Audit service🔗
The Audit API allows you to access comprehensive audit logs from the Data Productivity Cloud platform. These logs provide detailed information about actions performed within the platform, including who performed the action, when it occurred, and other relevant details. This information is useful for maintaining security, compliance, and operational oversight.
This guide will walk you through the steps to retrieve audit logs using the Audit API.
The event types currently supported by the API are listed below. New event types are continually added as more areas of the Data Productivity Cloud are integrated with the Audit API, and this list will be updated accordingly.
Note
Audit logs contain user identifiers, such as name and email address, to attribute actions to specific users. Access to audit logs is restricted to the Super Admin role only. Logs are retained within the platform, are accessible via the Data Productivity Cloud UI and Audit API, for a rolling 90-day period. Events older than 90 days aren't available via the platform or API, even though underlying audit data may be stored for up to 12 months for operational purposes.
Prerequisites🔗
Before you begin, make sure you have the following:
- A Data Productivity Cloud account.
- Valid API credentials for Matillion API access.
- An access token with the required privileges (refer to Authentication and Get the access token).
Get the audit logs🔗
Retrieve the audit logs using the Audit API.
Base URL: GET /v1/events
Parameters🔗
| Name | Description |
|---|---|
| from | The earliest date and time of audit events to retrieve. The parameter should be in ISO 8601 format, e.g.: 2025-02-20T07:15:15.000-01:00. |
| to | The latest date and time of audit events to retrieve. The parameter should be in ISO 8601 format, e.g.: 2025-02-21T07:15:15.000-01:00. |
| page | The page number of the retrieved results. The first page is 0. |
| size | The number of records per page, from 1 to 100. |
Example response🔗
A successful response returns a 200 OK status code and a JSON body containing the audit logs, as in the following example:
{
"page": 1,
"results": [
{
"actorEmail": "user123@abc.com",
"actorId": "string",
"additionalInfo": "string",
"eventDescription": "User logged in",
"eventId": "123e4567-e89b-12d3-a456-426614174000",
"eventName": "hub_user_login",
"eventProjectId": "4cfcf46e-5bb1-4887-8772-d1c0eeb0cfef",
"eventSource": "secrets-reference",
"eventSubjectId": "C67A9A1A-5A49-4EBF-8222-0C6DCC572505",
"eventSubjectName": "my-first-secret",
"eventSubjectType": "USER",
"eventTimestamp": "2025-01-30T00:30:12Z",
"eventType": "LOGIN"
}
],
"size": 50,
"total": 472
}
Audit event types🔗
The following tables list the event types currently supported by the Audit API. Events are grouped by the product area that they relate to.
Account🔗
| Event name | Scope | Description |
|---|---|---|
| Account name changed | Account | Account name changed. |
| Account created | Account | Account created. |
| Invite created | Account | User invitation created and sent to the user. |
| Invite redeemed | Account | User redeemed invitation. |
| Account user removed | Account | User removed from the account. |
Agents🔗
| Event name | Scope | Description |
|---|---|---|
| Agent created | Account | A new agent was added. |
| Agent removed | Account | An agent was removed. |
| Agent updated | Account | An existing agent configuration was changed. |
| Allow List | Account | The allow list was changed. |
| Agent Action | Account | An agent was restarted, paused, started, or had a credentials refresh. |
Artifacts🔗
| Event name | Scope | Description |
|---|---|---|
| Artifact created | Project | New artifact successfully created. |
| Artifact disabled | Project | New artifact successfully removed. |
Credentials🔗
These events include those for secrets, cloud credentials, and OAuths.
| Event name | Scope | Description |
|---|---|---|
| Credentials created (Secrets/Cloud Credentials/OAuth) | Project | Project credentials created. |
| Credentials changed in project (Secrets/Cloud Credentials/OAuth) | Project | Credentials changed in project. |
| Credentials removed from project (Secrets/Cloud Credentials/OAuth) | Project | Credentials removed from project. |
Custom connector🔗
| Event name | Scope | Description |
|---|---|---|
| Custom Connector created | Account | New Custom connector created. |
| Custom Connector changed | Account | Custom connector changed. |
| Custom Connector deleted | Account | Custom connector removed. |
Project🔗
| Event name | Scope | Description |
|---|---|---|
| Project created | Project | New project successfully created. |
| Project removed | Project | Project removed. |
| User granted access to project | Project | A user was granted access to a project. |
| User removed from project | Project | A user was removed from a project. |
| Environment created | Environment | A new environment was successfully created in a project. |
Schedules🔗
| Event name | Scope | Description |
|---|---|---|
| Schedule created | Project | New schedule successfully created. |
| Schedule updated | Project | Schedule settings changed. |
| Schedule removed | Project | Schedule removed. |
Streaming🔗
| Event name | Scope | Description |
|---|---|---|
| Streaming pipeline created | Project | Streaming pipeline created. |
| Streaming pipeline deleted | Project | Streaming pipeline deleted. |
| Streaming pipeline started | Project | Streaming pipeline started. |
| Streaming pipeline stopped | Project | Streaming pipeline stopped. |
| Streaming pipeline changed | Project | Streaming pipeline configuration changed. |
| Streaming pipeline snapshot request created | Project | Streaming pipeline snapshot request created. |
| Streaming pipeline snapshot request deleted | Project | Streaming pipeline snapshot request deleted. |
| Streaming pipeline email alerts enabled | Project | Streaming pipeline email alerts enabled. |
| Streaming pipeline email alerts disabled | Project | Streaming pipeline email alerts disabled. |