Audit Log¶
The following methods allow for interaction into the Tenable Vulnerability Management audit log API endpoints.
Methods available on io.audit_log
:
- class AuditLogAPI(api: APISession)[source]¶
- events(*filters: Tuple[str, str, str], limit: int = 1000, filter_type: Literal['and', 'or'] = 'and', sort: str | None = None, token: str | None = '0', return_json: bool = False)[source]¶
Retrieve audit logs from Tenable Vulnerability Management.
- Parameters:
*filters (tuple, optional) –
Filters to allow the user to get to a specific subset of data within the audit log. For a more detailed listing of what filters are available, please refer to the API documentation linked above, however some examples are as such:
('date', 'gt', '2017-07-05')
('date', 'lt', '2017-07-07')
('actor_id', 'match', '6000a811-8422-4096-83d3-e4d44f7d')
('target_id', 'match', '6000a811-8422-4096-83d3-e4d447d')
limit (int, optional) – The limit of how many events to return. The API will default to 50 unless otherwise specified.
filter_type (str, optional) – if multiple filters are present, how should we combine the filters? Supported values are and or or. If left unspecified, the default is and.
sort (str, optional) – Should any soerting be performed on the resulting data? The format is FIELD_NAME:DIRECTION. For example, supplying received:desc would sort the results by the received field in descencing order.
token (str, optional) – The next token to request the next page.
return_json (bool, optional) – Should we return the JSON response instead of iterable?
- Returns:
List of event records
- Return type:
AuditLogIterator
Examples
>>> events = tio.audit_log.events(('date', 'gt', '2018-01-01')) >>> for e in events: ... pprint(e)