auditlog export

The auditlog export command adds a JSON activity log to all audit log files. Times are in yyyyMMddHHmmss format. If no specific timeframe is specified, the default is the current day's start date and the time you issued the auditlog export command.

Usage

auditlog export --n name --v value --s startTime --e endTime --f filterBy --fw filterByWild --fa filterByAdditional
RequiredArgumentDescription
No--n nameSpecifies the name of the field to use on the activity log. For example: "username."
No--v valueSpecifies the value that goes with the name definition. For example: "admin."
No--s startTimeSpecifies start time and start date for audit logging. The date format is: yyyyMMddHHmmss.
No--e endTimeSpecifies stop time and end date for audit logging. The date format is: yyyyMMddHHmmss.
No--f filterBySpecifies an entity to use for filtering information in the activity log. For example: username:system.
No--fw filterByWildAllows you to use the asterisk (*) character to filter the information returned. For example, to search for an object ID containing the string "info," specify objectID:*info.
No--fa filterByAdditionalSpecifies an additional value to use in filtering the information returned. For example, you could use a specific date to restrict the returned information to a calendar day.

Example

This example asks to return results for a 24-hour timebox, for admin-level users.

auditlog export --s 20191231000000 --e 20200101000000 --f userlevel:admin