Knowledge Base

Find the updated document here in the Audit logs and Signature logs

The ‘/audit-log’ and ‘/signatures’ endpoints of the DigiCert® Software Trust Manager REST API both make provision for filtering the returned data (in CSV format) in the endpoint URL targeted by the GET request. This is achieved by adding a query tag with a key and value, for each of the values to be filtered, to the endpoint URL.

Note: For production, DigiCert ONE accounts, all endpoints that support GET requests begin with https://one.digicert.com/.

For demo DigiCert ONE accounts, all endpoints which support GET requests begin with https://demo.one.digicert.com/.

Filtering Audit Logs

The ‘audit-log’ endpoint https://one.digicert.com/signingmanager/api/v1/audit-log/export supports the following filter tags:

• ‘id’ – Event ID
• ‘resource_type’ – type of resource, such as keypair, client_auth_cert, etc.
• ‘resource_id’ – Unique identifier of the resource, such as a keypair or certificate ID
• ‘status’ – event status, i.e. success or failure
• ‘client_ip’ – the IP address of the client device, e.g. the machine used by an administrator to access DigiCert ONE
• ‘user_id’ – the unique identifier of the user that performed the action in question

An example of a request URL (for a production account) with all filters applied:

https://one.digicert.com/signingmanager/api/v1/audit-log/export?account_id=xxxxxx-xxxx-xxxx-xxxxxxx&limit=100&offset=0&id=xxxxxxxx-xxxxx-xxxxxxxx&resource_id=xxxxxxxx-xxxx-xxxxxxxxx&resource_type=KEYPAIR&status=SUCCESS&client_ip=192.168.101.1&user_id=xxxxxxx-xxxx-xxxx-xxxxxxxxx

Note: Only the tags for the desired filter values need to be added to your endpoint URL, e.g. if only filtering for resource_type=keypair, and limiting the results to 50, the endpoint for the request would be https://one.digicert.com/signingmanager/api/v1/audit-log/export?account_id=xxxxxx-xxxx-xxxx-xxxxxxx&limit=50&resource_type=KEYPAIR

Filtering Signature Logs

The ‘signatures’ endpoint supports the following filter tags:

• ‘id’ – The event ID
• ‘signing_status’ – The status of the signing event, i.e. success or failure
• ‘keypair_id’ – The ID of the keypair used
• ‘keypair_alias’ – The keypair alias
• ‘sig_alg’ – The signature algorithm of the keypair, e.g. SHA256WithRSA, SHA1WithRSA, etc.
• ‘client_ip’ – The IP address of the client device that performed the signing
• ‘created_by’ – The ID of the user that performed the signing

An example of a request URL (for a production account) with all filters applied:

https://one.digicert.com/signingmanager/api/v1/signatures/export?limit=100&offset=0&signing_status=FAILED&id=xxxxxxxx-xxxx-xxxx-xxxxxxxxxx&keypair_id=xxxxxxxx-xxxx-xxxx-xxxxxxxxxx&keypair_alias=key1&sig_alg=SHA1WithRSA&client_ip=192.168.101.1&created_by=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx

Note: Only the tags for the desired filter values need to be added to your endpoint URL, e.g. if only filtering for a particular keypair alias and limiting results to 50, the endpoint for the request would be https://one.digicert.com/signingmanager/api/v1/signatures/export?account_id=xxxxxxxxxx-xxxx-xxxx-xxxxxx&limit=50&keypair_alias=key1  

For additional assistance, contact DigiCert Support.