In both cases, the self link in source is not correct, but it is kept there to not break the clients that expect to get a ManagedObject in source. Also, in case of “Operation” type, it can contain an operation id. Info: source can contain a ManagedObject with id and self properties. The severity of action: critical, major, minor, warning or information.Īn optional collection of objects describing the changes that were carried out.Īdditional properties of the audit record. The application used to carry out the audited action. The user responsible for the audited action. Identifies the type of this audit record.Īn optional ManagedObject that the audit record originated from, as object containing properties “id” and “self”. Time when audit record was created in the database. An example request would be: “«url»/audit/auditRecords?dateFrom=&dateTo=T08:26:42%2B02:00&revert=false”.Īudit record AuditRecord Name It is possible to change the order by adding query parameter “revert=false” to the request URL. In case of executing range queries on audit logs API, like query by dateFrom and dateTo, audits are returned by default in order from the newest to the oldest. GET audit recordsĮxample request: Retrieve audit records GET /audit/auditRecordsĪccept: application/.auditrecordcollection+json Ĭontent-Type: application/.auditrecordcollection+json ver=. The “id” and “creationTime” of the new audit record are generated by the server and returned in the response to the POST operation. "text" : "Login failed after 3 attempts.", "type" : "com_cumulocity_audit_LoginFailure", Audit logs are created if a ESET PROTECT Web Console object (for example. POST - create a new audit recordĮxample request: POST /audit/auditRecordsĬontent-Type: application/.auditrecord+json ver=. When a user performs an action in the ESET PROTECT Web Console, the action is logged. The “source” object of an audit record contains the properties “id” and “self”. Read-only collection of all audit records of a particular type (placeholder "Īudit record collection AuditRecordCollection NameĪ URI linking to a potential previous page of audit records.Ī URI linking to a potential next page of audit records. SSO and OAuth Internal logout and login attemptsĪudit API AuditRecords Name.User and group permissions modifications.Complex Event Processing (CEP) module modifications.Two-factor authentication login attempts.Note that for all PUT/POST requests accept header should be provided, otherwise an empty response body will be returned. The audit record resource represents audit records that are individually queried.The audit record collection resource retrieves audit records and enables creating new audit records.The audit API resource returns URIs and URI templates to collections of audit records, so that they can be queried by criteria such as “all records from a particular user”, or “all records from a particular application”.The Ethical Trading Initiative (ETI) has some useful resources on ethical and social auditing.The auditing interface consists of three parts: Some auditing companies may also provide this service for you. You can check the law for your region on the NATLEX Database – a database of national labour, social security and related human rights legislation maintained by the ILO’s International Labour Standards Department. However, it is important to check your customer’s requirements before committing to a particular audit type. This is the most commonly used audit for most Sedex members and is widely accepted as more impartial.Īll of the above audits can be useful. Third-party audit: Audits of organisations undertaken by an independent certification body or registrar or similar third-party organisation.These can be used to identify problems which can be worked on together. Second-party audit: Audits of contractors/suppliers undertaken by or on behalf of a purchasing organisation.This will often highlight areas for improvement which can be corrected before a visit from an external auditor. First-party audit: An audit performed within an organisation by the organisation’s own auditing resource (internal audit).The Sedex Platform will accept any type of first-party, second-party and third-party ethical audit:
0 kommentar(er)
