what is the differences between async api and real time api for audit log events?
As per our observation, there are some extra services and actions in Async API but what kind of actions and services are more in services. Need more clarity on that.
Hello,
The difference is written in the description of the POST /api/v2/audits/query/realtime endpoint.
This endpoint will only retrieve 14 days worth of audits for certain services.
Please use /query to get a full list and older audits.
Use /api/v2/audits/query/realtime/servicemapping endpoint for a list of valid values
GET /api/v2/audits/query/realtime/servicemapping will provide the service mapping information used in real time audits.
GET /api/v2/audits/query/servicemapping will provide the list of values for the audit query job (POST /api/v2/audits/query).
Regards,
1 Like
There is a difference in the number of services/ events covered by async and realtime api's as per the documentation. Can you please provide more information on how significant this difference is?
Hello,
The 2 endpoints I listed in my previous post: GET /api/v2/audits/query/realtime/servicemapping and GET /api/v2/audits/query/servicemapping provide the list of supported services for realtime and for the async job.
This is all the available info.
Regards,
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.