REST API:auditLog Resource

REST API:auditLog Resource

From LongJump Support Wiki

REST API:auditLog Resource
Jump to: navigation, search

Access Audit Logs using the REST API.

Learn more: REST API Conventions and Considerations.


Dynamic Search for auditLog Records

Query Parameters
  • fieldList - A comma-separated list of field names to retrieve
  • The asterisk (*) wildcard specifies all fields
  • Use the REST API:field Resource to get a complete list of fields
  • Field lists for database views need to specify the object's alias, as well as the field name.
  • filter - Filtering criteria to filter the records
  • pageSize - Number of records to retrieve from the result set in order to make a "page".
  • page - Number of the logical page in a database result set. The first page is page "zero" (0).
Page zero is returned by default, so appending &pageSize=1 to your query returns a single record.
  • getTotalRecordCount returns the number of total records.
    Causes the following structure to be returned, where N is the total number of records:

   <!-- added by the query param -->
  • sortBy - Field name for primary sort
    Ex: &sortBy=name
  • sortOrder - Sort order of the primary field, either "asc" or "desc" (ascending or descending)
    Ex: &sortOrder="desc"
  • sortBy2 - Field name for secondary sort
  • sortOrder2 - Sort order of the second field, either "asc" or "desc" (ascending or descending)
For more information, see: Specifying Query Parameters in REST APIs
        <type>Custom Object Data</type>
         User: System has deleted record: 918646212 from the Recycle Bin
         User: System has deleted record: 918646212 from the Recycle Bin
        <created_id type="USER" ...>xyz123rty345</created_id>
See also: REST API:Error Codes

Get an auditLog Record

          <type>Record Locators</type>
          <created_id type="USER"...>xyz123rty345</created_id>

    <recordCount>N</recordCount>      <!-- Number of __ records returned -->
See also: REST API:Error Codes


Highlighted and asterisked fields* are used for network policy logs, field audit logs, etc., and can have different meaning based on the context.

Note: Unless otherwise indicated, the attribute for a field is "Editable on Add or Update".
Field Attribute Description
record_id Read Only
  • Record Id for this Audit Log entry
  • This field acts as primary key for this table
  • A new unique id is generated for every record inserted in this table
  • Record Id of the record being logged
  • This can be used to fetch more details about the record
type Read Only Description of the Log Code
  • Code indicating type of log activity, see Log Codes for more information
  • User can optionally search the type by type_code
operation Read Only Description of the Operation Code
  • Code indicating type of operation, see Operation Codes for more information
  • User can optionally search the operation by operation_code
description Read Only Description of the action
description_key Token for the description, which is used in search actions
object_key Token for the object, which is used in search actions
old_name Previous field name, for example:
name in Built-in or CRM objects
field_name in Objects
new_name New field name, for example:
name in Built-in or CRM objects
field_name in Objects
date_created Read Only Date the activity is logged
owner_id Read Only Record owner identifier
date_col1* Read Only Start date of policy
date_col2* Read Only End date policy
int_col1* Read Only Status code for policy execution
int_col3* Read Only Access violations entry in Audit Log, contains the -1 value
char_col1* Read Only Field Id
object* Read Only Generic fields used to log specific information, Object Type Identifier in most cases
  • Status for policy execution
  • Note: This is not a searchable field, use object_key instead to search by object
char_col3* Read Only User Id
char_col4* Read Only Name of the record which is being accessed or a Search String in a Search action

Audit Log for Scheduled Activities

Field Description
reference_id policy_id
description detailed description
date_col1 start date of activity
date_col2 end date of activity
char_col1 status message
objectobject_id (Object Type Identifier)
char_col3 user_id
int_col1 status code
1 - started
2 - completed
3 - completed with errors
4 - unable to schedule

Field Audit Log

Field Description
reference_id stores record_id (Record Id)
description Field status messages
type 61, see Log Codes
operation Log Type: 1, 2, 3
char_col1 field_id(s)
object object_id (Object Type Identifier)
old_name Previous field name, for example:
name in Built-in or CRM objects
field_name in Objects
new_name New field name, for example:
name in Built-in or CRM objects
field_name in Objects
ownerid Record owner identifier
Access Violation
int_col3: To identify the access violations entry in Audit Log, this field contains the -1 value
Picklist Items
char_col1:Id of the Picklist for which the Picklist Item is being maintained
Application Role Workspace Preferences
char_col1:Role Id for specific tab applicationrole tab preference which is of type 64
Tab Access
object_singular_name:Object Id (Object Type Identifier)
Record Access
reference_id:Record Id (Record Id) of the record being accessed
object:Object Id (Object Type Identifier) of the record
char_col4 - Name of the record being accessed
object_singular_name:Object Id (Object Type Identifier) of the searched object
char_col4:Search string

Governance Log

When global Service Configuration code-execution limits ("Develop Configuration") or tenant-specific limits ("Java Code Governors") are exceeded, an audit log entry is generated.

Field Description
user_name Login User Name of user who caused the limit to be exceeded
user_id User's ID
type Governance Threshold Violation
type_code 137, see Log Codes
  • Data Policy - Invoke Method
  • Controller
  • Page
  • Job Scheduler
  • REST - Class Execution
  • 1 - Data Policy - Invoke Method
  • 2 - Controller
  • 3 - Page
  • 4 - Job Scheduler
  • 5 - REST - Class Execution
description Name of the Class or Page and a Threshold Violation Message
  • Record Id for "Data Policy - Invoke Method"
  • Class name or Page name for other Threshold violations

Example - Search Contacts

Search the Contact object for search string "Test". The following entry is logged (NETWORK_LOG).

reference_id type operation description object_singular_name char_col4
-1 661Search Contacts for "Test"CONTACTTEST

Example - Search All

Search all objects for the search string "Test". The following entry is logged (NETWORK_LOG).

reference_id type operation description object_singular_name char_col4
-1 66 1 Search all objects for "Test" TEST

Log Codes

type_code type User documentation related to this platform element
7OwnershipRecord Owners
8Opportunity Contact ManageOpportunities
9Lead ManageProspects
14Billing Plan
21Link User to Team and RoleManage Users
24Team Ownership Operation Teams
26Custom Field Fields
27Marketing Campaign Campaigns
28Manage Opportunity Forecast Plan Forecast
29MergeMerge Records
30Policy Management Data Sharing Policies
31Data PolicyData Policy
32Project ManagementProjects
33Project Member Manage
34Project Milestone Manage
35Project Partner Manage
36Import DataImport Data
40Picklist Dependencies Dependent Picklist
48Custom Forms Forms
49Custom ObjectsCustom Object
50Custom Layouts Forms
51Password PolicyPassword Policies
52Custom Object Data Objects
53Manage Forecast Forecast
54Team Resource Sharing Policies
55Mass Data OperationMass Operations
58Price BookPrice Books
59Service Provider SettingsService Provider Settings
60Scheduled Policies
61Field Audit TrailField Audit Log
62Global PicklistsGlobal Picklists
63Picklist Items
64Application Role Workspace PreferencesWorkspace Display Order for objects in applications
65Application Role View PreferencesDefault View Preferences for objects in applications
Application_Information Settings for tabs
68Access ViolationAccess violations are logged when Enhanced Security Audit is enabled
72Web TabWeb Tabs
74Custom ActionActions
75Document FolderFolders
78Workflow StateStates and Actions
79Workflow ActionStates and Actions
80Print TemplatePrint Templates
83Workspace PreferenceWorkspace Preference
84External EmailExternal Email Tracking
85Workflow TemplateWorkflow Templates
86Layout SectionSection
87Related InformationRelated Information
88Related Information Button
89Quick LinkQuick Link
90Recycle BinRecycle Bin
91Request Update SettingsRequest Update Settings
92Outlook SyncOutlook Sync
93Outlook Email EditionOutlook Email Edition
98Static ResourceStatic Resources
99Debug LogDebug Log
100Global BroadcastGlobal Broadcast Message
101View ManagementViews and Reports
102Export DataExport Data
103Company MessageCompany Messages
104Company InformationCompany Information
105Web FormWeb Forms
107Audit LogAudit Log
112Report Folder
113Data ValidationData Validation
114Layout RuleLayout Rules
115Database ViewDatabase View
116Package ItemPackage Items
118Record LocatorsRecord Locators
123Folder Templates
124Scratch Pad
137Governance Threshold ViolationDevelop Configuration, Java Code Governors

Operation Codes

The following operation codes can be returned, and apply to all Log Code Types

operation_code operation
0 View
1 Add
2 Update
3 Delete
1001 View Access Violation
1002 Add Access Violation
1003 Update Access Violation
1004 Delete Access Violation
Personal tools