QueryAuditLog - Quick BI - Alibaba Cloud Documentation Center

Queries audit log information.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

quickbi-public:QueryAuditLog

get

*All Resource

*

None

Request parameters

Parameter	Type	Required	Description	Example
LogType	string	Yes	The log type. Valid values: dataView: access logs function: operation logs permission: permission logs Valid values: function : function permission : permission dataView : dataView	function
WorkspaceId	string	No	The ID of the workspace that contains the logs to query.	95296e95-ca89-4c7d-8af9-dedf0ad0****
StartDate	string	Yes	The start date for the query. Use the yyyyMMdd format. The date cannot be more than 90 days before the current date.	20240504
EndDate	string	Yes	The end date for the query. Use the yyyyMMdd format.	20240604
ResourceType	string	No	The resource type. For more information, see work types.	cube
OperatorId	string	No	The user ID of the operator.	95296e95-ca89-4c7d-8af9-dedf0ad0***
OperatorTypes	string	No	The permission, access, or operation type. If left empty, all types are queried by default. For valid values, see audit log codes. To specify multiple types, separate them with commas.	MODIFY
UserAccessDevice	string	No	The device used for access. Valid values: MOBILE: mobile device PC: PC	PC
AccessSourceFlag	string	No	The access source. Valid values: COMMON: standard access IMBEDDED: embedded report PUBLIC: public report IMBEDDED_COMPONENT: embedded card	PUBLIC

Response elements

Element	Type	Description	Example
	object
RequestId	string	The request ID.	78C1AA2D-9201-599E-A0BA-6FC462E57A95
Result	array<object>	An array of log objects.
	object	A log object.
GmtCreate	string	The time when the log was generated.	2024-04-16 13:17:39
OperatorAccountName	string	The account name of the operator.	wukaibis
OperatorName	string	The nickname of the operator.	buc_344078
OperatorType	string	The operation type.	CREATE
TargetName	string	The name of the operation target.	test
TargetType	string	The type of the operation target.	USER
WorkspaceId	string	The workspace ID.	87c6b145-090c-43e1-9426-8f93be23****
TargetId	string	The ID of the operation target.	1113***************8500
Success	boolean	Indicates whether the request was successful. Valid values: true: The request was successful. false: The request failed.	true

Examples

Success response

JSON format

{
  "RequestId": "78C1AA2D-9201-599E-A0BA-6FC462E57A95",
  "Result": [
    {
      "GmtCreate": "2024-04-16 13:17:39",
      "OperatorAccountName": "wukaibis",
      "OperatorName": "buc_344078",
      "OperatorType": "CREATE",
      "TargetName": "test",
      "TargetType": "USER",
      "WorkspaceId": "87c6b145-090c-43e1-9426-8f93be23****",
      "TargetId": "1113***************8500"
    }
  ],
  "Success": true
}

Error codes

HTTP status code	Error code	Error message	Description
400	Date.Format.Error	Date format conversion error.	Date format conversion error
400	Date.Check.Error	The end date cannot be greater than the start date.	End date cannot be greater than start date
400	Date.Exceed.Error	The start date must be within 90 days from the current date.	Start date cannot be 90 days earlier than current date
400	Log.Type.Error	The log type is incorrect.	The log type is incorrect.
400	Invalid.Workspace	The workspace is not owned by the organization.
400	Invalid.User.Admin	You are not an administrator of this organization.	Only organization administrators can perform this operation.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.