Introduction
The reader is assumed to have knowledge of the following:
- a general understanding of programming, and
- Web Services and how to consume them.
- Deborah Cross (Unlicensed) to resolve whether to edit and/or link content
Purpose of the API
The Audit Service API is designed to provide a method of programmatically pulling down the audit logs that are visible within the Admin web pages.
...
The account id and password are the same credentials that Edentiti has given for your account. The verification id is the same code listed under "REF NO" in the admin panel, and is related to a specific customer.
Additionally, filters can be added to the audit log request.
| Code Block |
|---|
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://services.registrations.edentiti.com/">
<soapenv:Header/>
<soapenv:Body>
<ser:retrieveAuditLogs>
<accountId>account_id</accountId>
<password>password</password>
<verificationId>pUz9rXAc</verificationId>
<filter>datasourceattempt</filter>
</ser:retrieveAuditLogs>
</soapenv:Body>
</soapenv:Envelope> |
This will limit the results returned to only verification attempts of a person. The list of filters includes:
- datasourceattempt - verification attempts by a person.
- webservice - webservice calls. This incldues things such as a user being successfully registered, or requesting session tokens.
- statechange - overall state changes of the users verification attempt.
- admin - administration logs related to a single user.
- thirdpartycheck - logging of any third party checks.
More than one filter may be applied. In the event of more than one filter, logs are returned if they match on any of the filters.
Interpreting Results
A single audit log from the Audit Service look like this:
| Code Block |
|---|
<auditlog>
<dateAudited>2014-07-11T13:40:58.335+10:00</dateAudited>
<errorEvent>false</errorEvent>
<eventDescription>A watchlist check against the U.S. Treasury - Office of Foreign Assets Control Specially Designated Nationals List source resulted in no match</eventDescription>
<eventType>system</eventType>
<eventCode>datasourceattempt</eventCode>
<eventStatus>PASSED</eventStatus>
<eventSubCode>OFAC Watchlist</eventSubCode>
<guid>2863bf62-5faf-4200-b214-a75810a71750</guid>
</auditlog> |
Interpreting audit logs
All audit logs have a date, whether or not it is an error event, a description, type, and guid. The event type is either "system", "admin", or "customer". System events are background events, admin events are those created by an administration task, and customer events are generated from customer actions.
...