Move file

Project

Project ID

N/A

Move file

Subaction: None
Properties:

orgID
userID
targetFile

Import project

Project

Project ID

N/A

Import project

Subaction: None
Properties:

orgID
userID
branchName

Publish to Exchange

Project

Project ID

N/A

Publish to Exchange

Subaction: None
Properties:

orgID
userID
projectName

Publish to API Platform

Project

Project ID

N/A

Publish to API Platform

Subaction: None
Properties:

orgID
userID
projectName

Add dependencies

Project

Project ID

N/A

Add dependencies

Subaction: None
Properties:

orgID
userID
dependencies

Remove dependencies

Project

Project ID

N/A

Remove dependencies

Subaction: None
Properties:

orgID
userID
dependencies

Change dependencies

Project

Project ID

N/A

Change dependencies

Subaction: None
Properties:

orgID
userID
addDependencies
removeDependencies

Reload dependencies

Project

Project ID

N/A

Reload dependencies

Subaction: None
Properties:

orgID
userID
branchName

Merge Branch

Project

Project ID

N/A

Merge Branch

Subaction: None
Properties:

orgID
projectID
userID
branchName

Share project

Project

Project ID

N/A

Share project

Subaction: None
Properties:

orgID
projectID
userID
projectID

Sync with Github

Project

Project ID

N/A

Sync with Github

Subaction: None
Properties:

orgID
projectID
userID
repositoryName

Unsync with Github

Project

Project ID

N/A

Unsync with Github

Subaction: None
Properties:

orgID
projectID
userID
projectID

Modify organization settings

Project

Organization ID

N/A

Modify organization settings

Subaction: None
Properties:

orgID
projectID
userID
projectID

Rename branch

Project

Project ID

N/A

Rename branch

Subaction: None
Properties:

orgID
projectID
userID
branchName

Modify project settings

Project

Project ID

N/A

Modify project settings

Subaction: None
Properties:

orgID
projectID
userID
projectID

Mocking Service

User Action	Object Type	Object	Parent	Action	Payload
Create link	Link	Link ID	N/A	Create	Subaction: Create Link Properties: Link metadata
Delete link	Link	Link ID	N/A	Delete	Subaction: Delete Link Properties: Link metadata

User Action

Object Type

Object

Parent

Action

Payload

Create link

Link

Link ID

N/A

Create

Subaction: Create Link
Properties: Link metadata

Delete link

Link

Link ID

N/A

Delete

Subaction: Delete Link
Properties: Link metadata

Portals

The following actions apply to API Manager v1.x portals.

User Action	Object Type	Object	Parent	Action	Payload
Create portal	Portal	Object 1: Portal ID Object 2: API Version ID	N/A	Create	Subaction: None Properties: None
Modify portal association	Portal	Object 1: Portal ID Object 2: API version ID	N/A	Edit	Subaction: Change portal association Properties: None
Delete portal	Portal	Portal ID	N/A	Delete	Subaction: None Properties: None
Add portal page	Portal	Page ID	Portal ID	Edit	Subaction: Add portal page Properties: Page content
Make portal page visible	Portal	Page ID	Portal ID	Edit	Subaction: Make page visible Properties: Page content
Delete portal page	Portal	Page ID	Portal ID	Delete	Subaction: Delete portal page Properties: Page content
Edit portal page	Portal	Page ID	Portal ID	Edit	Subaction: Edit portal page Properties: Page content
Hide portal page	Portal	Page ID	Portal ID	Edit	Subaction: Hide portal page Properties: Page content
Set portal theme	Portal	Portal ID	N/A	Edit	Subaction: Set portal theme Properties: Theme settings
Modify portal theme	Portal	Portal ID	N/A	Edit	Subaction: Modify portal theme Properties: Theme settings
Modify portal security	Portal	Portal ID	N/A	Edit	Subaction: Set security Properties: Public / private state

User Action

Object Type

Object

Parent

Action

Payload

Create portal

Portal

Object 1: Portal ID
Object 2: API Version ID

N/A

Create

Subaction: None
Properties: None

Modify portal association

Portal

Object 1: Portal ID
Object 2: API version ID

N/A

Edit

Subaction: Change portal association
Properties: None

Delete portal

Portal

Portal ID

N/A

Delete

Subaction: None
Properties: None

Add portal page

Portal

Page ID

Portal ID

Edit

Subaction: Add portal page
Properties: Page content

Make portal page visible

Portal

Page ID

Portal ID

Edit

Subaction: Make page visible
Properties: Page content

Delete portal page

Portal

Page ID

Portal ID

Delete

Subaction: Delete portal page
Properties: Page content

Edit portal page

Portal

Page ID

Portal ID

Edit

Subaction: Edit portal page
Properties: Page content

Hide portal page

Portal

Page ID

Portal ID

Edit

Subaction: Hide portal page
Properties: Page content

Set portal theme

Portal

Portal ID

N/A

Edit

Subaction: Set portal theme
Properties: Theme settings

Modify portal theme

Portal

Portal ID

N/A

Edit

Subaction: Modify portal theme
Properties: Theme settings

Modify portal security

Portal

Portal ID

N/A

Edit

Subaction: Set security
Properties: Public / private state

Access Management

Users

User Action	Object Type	Object	Parent	Action	Payload
Signup / Organization creation	User	UserID	N/A	Create	Subaction: None Properties: Organization ID
User creation (w/out creating an org)	User	UserID	N/A	Create	Subaction: None Properties: UserID
Password reset requested	User	UserID	N/A	Edit	Subaction: Password reset Properties: None
Password changed	User	UserID	N/A	Edit	Subaction: Password changed Properties: None
Delete user	User	UserID	N/A	Delete	Subaction: None Properties: User object
Disable user	User	UserID	N/A	Edit	Subaction: Disable user Properties: None
Login success	User	UserID	N/A	Login	Subaction: None Properties: None
Login success reauthenticate	User	UserID	N/A	Login - Reauthenticate	Subaction: Reauthenticate Properties: None
Login failure	User	UserID	N/A	Login	Subaction: Failure Properties: Error message
Login failure reauthentication	User	UserID	N/A	Login - Reauthentication Failure	Subaction: Reauthentication Failure Properties: Error message
Logout	User	UserID	N/A	Logout	Subaction: None Properties: None

User Action

Object Type

Object

Parent

Action

Payload

Signup / Organization creation

User

UserID

N/A

Create

Subaction: None
Properties: Organization ID

User creation (w/out creating an org)

User

UserID

N/A

Create

Subaction: None
Properties: UserID

Password reset requested

User

UserID

N/A

Edit

Subaction: Password reset
Properties: None

Password changed

User

UserID

N/A

Edit

Subaction: Password changed
Properties: None

Delete user

User

UserID

N/A

Delete

Subaction: None
Properties: User object

Disable user

User

UserID

N/A

Edit

Subaction: Disable user
Properties: None

Login success

User

UserID

N/A

Login

Subaction: None
Properties: None

Login success reauthenticate

User

UserID

N/A

Login - Reauthenticate

Subaction: Reauthenticate
Properties: None

Login failure

User

UserID

N/A

Login

Subaction: Failure
Properties: Error message

Login failure reauthentication

User

UserID

N/A

Login - Reauthentication Failure

Subaction: Reauthentication Failure
Properties: Error message

Logout

User

UserID

N/A

Logout

Subaction: None
Properties: None

Login and Logout actions are logged only at the organization level.
Login failure actions are logged only against existing user accounts.
Login failure actions are not logged if you are using SSO configured with LDAP or OIDC, which includes login failures to Anypoint Platform Private Cloud Edition (Anypoint Platform PCE).

Roles

User Action	Object Type	Object	Parent	Action	Payload
Create role	Role	Role	N/A	Create	Subaction: None Properties: None
Edit role - add user	Object 1: Role Object 2: User	Object 1: Role Object 2: User	N/A	Edit	Subaction: Add user Properties: Role, User
Edit role - remove user	Object 1: Role Object 2: User	Object 1: Role Object 2: User	N/A	Edit	Subaction: Remove user Properties: Role, User
Edit role - change external group mapping	Role	Role	N/A	Edit	Subaction: Edit role mapping Properties: New mapping
Delete role	Role	Role	N/A	Delete	Subaction: None Properties: Role metadata

User Action

Object Type

Object

Parent

Action

Payload

Create role

Role

N/A

Create

Subaction: None
Properties: None

Edit role - add user

Object 1: Role
Object 2: User

N/A

Edit

Subaction: Add user
Properties: Role, User

Edit role - remove user

Object 1: Role
Object 2: User

N/A

Edit

Subaction: Remove user
Properties: Role, User

Edit role - change external group mapping

Role

N/A

Edit

Subaction: Edit role mapping
Properties: New mapping

Delete role

Role

N/A

Delete

Subaction: None
Properties: Role metadata

Permissions

User Action	Object Type	Object	Parent	Action	Payload
User permission change	Permission	Object 1: User Object 2: Resource	Parent 1: N/A Parent 2: Resource parent if applicable	Permissions change	Subaction: None Properties: New permission
Role permission change	Permission	Object 1: Role Object 2: Resource	Parent 1: N/A Parent 2: Resource parent if applicable	Permissions change	Subaction: None Properties: New permission
Environment permissions change	Permission	EnvID	N/A	Permissions change	Subaction: None Properties: New permissions

User Action

Object Type

Object

Parent

Action

Payload

User permission change

Permission

Object 1: User
Object 2: Resource

Parent 1: N/A
Parent 2: Resource parent if applicable

Permissions change

Subaction: None
Properties: New permission

Role permission change

Permission

Object 1: Role
Object 2: Resource

Parent 1: N/A
Parent 2: Resource parent if applicable

Permissions change

Subaction: None
Properties: New permission

Environment permissions change

Permission

EnvID

N/A

Permissions change

Subaction: None
Properties: New permissions

Identity Management

User Action	Object Type	Object	Parent	Action	Payload
Create identity provider configuration	Identity management	Provider name	N/A	Create	Subaction: None
Edit identity provider configuration	Identity management	Provider name	N/A	Edit	Subaction: None
Delete identity provider configuration	Identity management	Provider name	N/A	Delete	Subaction: None
Warning	Object 1: Identity management Object 2: User	Object 1: Provider name Object 2: UserID	N/A	None	Subaction: None Properties: Message
Create identity management key	Identity management key	KeyID	N/A	Create	Subaction: None
Set primary identity management key	Identity management key	KeyID	N/A	Edit	Subaction: Set primary key Properties: old_primary_provider_key_id provider_key_id
Delete identity management key	Identity management key	KeyID	N/A	Delete	Subaction: None

User Action

Object Type

Object

Parent

Action

Payload

Create identity provider configuration

Identity management

Provider name

N/A

Create

Subaction: None

Edit identity provider configuration

Identity management

Provider name

N/A

Edit

Subaction: None

Delete identity provider configuration

Identity management

Provider name

N/A

Delete

Subaction: None

Warning

Object 1: Identity management
Object 2: User

Object 1: Provider name
Object 2: UserID

N/A

None

Subaction: None
Properties: Message

Create identity management key

Identity management key

KeyID

N/A

Create

Subaction: None

Set primary identity management key

Identity management key

KeyID

N/A

Edit

Subaction: Set primary key
Properties:

old_primary_provider_key_id
provider_key_id

Delete identity management key

Identity management key

KeyID

N/A

Delete

Subaction: None

Organization and Business Groups

User Action	Object Type	Object	Parent	Action	Payload
Edit domain name	Organization	OrgID	N/A	Edit	Subaction: None Properties: New name
Create business group	Organization	OrgID	Parent organization	Create	Subaction: None Properties: Org object
Edit business group name	Organization	OrgID	Parent organization	Edit	Subaction: Edit name Properties: New group name
Edit business group owner	Organization	OrgID	Parent organization	Edit	Subaction: Edit owner Properties: New owner userID
Edit business group entitlement	Entitlement	EnvID	N/A	Edit	Subaction: Edit entitlement Properties: Entitlement change
Delete business group	Organization	OrgID	Parent organization	Delete	Subaction: None Properties: Org object

User Action

Object Type

Object

Parent

Action

Payload

Edit domain name

Organization

OrgID

N/A

Edit

Subaction: None
Properties: New name

Create business group

Organization

OrgID

Parent organization

Create

Subaction: None
Properties: Org object

Edit business group name

Organization

OrgID

Parent organization

Edit

Subaction: Edit name
Properties: New group name

Edit business group owner

Organization

OrgID

Parent organization

Edit

Subaction: Edit owner
Properties: New owner userID

Edit business group entitlement

Entitlement

EnvID

N/A

Edit

Subaction: Edit entitlement
Properties: Entitlement change

Delete business group

Organization

OrgID

Parent organization

Delete

Subaction: None
Properties: Org object

Environments

User Action Object Type Object Parent Action Payload

Create environment

Environment

EnvID

N/A

Create

Subaction: None
Properties: None

Delete environment

Environment

EnvID

N/A

Delete

Subaction: None
Properties: Environment metadata

Rename environment

Environment

EnvID

N/A

Edit

Subaction: None
Properties: Environment name

Environments that are created automatically when you create an organization or business group do not have audit log entries. As Anypoint Platform has evolved, the default environments created have also changed over time. Currently, Sandbox and Design are created automatically and do not have audit log entries.

Connected Apps

User Action	Object Type	Object	Parent	Action	Payload
Create Connected Application	Connected Application	clientID	N/A	Create	Subaction: None Properties: clientName clientID clientIP orgID grantTypes
Edit Connected Application	Connected Application	clientID	N/A	Edit	Subaction: None Properties: clientName clientID clientIP orgID grantTypes
Delete Connected Application	Connected Application	clientID	N/A	Delete	Subaction: None Properties: clientName clientID clientIP orgID grantTypes
Update Scope Assignments	Connected Application	clientID	N/A	Permissions Change	Subaction: Add Assignments Properties: Scopes
Application Authorization Approved	External Authorization	clientID	N/A	Approved	Subaction: None Properties: None
Application Authorization Denied	External Authorization	clientID	N/A	Denied	Subaction: None Properties: None
Token Retrieval Success	Connected Application	clientID	N/A	Login - Token	Subaction: Token Properties: clientName clientID clientIP orgID grantTypes
Token Retrieval Failed	Connected Application	clientID	N/A	Login - Token	Subaction: Token Properties: clientID clientIP Error Message
Revoke Access/Refresh Tokens	Connected Application	clientID	N/A	Revoke Tokens	Subaction: None Properties: clientName clientID clientIP orgID grantTypes

User Action

Object Type

Object

Parent

Action

Payload

Create Connected Application

Connected Application

clientID

N/A

Create

Subaction: None
Properties:

clientName
clientID
clientIP
orgID
grantTypes

Edit Connected Application

Connected Application

clientID

N/A

Edit

Subaction: None
Properties:

clientName
clientID
clientIP
orgID
grantTypes

Delete Connected Application

Connected Application

clientID

N/A

Delete

Subaction: None
Properties:

clientName
clientID
clientIP
orgID
grantTypes

Update Scope Assignments

Connected Application

clientID

N/A

Permissions Change

Subaction: Add Assignments
Properties: Scopes

Application Authorization Approved

External Authorization

clientID

N/A

Approved

Subaction: None
Properties: None

Application Authorization Denied

External Authorization

clientID

N/A

Denied

Subaction: None
Properties: None

Token Retrieval Success

Connected Application

clientID

N/A

Login - Token

Subaction: Token
Properties:

clientName
clientID
clientIP
orgID
grantTypes

Token Retrieval Failed

Connected Application

clientID

N/A

Login - Token

Subaction: Token
Properties:

clientID
clientIP
Error Message

Revoke Access/Refresh Tokens

Connected Application

clientID

N/A

Revoke Tokens

Subaction: None
Properties:

clientName
clientID
clientIP
orgID
grantTypes

Teams

User Action	Object Type	Object	Parent	Action	Payload
Create Team	Team	Team Name	N/A	Create	Subaction: None Properties: org_id team_id team_name team_type created_at updated_at ancestor_team_ids
Update Team	Team	Team Name	N/A	Update	Subaction: None Properties: org_id team_id team_type ancestor_team_ids
Move Team	Team	Team Name	N/A	Move	Subaction: None Properties: org_id team_id team_type ancestor_team_ids previous_ancestor_team_ids
Add Members	Team	Team Name	N/A	Edit	Subaction: Add Members Properties: array of: id (Member/Maintainer ID) membership_type
Remove Members	Team	Team Name	N/A	Edit	Subaction: Remove Members Properties: Removed Member ID
Add Permissions	Team	Team Name	N/A	Permissions change	Subaction: Add permissions Properties: name (Permission Name) role_id (Permission ID) context_params)
Remove Permissions	Team	Team Name	N/A	Permissions change	Subaction: Remove permissions Properties: name (Permission Name) role_id (Permission ID) context_params)
Edit External Group Mappings	Team	Team Name	N/A	Edit	Subaction: Edit external group mapping Properties: data: provider_id membership_type external_group_name total
Delete Team	Team	Team Name	N/A	Delete	Subaction: None Properties: org_id team_id ancestor_team_ids

User Action

Object Type

Object

Parent

Action

Payload

Create Team

Team

Team Name

N/A

Create

Subaction: None
Properties:

org_id
team_id
team_name
team_type
created_at
updated_at
ancestor_team_ids

Update Team

Team

Team Name

N/A

Update

Subaction: None
Properties:

org_id
team_id
team_type
ancestor_team_ids

Move Team

Team

Team Name

N/A

Move

Subaction: None
Properties:

org_id
team_id
team_type
ancestor_team_ids
previous_ancestor_team_ids

Add Members

Team

Team Name

N/A

Edit

Subaction: Add Members
Properties:

array of:
- id (Member/Maintainer ID)
- membership_type

Remove Members

Team

Team Name

N/A

Edit

Subaction: Remove Members
Properties:

Removed Member ID

Add Permissions

Team

Team Name

N/A

Permissions change

Subaction: Add permissions
Properties:

name (Permission Name)
role_id (Permission ID)
context_params)

Remove Permissions

Team

Team Name

N/A

Permissions change

Subaction: Remove permissions
Properties:

name (Permission Name)
role_id (Permission ID)
context_params)

Edit External Group Mappings

Team

Team Name

N/A

Edit

Subaction: Edit external group mapping
Properties:

data:
- provider_id
- membership_type
- external_group_name
total

Delete Team

Team

Team Name

N/A

Delete

Subaction: None
Properties:

org_id
team_id
ancestor_team_ids

User IdP Profiles

User Action	Object Type	Object	Parent	Action	Payload
Create User IdP Profile	User IdP Profile	N/A	N/A	Create	Subaction: None Properties: userId idpUserId providerId loginProfileData

User Action

Object Type

Object

Parent

Action

Payload

Create User IdP Profile

User IdP Profile

N/A

Create

Subaction: None
Properties:

userId
idpUserId
providerId
loginProfileData

Anypoint DataGraph

User Action	Object Type	Object	Parent	Action	Payload
Add API	User	data-graph-{api-name}-{env-name}	N/A	Add API	N/A
Update API	User	data-graph-{api-name}-{env-name}	N/A	Update API	N/A
Remove API	User	data-graph-{api-name}-{env-name}	N/A	Remove API	N/A

User Action

Object Type

Object

Parent

Action

Payload

Add API

User

data-graph-{api-name}-{env-name}

N/A

Add API

N/A

Update API

User

data-graph-{api-name}-{env-name}

N/A

Update API

N/A

Remove API

User

data-graph-{api-name}-{env-name}

N/A

Remove API

N/A

Exchange

Assets

User Action	Object Type	Object	Parent	Action	Payload
Create an asset	Asset	Asset ID	N/A	Create	Subaction: None Properties: Asset object
Update an asset	Asset	Asset ID	N/A	Update	Subaction: None Properties: Asset object
Delete an asset	Asset	Asset ID	N/A	Delete	Subaction: None Properties: None
Share an asset	Asset	Asset ID	N/A	Granted or revoked permissions	Subaction: None Properties: Asset object Source Target Role
Publish an asset to public portal	Asset Version Group	Asset ID and version group	N/A	Publish to public portal	Subaction: None Properties: Asset ID, name and type
Remove an asset from public portal	Asset Version Group	Asset ID and version group	N/A	Remove from public portal	Subaction: None Properties: Asset ID, name and type
Update an asset icon	Asset icon	Asset ID	Asset	Update	Subaction: None Properties: Asset object
Delete an asset icon	Asset icon	Asset ID	Asset	Delete	Subaction: None Properties: Asset object
Create a managed tag (category)	Asset managed tag	Asset ID and tag ID	Asset	Create	Subaction: None Properties: None
Delete a managed tag (category)	Asset managed tag	Asset ID and tag ID	Asset	Delete	Subaction: None Properties: None
Delete an organization	Organization	Organization ID	N/A	Delete	Subaction: None Properties: None
Update tags	Asset tags	Asset ID	Asset	Update	Subaction: None Properties: Tags
Create a tag configuration	Tag configuration	Tag configuration ID	N/A	Create	Subaction: None Properties: TagConfiguration
Update a tag configuration	Tag configuration	Tag configuration ID	N/A	Update	Subaction: None Properties: TagConfiguration
Delete a tag configuration	Tag configuration	Tag configuration ID	N/A	Delete	Subaction: None Properties: None

User Action

Object Type

Object

Parent

Action

Payload

Create an asset

Asset

Asset ID

N/A

Create

Subaction: None
Properties: Asset object

Update an asset

Asset

Asset ID

N/A

Update

Subaction: None
Properties: Asset object

Delete an asset

Asset

Asset ID

N/A

Delete

Subaction: None
Properties: None

Share an asset

Asset

Asset ID

N/A

Granted or revoked permissions

Subaction: None
Properties:

Asset object
Source
Target
Role

Publish an asset to public portal

Asset Version Group

Asset ID and version group

N/A

Publish to public portal

Subaction: None
Properties: Asset ID, name and type

Remove an asset from public portal

Asset Version Group

Asset ID and version group

N/A

Remove from public portal

Subaction: None
Properties: Asset ID, name and type

Update an asset icon

Asset icon

Asset ID

Asset

Update

Subaction: None
Properties: Asset object

Delete an asset icon

Asset icon

Asset ID

Asset

Delete

Subaction: None
Properties: Asset object

Create a managed tag (category)

Asset managed tag

Asset ID and tag ID

Asset

Create

Subaction: None
Properties: None

Delete a managed tag (category)

Asset managed tag

Asset ID and tag ID

Asset

Delete

Subaction: None
Properties: None

Delete an organization

Organization

Organization ID

N/A

Delete

Subaction: None
Properties: None

Update tags

Asset tags

Asset ID

Asset

Update

Subaction: None
Properties: Tags

Create a tag configuration

Tag configuration

Tag configuration ID

N/A

Create

Subaction: None
Properties: TagConfiguration

Update a tag configuration

Tag configuration

Tag configuration ID

N/A

Update

Subaction: None
Properties: TagConfiguration

Delete a tag configuration

Tag configuration

Tag configuration ID

N/A

Delete

Subaction: None
Properties: None

Asset Portals

User Action	Object Type	Object	Parent	Action	Payload
Create a page	Asset portal page	Page ID	Asset portal	Create	Subaction: None Properties: Asset object Page
Update a page	Asset portal page	Page ID	Asset portal	Update	Subaction: None Properties: Asset object Page
Delete a page	Asset portal page	Page ID	Asset portal	Delete	Subaction: None Properties: None
Create a portal	Asset portal	Portal ID	Asset	Create	Subaction: None Properties: Asset portal
Publish a portal	Asset portal	Portal ID	Asset	Publish	Subaction: None Properties: Asset portal

User Action

Object Type

Object

Parent

Action

Payload

Create a page

Asset portal page

Page ID

Asset portal

Create

Subaction: None
Properties:

Asset object
Page

Update a page

Asset portal page

Page ID

Asset portal

Update

Subaction: None
Properties:

Asset object
Page

Delete a page

Asset portal page

Page ID

Asset portal

Delete

Subaction: None
Properties: None

Create a portal

Asset portal

Portal ID

Asset

Create

Subaction: None
Properties: Asset portal

Publish a portal

Asset portal

Portal ID

Asset

Publish

Subaction: None
Properties: Asset portal

API Metadata

User Action	Object Type	Object	Parent	Action	Payload
Create an API instance	API instance	API instance ID	N/A	Create	Subaction: None Properties: Name isPublic
Delete an API instance	API instance	API instance ID	N/A	Delete	Subaction: None Properties: Name isPublic
Update an API instance	API instance	API instance ID	N/A	Update	Subaction: None Properties: Name isPublic

User Action

Object Type

Object

Parent

Action

Payload

Create an API instance

API instance

API instance ID

N/A

Create

Subaction: None
Properties:

Name
isPublic

Delete an API instance

API instance

API instance ID

N/A

Delete

Subaction: None
Properties:

Name
isPublic

Update an API instance

API instance

API instance ID

N/A

Update

Subaction: None
Properties:

Name
isPublic

File Upload

User Action	Object Type	Object	Parent	Action	Payload
Upload file	Exchange file	File ID	N/A	Create	Subaction: None Properties: File key
Delete file	Exchange file	File ID	N/A	Delete	Subaction: None Properties: File key
Update file	Exchange file	File ID	N/A	Update	Subaction: None Properties: File key

User Action

Object Type

Object

Parent

Action

Payload

Upload file

Exchange file

File ID

N/A

Create

Subaction: None
Properties: File key

Delete file

Exchange file

File ID

N/A

Delete

Subaction: None
Properties: File key

Update file

Exchange file

File ID

N/A

Update

Subaction: None
Properties: File key

Public Portals

User Action	Object Type	Object	Parent	Action	Payload
Update a domain	Public portal domain	Organization ID and domain	Public portal	Update	Subaction: None Properties: Portal ID Domain
Delete a domain	Public portal domain	Organization ID and domain	Public portal	Delete	Subaction: None Properties: Portal ID Domain
Create a page	Public portal page	Page path	Public portal	Create	Subaction: None Properties: Portal ID Page ID
Delete a page	Public portal page	Page path	Public portal	Delete	Subaction: None Properties: Portal ID Page ID
Update a page	Public portal page	Page path	Public portal	Update	Subaction: None Properties: Portal ID Page ID
Create a portal	Public portal	Organization ID	N/A	Create	Subaction: None Properties: Project ID Created by ID
Publish a portal	Public portal	Organization ID	N/A	Publish	Subaction: None Properties: Project ID Created by ID
Delete a portal	Public portal	Organization ID	N/A	Delete	Subaction: None Properties: Project ID Created by ID
Update a portal	Public portal	Organization ID	N/A	Update	Subaction: None Properties: Project ID Created by ID

User Action

Object Type

Object

Parent

Action

Payload

Update a domain

Public portal domain

Organization ID and domain

Public portal

Update

Subaction: None
Properties:

Portal ID
Domain

Delete a domain

Public portal domain

Organization ID and domain

Public portal

Delete

Subaction: None
Properties:

Portal ID
Domain

Create a page

Public portal page

Page path

Public portal

Create

Subaction: None
Properties:

Portal ID
Page ID

Delete a page

Public portal page

Page path

Public portal

Delete

Subaction: None
Properties:

Portal ID
Page ID

Update a page

Public portal page

Page path

Public portal

Update

Subaction: None
Properties:

Portal ID
Page ID

Create a portal

Public portal

Organization ID

N/A

Create

Subaction: None
Properties:

Project ID
Created by ID

Publish a portal

Public portal

Organization ID

N/A

Publish

Subaction: None
Properties:

Project ID
Created by ID

Delete a portal

Public portal

Organization ID

N/A

Delete

Subaction: None
Properties:

Project ID
Created by ID

Update a portal

Public portal

Organization ID

N/A

Update

Subaction: None

Properties:

Project ID
Created by ID

Asset Reviews

User Action	Object Type	Object	Parent	Action	Payload
Create a Comment	Asset portal review comment	Comment ID	Asset portal review	Create	Subaction: None Properties: Comment
Delete a comment	Asset portal review comment	Comment ID	Asset portal review	Delete	Subaction: None Properties: Comment
Update a comment	Asset portal review comment	Comment ID	Asset portal review	Update	Subaction: None Properties: Comment
Create a review	Asset portal review	Review ID	Asset	Create	Subaction: None Properties: Review object
Delete a review	Asset portal review	Review ID	Asset	Delete	Subaction: None Properties: Review object
Update a review	Asset portal review	Review ID	Asset	Update	Subaction: None Properties: Review object

User Action

Object Type

Object

Parent

Action

Payload

Create a Comment

Asset portal review comment

Comment ID

Asset portal review

Create

Subaction: None
Properties: Comment

Delete a comment

Asset portal review comment

Comment ID

Asset portal review

Delete

Subaction: None
Properties: Comment

Update a comment

Asset portal review comment

Comment ID

Asset portal review

Update

Subaction: None
Properties: Comment

Create a review

Asset portal review

Review ID

Asset

Create

Subaction: None
Properties: Review object

Delete a review

Asset portal review

Review ID

Asset

Delete

Subaction: None
Properties: Review object

Update a review

Asset portal review

Review ID

Asset

Update

Subaction: None
Properties: Review object

RPA

The payload is split when it contains more than 32k (32768) characters. Split audit log entries have identical correlation IDs.

Run Configurations

User Action	Object Type	Object	Parent	Action	Payload
Create run configuration	Run configuration	Run configuration ID	N/A	Create	Subaction: None Properties: Process name Process ID Process phase Run configuration name Run configuration description Run configuration type Run configuration priority Activity parameters Activity Parameter name Mapping with <global variable/credential name> User task user User task group Execution session type Execution user Execution taskbar option Schedule Name Bots Bot name Bot ID Assigned sessions
Edit run configuration	Run configuration	Run configuration ID	N/A	Edit	Subaction: None Properties: Process name Process ID Process phase Run configuration name Run configuration description Run configuration priority Activity parameters Activity Parameter name Mapping with <global variable/credential name> User task user User task group Execution session type Execution user Execution taskbar option Schedules Schedule name Bots Bot name Bot ID Assigned sessions
Delete run configuration	Run configuration	Run configuration ID	N/A	Delete	Subaction: None Properties: Process name Process ID Process phase Run configuration name
Deploy run configuration	Run configuration	Run configuration ID	N/A	Deploy	Subaction: None Properties: Process name Process ID Process phase Run configuration name Schedules Schedule name Bots Bot name Bot ID Assigned sessions
Publish run configuration	Run configuration	Run configuration ID	N/A	Publish	Subaction: None Properties: Process name Process ID Process phase Run configuration name
Revoke run configuration	Run configuration	Run configuration ID	N/A	Revoke	Subaction: None Properties: Process name Process ID Process phase Run configuration name
Pause run configuration	Run configuration	Run configuration ID	N/A	Pause	Subaction: None Properties: Process name Process ID Process phase Run configuration name
Continue run configuration	Run configuration	Run configuration ID	N/A	Continue	Subaction: None Properties: Process name Process ID Process phase Run configuration name

User Action

Object Type

Object

Parent

Action

Payload

Create run configuration

Run configuration

Run configuration ID

N/A

Create

Subaction: None
Properties:

Process name
Process ID
Process phase
Run configuration name
Run configuration description
Run configuration type
Run configuration priority
Activity parameters
- Activity Parameter name
  - Mapping with <global variable/credential name>
User task user
User task group
Execution session type
Execution user
Execution taskbar option
Schedule Name
Bots
- Bot name
- Bot ID
- Assigned sessions

Edit run configuration

Run configuration

Run configuration ID

N/A

Edit

Subaction: None
Properties:

Process name
Process ID
Process phase
Run configuration name
Run configuration description
Run configuration priority
Activity parameters
- Activity Parameter name
  - Mapping with <global variable/credential name>
User task user
User task group
Execution session type
Execution user
Execution taskbar option
Schedules
- Schedule name
Bots
- Bot name
- Bot ID
- Assigned sessions

Delete run configuration

Run configuration

Run configuration ID

N/A

Delete

Subaction: None
Properties:

Process name
Process ID
Process phase
Run configuration name

Deploy run configuration

Run configuration

Run configuration ID

N/A

Deploy

Subaction: None
Properties:

Process name
Process ID
Process phase
Run configuration name
Schedules
- Schedule name
Bots
- Bot name
- Bot ID
- Assigned sessions

Publish run configuration

Run configuration

Run configuration ID

N/A

Publish

Subaction: None
Properties:

Process name
Process ID
Process phase
Run configuration name

Revoke run configuration

Run configuration

Run configuration ID

N/A

Revoke

Subaction: None
Properties:

Process name
Process ID
Process phase
Run configuration name

Pause run configuration

Run configuration

Run configuration ID

N/A

Pause

Subaction: None
Properties:

Process name
Process ID
Process phase
Run configuration name

Continue run configuration

Run configuration

Run configuration ID

N/A

Continue

Subaction: None
Properties:

Process name
Process ID
Process phase
Run configuration name

Processes

User Action	Object Type	Object	Parent	Action	Payload
Create process	Process	Process ID	N/A	Create	Subaction: none Properties: Process name Process phase Applications required Application name Process team Member name Assigned phases Advanced permissions option
Edit process	Process	Process ID	N/A	Edit	Subaction: none Properties: Process name Process phase Applications required Application name Process team Member name Assigned phases Advanced permissions option
Delete process	Process	Process ID	N/A	Delete	Subaction: none Properties: Process name Process phase

User Action

Object Type

Object

Parent

Action

Payload

Create process

Process

Process ID

N/A

Create

Subaction: none

Properties:

Process name
Process phase
Applications required
- Application name
Process team
- Member name
- Assigned phases
Advanced permissions option

Edit process

Process

Process ID

N/A

Edit

Subaction: none

Properties:

Process name
Process phase
Applications required
- Application name
Process team
- Member name
- Assigned phases
Advanced permissions option

Delete process

Process

Process ID

N/A

Delete

Subaction: none

Properties:

Process name
Process phase

Bots

User Action	Object Type	Object	Parent	Action	Payload
Register bot	Bot	Bot ID	N/A	Register	Subaction: none Properties: Bot name API key name Bot version IP address Hostname Time zone
Register bot	Bot	Bot ID	N/A	Register	Subaction: none Properties: Bot name API key name Bot version IP address Hostname Time zone Bot status Assigned Applications Application name Assigned service times Service time name Phase affiliation Description Assigned Secure Sessions
Delete bot	Bot	Bot ID	N/A	Delete	Subaction: none Properties: Bot name

User Action

Object Type

Object

Parent

Action

Payload

Register bot

Bot

Bot ID

N/A

Register

Subaction: none

Properties:

Bot name
API key name
Bot version
IP address
Hostname
Time zone

Register bot

Bot

Bot ID

N/A

Register

Subaction: none

Properties:

Bot name
API key name
Bot version
IP address
Hostname
Time zone
Bot status
Assigned Applications
- Application name
Assigned service times
- Service time name
Phase affiliation
Description
Assigned Secure Sessions

Delete bot

Bot

Bot ID

N/A

Delete

Subaction: none

Properties:

Bot name

Credential Pool

User Action	Object Type	Object	Parent	Action	Payload
Create credential	Credential	Credential ID	N/A	Create	Subaction: none Properties: Credential name Credential description User affiliation User group affiliation Phase affiliation Type
Edit credential	Credential	Credential ID	N/A	Edit	Subaction: none Properties: Credential name Credential description User affiliation User group affiliation Phase affiliation
Delete credential	Credential	Credential ID	N/A	Delete	Subaction: none Properties: Credential name

User Action

Object Type

Object

Parent

Action

Payload

Create credential

Credential

Credential ID

N/A

Create

Subaction: none

Properties:

Credential name
Credential description
User affiliation
User group affiliation
Phase affiliation
Type

Edit credential

Credential

Credential ID

N/A

Edit

Subaction: none

Properties:

Credential name
Credential description
User affiliation
User group affiliation
Phase affiliation

Delete credential

Credential

Credential ID

N/A

Delete

Subaction: none

Properties:

Credential name

Global Variables

User Action	Object Type	Object	Parent	Action	Payload
Create global variable	Global variable	Global variable ID	N/A	Create	Subaction: none Properties: Global variable name Global variable description Phase affiliation Type
Edit global variable	Global variable	Global variable ID	N/A	Edit	Subaction: none Properties: Global variable name Global variable description Phase affiliation
Delete global variable	Global variable	Global variable ID	N/A	Delete	Subaction: none Properties: Global variable name

User Action

Object Type

Object

Parent

Action

Payload

Create global variable

Global variable

Global variable ID

N/A

Create

Subaction: none

Properties:

Global variable name
Global variable description
Phase affiliation
Type

Edit global variable

Global variable

Global variable ID

N/A

Edit

Subaction: none

Properties:

Global variable name
Global variable description
Phase affiliation

Delete global variable

Global variable

Global variable ID

N/A

Delete

Subaction: none

Properties:

Global variable name

Applications

User Action	Object Type	Object	Parent	Action	Payload
Create Application	Application	Application ID	N/A	Create	Subaction: none Properties: Application name Application time zone Downtimes Downtime name
Edit Application	Application	Application ID	N/A	Edit	Subaction: none Properties: Application name Application time zone Downtimes Downtime name
Delete Application	Application	Application ID	N/A	Delete	Subaction: none Properties: Application name

User Action

Object Type

Object

Parent

Action

Payload

Create Application

Application

Application ID

N/A

Create

Subaction: none

Properties:

Application name
Application time zone
Downtimes
- Downtime name

Edit Application

Application

Application ID

N/A

Edit

Subaction: none

Properties:

Application name
Application time zone
Downtimes
- Downtime name

Delete Application

Application

Application ID

N/A

Delete

Subaction: none

Properties:

Application name

Service Times

User Action	Object Type	Object	Parent	Action	Payload
Create service time	Service time	Service time ID	N/A	Create	Subaction: none Properties: Service time name Timezone Service time start Service time end
Edit service time	Service time	Service time ID	N/A	Edit	Subaction: none Properties: Service time name Timezone Service time start Service time end
Delete service time	Service time	Service time ID	N/A	Delete	Subaction: none Properties: Service time name

User Action

Object Type

Object

Parent

Action

Payload

Create service time

Service time

Service time ID

N/A

Create

Subaction: none

Properties:

Service time name
Timezone
Service time start
Service time end

Edit service time

Service time

Service time ID

N/A

Edit

Subaction: none

Properties:

Service time name
Timezone
Service time start
Service time end

Delete service time

Service time

Service time ID

N/A

Delete

Subaction: none

Properties:

Service time name

Runtime Manager

User Action	Object Type	Object	Parent	Action	Payload
Create application	Application	AppID	N/A	Create	Subaction: None Properties: Application metadata
Start application	Application	AppID	N/A	Start	Subaction: None Properties: Application metadata
Restart application	Application	AppID	N/A	Restart	Subaction: None Properties: Application metadata
Stop application	Application	AppID	N/A	Stop	Subaction: None Properties: Application metadata
Delete application	Application	AppID	N/A	Delete	Subaction: None Properties: Application metadata
Change application zip file	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Promote application from sandbox	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Change application runtime	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Change application worker size	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Change application worker number	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Enable/disable persistent queues	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Enable/disable persistent queue encryption	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Modify application properties	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Enable/disable insight	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Modify log levels	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Create/modify/delete alerts	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Enable/disable alerts	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Create/modify/delete application data	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Create/modify schedules	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Create/modify/delete tenants	Application	AppID	N/A		Subaction: None Properties: Application metadata
Enable/disable schedules	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Clear queues	Application	AppID	N/A	Clear	Subaction: None Properties: Application metadata
Enable/Disable static IP	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
Allocate/release static IP	Application	AppID	N/A	Modify	Subaction: None Properties: Application metadata
LoadBalancer Create/modify/delete	LoadBalancer	LoadBalancerID	N/A	Create/modify/delete	Subaction: None Properties: LoadBalancer metadata
Create/modify/delete alerts V2	Alert	AlertID	N/A	Create/modify/delete	Subaction: None Properties: Alert
Create/modify/delete VPC	VPC	vpcID	N/A	Create/modify/delete	Subaction: None Properties: VPC metadata
Create/modify/delete VPN	VPN	vpnId	N/A	Create/modify/delete	Subaction: None Properties: VPN metadata

User Action

Object Type

Object

Parent

Action

Payload

Create application

Application

AppID

N/A

Create

Subaction: None
Properties: Application metadata

Start application

Application

AppID

N/A

Start

Subaction: None
Properties: Application metadata

Restart application

Application

AppID

N/A

Restart

Subaction: None
Properties: Application metadata

Stop application

Application

AppID

N/A

Stop

Subaction: None
Properties: Application metadata

Delete application

Application

AppID

N/A

Delete

Subaction: None
Properties: Application metadata

Change application zip file

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Promote application from sandbox

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Change application runtime

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Change application worker size

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Change application worker number

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Enable/disable persistent queues

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Enable/disable persistent queue encryption

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Modify application properties

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Enable/disable insight

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Modify log levels

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Create/modify/delete alerts

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Enable/disable alerts

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Create/modify/delete application data

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Create/modify schedules

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Create/modify/delete tenants

Application

AppID

N/A

Subaction: None
Properties: Application metadata

Enable/disable schedules

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Clear queues

Application

AppID

N/A

Clear

Subaction: None
Properties: Application metadata

Enable/Disable static IP

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

Allocate/release static IP

Application

AppID

N/A

Modify

Subaction: None
Properties: Application metadata

LoadBalancer Create/modify/delete

LoadBalancer

LoadBalancerID

N/A

Create/modify/delete

Subaction: None
Properties: LoadBalancer metadata

Create/modify/delete alerts V2

Alert

AlertID

N/A

Create/modify/delete

Subaction: None
Properties: Alert

Create/modify/delete VPC

VPC

vpcID

N/A

Create/modify/delete

Subaction: None
Properties: VPC metadata

Create/modify/delete VPN

VPN

vpnId

N/A

Create/modify/delete

Subaction: None
Properties: VPN metadata

Servers

User Action	Object Type	Object	Parent	Action	Payload
Add server	Server	ServerID	N/A	Create	Subaction: None Properties: Server metadata
Delete server	Server	ServerID	N/A	Delete	Subaction: None Properties: Server metadata
Rename server	Server	ServerID	N/A	Modify	Subaction: Rename Properties: Server metadata
Create server group	Server group	ServerGroupID	N/A	Create	Subaction: None Properties: Server group metadata
Delete server group	Server group	ServerGroupID	N/A	Delete	Subaction: None Properties: Server group metadata
Rename server group	Server group	ServerGroupID	N/A	Modify	Subaction: Rename Properties: Server group metadata
Add server to server group	Server group	ServerGroupID	N/A	Modify	Subaction: Add server Properties: Server group metadata
Remove server from server group	Server group	ServerGroupID	N/A	Modify	Subaction: Remove server Properties: Server group metadata
Create cluster	Cluster	ClusterID	N/A	Create	Subaction: None Properties: Cluster metadata
Delete Cluster	Cluster	ClusterID	N/A	Delete	Subaction: None Properties: Cluster metadata
Rename cluster	Cluster	ClusterID	N/A	Modify	Subaction: Rename Properties: Cluster metadata
Add server to cluster	Cluster	ClusterID	N/A	Modify	Subaction: Add server Properties: Cluster metadata
Remove server from cluster	Cluster	ClusterID	N/A	Modify	Subaction: Remove server Properties: Cluster metadata
Deploy application	Application	ApplicationID	N/A	Deploy	Subaction: None Properties: Application metadata
Delete application	Application	ApplicationID	N/A	Delete	Subaction: None Properties: Application metadata
Start application	Application	ApplicationID	N/A	Start	Subaction: None Properties: Application metadata
Stop application	Application	ApplicationID	N/A	Stop	Subaction: None Properties: Application metadata
Redeploy application with existing file	Application	ApplicationID	N/A	Redeploy	Subaction: None Properties: Application metadata
Redeploy application with new file	Application	ApplicationID	N/A	Redeploy	Subaction: Update binary Properties: Application metadata

User Action

Object Type

Object

Parent

Action

Payload

Add server

Server

ServerID

N/A

Create

Subaction: None
Properties: Server metadata

Delete server

Server

ServerID

N/A

Delete

Subaction: None
Properties: Server metadata

Rename server

Server

ServerID

N/A

Modify

Subaction: Rename
Properties: Server metadata

Create server group

Server group

ServerGroupID

N/A

Create

Subaction: None
Properties: Server group metadata

Delete server group

Server group

ServerGroupID

N/A

Delete

Subaction: None
Properties: Server group metadata

Rename server group

Server group

ServerGroupID

N/A

Modify

Subaction: Rename
Properties: Server group metadata

Add server to server group

Server group

ServerGroupID

N/A

Modify

Subaction: Add server
Properties: Server group metadata

Remove server from server group

Server group

ServerGroupID

N/A

Modify

Subaction: Remove server
Properties: Server group metadata

Create cluster

Cluster

ClusterID

N/A

Create

Subaction: None
Properties: Cluster metadata

Delete Cluster

Cluster

ClusterID

N/A

Delete

Subaction: None
Properties: Cluster metadata

Rename cluster

Cluster

ClusterID

N/A

Modify

Subaction: Rename
Properties: Cluster metadata

Add server to cluster

Cluster

ClusterID

N/A

Modify

Subaction: Add server
Properties: Cluster metadata

Remove server from cluster

Cluster

ClusterID

N/A

Modify

Subaction: Remove server
Properties: Cluster metadata

Deploy application

Application

ApplicationID

N/A

Deploy

Subaction: None
Properties: Application metadata

Delete application

Application

ApplicationID

N/A

Delete

Subaction: None
Properties: Application metadata

Start application

Application

ApplicationID

N/A

Start

Subaction: None
Properties: Application metadata

Stop application

Application

ApplicationID

N/A

Stop

Subaction: None
Properties: Application metadata

Redeploy application with existing file

Application

ApplicationID

N/A

Redeploy

Subaction: None
Properties: Application metadata

Redeploy application with new file

Application

ApplicationID

N/A

Redeploy

Subaction: Update binary
Properties: Application metadata

Private Spaces in CloudHub 2.0

User Action	Object Type	Object	Parent	Action	Payload
Create/Modify/Delete private space	Private Space	PrivateSpaceID	N/A	Create/Modify/Delete	Subaction: None Properties: Private space metadata
Create/Modify/Delete connection	Private Space	PrivateSpaceID	N/A	Create/Modify/Delete	Subaction: None Properties: Connection metadata
Create/Modify/Delete VPN	Private Space	PrivateSpaceID	N/A	Create/Modify/Delete	Subaction: None Properties: None
Create/Modify/Delete transit gateway	Private Space	PrivateSpaceID	N/A	Create/Modify/Delete	Subaction: None Properties: Transit gateway metadata
Create/Modify/Delete TLSContext	Private Space	PrivateSpaceID	N/A	Create/Modify/Delete	Subaction: None Properties: None
Create/Modify/Delete routes	Private Space	PrivateSpaceID	N/A	Create/Modify/Delete	Subaction: None Properties: Target Route object

User Action

Object Type

Object

Parent

Action

Payload

Create/Modify/Delete private space

Private Space

PrivateSpaceID

N/A

Create/Modify/Delete

Subaction: None
Properties: Private space metadata

Create/Modify/Delete connection

Private Space

PrivateSpaceID

N/A

Create/Modify/Delete

Subaction: None
Properties: Connection metadata

Create/Modify/Delete VPN

Private Space

PrivateSpaceID

N/A

Create/Modify/Delete

Subaction: None
Properties: None

Create/Modify/Delete transit gateway

Private Space

PrivateSpaceID

N/A

Create/Modify/Delete

Subaction: None
Properties: Transit gateway metadata

Create/Modify/Delete TLSContext

Private Space

PrivateSpaceID

N/A

Create/Modify/Delete

Subaction: None
Properties: None

Create/Modify/Delete routes

Private Space

PrivateSpaceID

N/A

Create/Modify/Delete

Subaction: None
Properties:

Target
Route object

Anypoint MQ

User Action	Object Type	Object	Parent	Action	Payload
Create/modify/delete/purge queue	Queue	queueID	N/A	Create/modify/delete	Subaction: None Properties: Queue metadata
Create/modify/delete exchange	Exchange	exchangeID	N/A	Create/modify/delete	Subaction: None Properties: Exchange metadata
Create/delete exchange binding	Binding	bindingID	N/A	Create/delete	Subaction: None Properties: Exchange metadata
Create/delete/regenerate client	Client	clientID	N/A	Create/delete/regenerate	Subaction: None Properties: Client metadata

User Action

Object Type

Object

Parent

Action

Payload

Create/modify/delete/purge queue

Queue

queueID

N/A

Create/modify/delete

Subaction: None
Properties: Queue metadata

Create/modify/delete exchange

Exchange

exchangeID

N/A

Create/modify/delete

Subaction: None
Properties: Exchange metadata

Create/delete exchange binding

Binding

bindingID

N/A

Create/delete

Subaction: None
Properties: Exchange metadata

Create/delete/regenerate client

Client

clientID

N/A

Create/delete/regenerate

Subaction: None
Properties: Client metadata

Object Store v2

User Action	Object Type	Object	Parent	Action	Payload
Create/modify/delete store	Store	storeID	N/A	Create/modify/delete	Subaction: None Properties: Store metadata

User Action

Object Type

Object

Parent

Action

Payload

Create/modify/delete store

Store

storeID

N/A

Create/modify/delete

Subaction: None
Properties: Store metadata

Secrets Manager

User Action	Object Type	Object	Parent	Action	Payload
Create a secret group	secretGroup	secretGroup name	N/A	Create	Subaction: None Properties: secretGroup path secrets manager transaction ID
Delete a secret group	secretGroup	secretGroup name	N/A	Delete	Subaction: None Properties: secretGroup path secrets manager transaction ID
Create a secret	a secret type such as sharedSecret	secret name	N/A	Create	Subaction: None Properties: secret path secrets manager transaction ID
Update a secret	a secret type such as sharedSecret	secret name	N/A	Update	Subaction: None Properties: secret path secrets manager transaction ID
Patch a secret	a secret type such as sharedSecret	secret name	N/A	Update	Subaction: None Properties: secret path secrets manager transaction ID

User Action

Object Type

Object

Parent

Action

Payload

Create a secret group

secretGroup

secretGroup name

N/A

Create

Subaction: None
Properties:

secretGroup path
secrets manager transaction ID

Delete a secret group

secretGroup

secretGroup name

N/A

Delete

Subaction: None
Properties:

secretGroup path
secrets manager transaction ID

Create a secret

a secret type such as sharedSecret

secret name

N/A

Create

Subaction: None
Properties:

secret path
secrets manager transaction ID

Update a secret

a secret type such as sharedSecret

secret name

N/A

Update

Subaction: None
Properties:

secret path
secrets manager transaction ID

Patch a secret

a secret type such as sharedSecret

secret name

N/A

Update

Subaction: None
Properties:

secret path
secrets manager transaction ID

Audit Log REST API Access

You can access the Audit Log REST API from the Audit Logging Query API and its RAML.

Use a Query Loop to make Requests in Audit Logs

The latest version of the query API uses cursor pagination for efficiency, but you can continue to use the previous version of the query API, which uses offset pagination and returns the total number of records.

The latest version of the API uses pagination with cursors, so you can initiate query loops using cursors. Setting the cursorPagination query parameter to true enables you to use cursor paging. When you use cursor pagination, each response returns a cursor. The cursor corresponds to the last data entry in the response data set. The subsequent request in the query loop should use the cursor value that was returned in the previous response, and so on. When the data set is empty in response, you have reached the end of the query loop, and there is no more data to query for that time window. At that point, stop the query loop. When the data set is empty in the response, no cursor is returned. When you use cursor pagination, total is not returned by default, because the query loop is not dependent on the offset or the number of total rows. If you want to see the total when you use cursor paging, set the doIncludeTotal query parameter to true.

When the cursorPagination query parameter is true and you use offset and cursor in the query body, cursor is prioritized, and offset is ignored.

There is no mapping between offset and cursor values; And so when you run a query loop over a time window, you cannot switch to the new param somewhere in the middle by using the cursorPagination and continue the loop. This is because when using cursorPagination, offset is ignored and so the loop will be start from the beginning.

The cursor-based pagination API is not applicable to the CSV query. The query continues to use offset-based pagination.

The following example shows a series of calls in a query loop for cursor based query.

The first call does not have a cursor in the body and does not request the total. The response returns the following data:
```
POST https://base/audit/v2/organizations/<orgId>/query?cursorPagination=true
```
Body:
```
{
	"startDate":"2022-09-01T22:14:47.099Z",
	"endDate":"2022-11-30T23:14:47.099Z",
}
```
Response:
```
{
   "data": [log entries],
   "cursor": '123_abcd'
}
```
You can use the cursor from the first call’s response in the next call to get the next set of rows.

The second call has a specific cursor in the request:

POST https://base/audit/v2/organizations/<orgId>/query?cursorPagination=true

Body:

{
	"startDate":"2022-09-01T22:14:47.099Z",
	"endDate":"2022-11-30T23:14:47.099Z",
	"cursor": '123_abcd'
}

Response:

{
	"data": [logs],
	"cursor": '123_xyz'
}

The third call is the final call in a loop. Because there are no more logs to be returned, the response does not have a cursor and contains no data.

POST https://base/audit/v2/organizations/<orgId>/query?cursorPagination=true

Body:

{
	"startDate":"2022-09-01T22:14:47.099Z",
	"endDate":"2022-11-30T23:14:47.099Z",
	"cursor": '123_xyz'
}

Response:

{
	"data": []
}

The following example shows how to use a cursor and request the total:

POST https://base/audit/v2/organizations/<orgId>/query?cursorPagination=true&doIncludeTotal=true

Body:

{
	"startDate":"2022-09-01T22:14:47.099Z",
	"endDate":"2022-11-30T23:14:47.099Z",
	"cursor": '123_abcds'
}

Response:

{
	"data": [logs],
	"cursor": '123_asdfg'
	"total": 50000
}

Access the API using CURL Commands

The following are example curl commands for accessing the API (Windows users need to download curl before using these commands).

Get authorization information:

curl 'https://anypoint.mulesoft.com/audit/v2/organizations/<organization_id>/platforms?include_internal=false' -H 'Authorization: bearer <bearer_value>'

Get actions by date range:

curl 'https://anypoint.mulesoft.com/audit/v2/organizations/<organization_id>/query?include_internal=false' -H 'Authorization: bearer <bearer_value>' -H 'Content-Type: application/json;charset=UTF-8' -H 'Accept: application/json, text/plain, */*' --data-binary '{"startDate":"2017-03-08T20:16:41.250Z","endDate":"2017-03-08T21:16:41.250Z","platforms":[],"objectTypes":[],"actions":[],"objectIds":[],"userIds":[],"ascending":false,"organizationId":"<organization_id>","offset":0,"limit":25}' --compressed ;

Rate Limit Policy for Audit Log Query Endpoint

The Audit Log Query endpoint applies rate limits per IP in the three control planes: US, EU, and gov. The following table outlines the rate limits for each control plane:

Control Plane	Allowed requests per minute per IP
US	700
EU	40
Gov	40

If a client exceeds the rate limit for a given control plane, the Audit Log Query endpoint returns a 503 Service Unavailable status code until the minute expires. During this time, the service is unavailable to the client.

We recommend that users of the Audit Log Query Endpoint monitor their request rates and adjust their usage accordingly to avoid exceeding the rate limit. Note that exceeding the rate limit may result in the endpoint being temporarily unavailable.

Access Audit Logging

Export Audit Logs

Audit Log Contents

APIs

API Versions

Application

API Governance

API Designer APIs

Mocking Service

Portals

Access Management

Users

Roles

Permissions

Identity Management

Organization and Business Groups

Environments

Connected Apps

Teams

User IdP Profiles

Anypoint DataGraph

Exchange

Assets

Asset Portals

API Metadata

File Upload

Public Portals

Asset Reviews

RPA

Run Configurations

Processes

Bots

Credential Pool

Global Variables

Applications

Service Times

Runtime Manager

Servers

Private Spaces in CloudHub 2.0

Anypoint MQ

Object Store v2

Secrets Manager

Audit Log REST API Access

Use a Query Loop to make Requests in Audit Logs

Access the API using CURL Commands

Rate Limit Policy for Audit Log Query Endpoint

See Also