auditlog export
The auditlog export command adds a JSON activity log to all audit log
files. Times are in yyyyMMddHHmmss format. If no specific timeframe
is specified, the default is the current day's start date and the time you issued the
auditlog export command.
Usage
auditlog export --n name --v value --s startTime --e endTime --f filterBy --fw filterByWild --fa filterByAdditional| Required | Argument | Description |
|---|---|---|
| No | --n name | Specifies the name of the field to use on the activity log. For example: "username." |
| No | --v value | Specifies the value that goes with the name definition. For
example: "admin." |
| No | --s startTime | Specifies start time and start date for audit logging. The date format is:
yyyyMMddHHmmss. |
| No | --e endTime | Specifies stop time and end date for audit logging. The date format is:
yyyyMMddHHmmss. |
| No | --f filterBy | Specifies an entity to use for filtering information in the activity log. For
example: username:system. |
| No | --fw filterByWild | Allows you to use the asterisk (*) character to filter the information returned. For example, to search for an object ID containing the string "info," specify objectID:*info. |
| No | --fa filterByAdditional | Specifies an additional value to use in filtering the information returned. For example, you could use a specific date to restrict the returned information to a calendar day. |
Example
This example asks to return results for a 24-hour timebox, for admin-level users.
auditlog export --s 20191231000000 --e 20200101000000 --f userlevel:admin