Find the updated document here in the Audit logs and Signature logs
The ‘/audit-log’ and ‘/signatures’ endpoints of the DigiCert® Software Trust Manager REST API both make provision for filtering the returned data (in CSV format) in the endpoint URL targeted by the GET request. This is achieved by adding a query tag with a key and value, for each of the values to be filtered, to the endpoint URL.
Note: For production, DigiCert ONE accounts, all endpoints that support GET requests begin with https://one.digicert.com/.
For demo DigiCert ONE accounts, all endpoints which support GET requests begin with https://demo.one.digicert.com/.
Filtering Audit Logs
The ‘audit-log’ endpoint https://one.digicert.com/signingmanager/api/v1/audit-log/export supports the following filter tags:
- ‘id’ – Event ID
- ‘resource_type’ – type of resource, such as keypair, client_auth_cert, etc.
- ‘resource_id’ – Unique identifier of the resource, such as a keypair or certificate ID
- ‘status’ – event status, i.e. success or failure
- ‘client_ip’ – the IP address of the client device, e.g. the machine used by an administrator to access DigiCert ONE
- ‘user_id’ – the unique identifier of the user that performed the action in question
An example of a request URL (for a production account) with all filters applied:
https://one.digicert.com/signingmanager/api/v1/audit-log/export?account_id=xxxxxx-xxxx-xxxx-xxxxxxx&limit=100&offset=0&id=xxxxxxxx-xxxxx-xxxxxxxx&resource_id=xxxxxxxx-xxxx-xxxxxxxxx&resource_type=KEYPAIR&status=SUCCESS&client_ip=192.168.101.1&user_id=xxxxxxx-xxxx-xxxx-xxxxxxxxx
Filtering Signature Logs
The ‘signatures’ endpoint supports the following filter tags:
- ‘id’ – The event ID
- ‘signing_status’ – The status of the signing event, i.e. success or failure
- ‘keypair_id’ – The ID of the keypair used
- ‘keypair_alias’ – The keypair alias
- ‘sig_alg’ – The signature algorithm of the keypair, e.g. SHA256WithRSA, SHA1WithRSA, etc.
- ‘client_ip’ – The IP address of the client device that performed the signing
- ‘created_by’ – The ID of the user that performed the signing
An example of a request URL (for a production account) with all filters applied:
https://one.digicert.com/signingmanager/api/v1/signatures/export?limit=100&offset=0&signing_status=FAILED&id=xxxxxxxx-xxxx-xxxx-xxxxxxxxxx&keypair_id=xxxxxxxx-xxxx-xxxx-xxxxxxxxxx&keypair_alias=key1&sig_alg=SHA1WithRSA&client_ip=192.168.101.1&created_by=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx
For additional assistance, contact DigiCert Support.