Chilkat Online Tools

delphiDll / Datadog API Collection / Get a list of Audit Logs events

Back to Collection Items

var
http: HCkHttp;
success: Boolean;
queryParams: HCkJsonObject;
resp: HCkHttpResponse;
sbResponseBody: HCkStringBuilder;
jResp: HCkJsonObject;
respStatusCode: Integer;
Message: PWideChar;
Service: PWideChar;
Timestamp: PWideChar;
id: PWideChar;
v_type: PWideChar;
j: Integer;
count_j: Integer;
strVal: PWideChar;
code: PWideChar;
detail: PWideChar;
title: PWideChar;
v_Next: PWideChar;
Elapsed: PWideChar;
After: PWideChar;
Request_id: PWideChar;
Status: PWideChar;
i: Integer;
count_i: Integer;

begin
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

http := CkHttp_Create();

queryParams := CkJsonObject_Create();
CkJsonObject_UpdateString(queryParams,'filter[query]','<string>');
CkJsonObject_UpdateString(queryParams,'filter[from]','<dateTime>');
CkJsonObject_UpdateString(queryParams,'filter[to]','<dateTime>');
CkJsonObject_UpdateString(queryParams,'sort','-timestamp');
CkJsonObject_UpdateString(queryParams,'page[cursor]','<string>');
CkJsonObject_UpdateInt(queryParams,'page[limit]',10);

CkHttp_SetRequestHeader(http,'Accept','application/json');

resp := CkHttp_QuickRequestParams(http,'GET','https://api.app.ddog-gov.com/api/v2/audit/events',queryParams);
if (CkHttp_getLastMethodSuccess(http) = False) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

sbResponseBody := CkStringBuilder_Create();
CkHttpResponse_GetBodySb(resp,sbResponseBody);

jResp := CkJsonObject_Create();
CkJsonObject_LoadSb(jResp,sbResponseBody);
CkJsonObject_putEmitCompact(jResp,False);

Memo1.Lines.Add('Response Body:');
Memo1.Lines.Add(CkJsonObject__emit(jResp));

respStatusCode := CkHttpResponse_getStatusCode(resp);
Memo1.Lines.Add('Response Status Code = ' + IntToStr(respStatusCode));
if (respStatusCode >= 400) then
  begin
    Memo1.Lines.Add('Response Header:');
    Memo1.Lines.Add(CkHttpResponse__header(resp));
    Memo1.Lines.Add('Failed.');
    CkHttpResponse_Dispose(resp);
    Exit;
  end;
CkHttpResponse_Dispose(resp);

// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)

// {
//   "data": [
//     {
//       "attributes": {
//         "attributes": {
//           "utaff": {},
//           "dolore_6c": {},
//           "fugiat3b": {}
//         },
//         "message": "<string>",
//         "service": "<string>",
//         "tags": [
//           "<string>",
//           "<string>"
//         ],
//         "timestamp": "<dateTime>"
//       },
//       "id": "<string>",
//       "type": "audit"
//     },
//     {
//       "attributes": {
//         "attributes": {
//           "cillum_a": {}
//         },
//         "message": "<string>",
//         "service": "<string>",
//         "tags": [
//           "<string>",
//           "<string>"
//         ],
//         "timestamp": "<dateTime>"
//       },
//       "id": "<string>",
//       "type": "audit"
//     }
//   ],
//   "links": {
//     "next": "<string>"
//   },
//   "meta": {
//     "elapsed": "<long>",
//     "page": {
//       "after": "<string>"
//     },
//     "request_id": "<string>",
//     "status": "timeout",
//     "warnings": [
//       {
//         "code": "<string>",
//         "detail": "<string>",
//         "title": "<string>"
//       },
//       {
//         "code": "<string>",
//         "detail": "<string>",
//         "title": "<string>"
//       }
//     ]
//   }
// }

// Sample code for parsing the JSON response...
// Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code

v_Next := CkJsonObject__stringOf(jResp,'links.next');
Elapsed := CkJsonObject__stringOf(jResp,'meta.elapsed');
After := CkJsonObject__stringOf(jResp,'meta.page.after');
Request_id := CkJsonObject__stringOf(jResp,'meta.request_id');
Status := CkJsonObject__stringOf(jResp,'meta.status');
i := 0;
count_i := CkJsonObject_SizeOfArray(jResp,'data');
while i < count_i do
  begin
    CkJsonObject_putI(jResp,i);
    Message := CkJsonObject__stringOf(jResp,'data[i].attributes.message');
    Service := CkJsonObject__stringOf(jResp,'data[i].attributes.service');
    Timestamp := CkJsonObject__stringOf(jResp,'data[i].attributes.timestamp');
    id := CkJsonObject__stringOf(jResp,'data[i].id');
    v_type := CkJsonObject__stringOf(jResp,'data[i].type');
    j := 0;
    count_j := CkJsonObject_SizeOfArray(jResp,'data[i].attributes.tags');
    while j < count_j do
      begin
        CkJsonObject_putJ(jResp,j);
        strVal := CkJsonObject__stringOf(jResp,'data[i].attributes.tags[j]');
        j := j + 1;
      end;

    i := i + 1;
  end;

i := 0;
count_i := CkJsonObject_SizeOfArray(jResp,'meta.warnings');
while i < count_i do
  begin
    CkJsonObject_putI(jResp,i);
    code := CkJsonObject__stringOf(jResp,'meta.warnings[i].code');
    detail := CkJsonObject__stringOf(jResp,'meta.warnings[i].detail');
    title := CkJsonObject__stringOf(jResp,'meta.warnings[i].title');
    i := i + 1;
  end;

CkHttp_Dispose(http);
CkJsonObject_Dispose(queryParams);
CkStringBuilder_Dispose(sbResponseBody);
CkJsonObject_Dispose(jResp);

Curl Command

curl -G -d "filter[query]=%3Cstring%3E"
	-d "filter[from]=%3CdateTime%3E"
	-d "filter[to]=%3CdateTime%3E"
	-d "sort=-timestamp"
	-d "page[cursor]=%3Cstring%3E"
	-d "page[limit]=10"
	-H "Accept: application/json"
https://api.app.ddog-gov.com/api/v2/audit/events

Postman Collection Item JSON

{
  "name": "Get a list of Audit Logs events",
  "request": {
    "method": "GET",
    "header": [
      {
        "key": "Accept",
        "value": "application/json"
      }
    ],
    "url": {
      "raw": "{{baseUrl}}/api/v2/audit/events?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
      "host": [
        "{{baseUrl}}"
      ],
      "path": [
        "api",
        "v2",
        "audit",
        "events"
      ],
      "query": [
        {
          "key": "filter[query]",
          "value": "<string>",
          "description": "Search query following Audit Logs syntax."
        },
        {
          "key": "filter[from]",
          "value": "<dateTime>",
          "description": "Minimum timestamp for requested events."
        },
        {
          "key": "filter[to]",
          "value": "<dateTime>",
          "description": "Maximum timestamp for requested events."
        },
        {
          "key": "sort",
          "value": "-timestamp",
          "description": "Order of events in results."
        },
        {
          "key": "page[cursor]",
          "value": "<string>",
          "description": "List following results with a cursor provided in the previous query."
        },
        {
          "key": "page[limit]",
          "value": "10",
          "description": "Maximum number of events in the response."
        }
      ]
    },
    "description": "List endpoint returns events that match a Audit Logs search query.\n[Results are paginated][1].\n\nUse this endpoint to see your latest Audit Logs events.\n\n[1]: https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination"
  },
  "response": [
    {
      "name": "OK",
      "originalRequest": {
        "method": "GET",
        "header": [
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "url": {
          "raw": "{{baseUrl}}/api/v2/audit/events?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "audit",
            "events"
          ],
          "query": [
            {
              "key": "filter[query]",
              "value": "<string>",
              "description": "Search query following Audit Logs syntax."
            },
            {
              "key": "filter[from]",
              "value": "<dateTime>",
              "description": "Minimum timestamp for requested events."
            },
            {
              "key": "filter[to]",
              "value": "<dateTime>",
              "description": "Maximum timestamp for requested events."
            },
            {
              "key": "sort",
              "value": "-timestamp",
              "description": "Order of events in results."
            },
            {
              "key": "page[cursor]",
              "value": "<string>",
              "description": "List following results with a cursor provided in the previous query."
            },
            {
              "key": "page[limit]",
              "value": "10",
              "description": "Maximum number of events in the response."
            }
          ]
        }
      },
      "status": "OK",
      "code": 200,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"data\": [\n    {\n      \"attributes\": {\n        \"attributes\": {\n          \"utaff\": {},\n          \"dolore_6c\": {},\n          \"fugiat3b\": {}\n        },\n        \"message\": \"<string>\",\n        \"service\": \"<string>\",\n        \"tags\": [\n          \"<string>\",\n          \"<string>\"\n        ],\n        \"timestamp\": \"<dateTime>\"\n      },\n      \"id\": \"<string>\",\n      \"type\": \"audit\"\n    },\n    {\n      \"attributes\": {\n        \"attributes\": {\n          \"cillum_a\": {}\n        },\n        \"message\": \"<string>\",\n        \"service\": \"<string>\",\n        \"tags\": [\n          \"<string>\",\n          \"<string>\"\n        ],\n        \"timestamp\": \"<dateTime>\"\n      },\n      \"id\": \"<string>\",\n      \"type\": \"audit\"\n    }\n  ],\n  \"links\": {\n    \"next\": \"<string>\"\n  },\n  \"meta\": {\n    \"elapsed\": \"<long>\",\n    \"page\": {\n      \"after\": \"<string>\"\n    },\n    \"request_id\": \"<string>\",\n    \"status\": \"timeout\",\n    \"warnings\": [\n      {\n        \"code\": \"<string>\",\n        \"detail\": \"<string>\",\n        \"title\": \"<string>\"\n      },\n      {\n        \"code\": \"<string>\",\n        \"detail\": \"<string>\",\n        \"title\": \"<string>\"\n      }\n    ]\n  }\n}"
    },
    {
      "name": "Bad Request",
      "originalRequest": {
        "method": "GET",
        "header": [
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "url": {
          "raw": "{{baseUrl}}/api/v2/audit/events?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "audit",
            "events"
          ],
          "query": [
            {
              "key": "filter[query]",
              "value": "<string>",
              "description": "Search query following Audit Logs syntax."
            },
            {
              "key": "filter[from]",
              "value": "<dateTime>",
              "description": "Minimum timestamp for requested events."
            },
            {
              "key": "filter[to]",
              "value": "<dateTime>",
              "description": "Maximum timestamp for requested events."
            },
            {
              "key": "sort",
              "value": "-timestamp",
              "description": "Order of events in results."
            },
            {
              "key": "page[cursor]",
              "value": "<string>",
              "description": "List following results with a cursor provided in the previous query."
            },
            {
              "key": "page[limit]",
              "value": "10",
              "description": "Maximum number of events in the response."
            }
          ]
        }
      },
      "status": "Bad Request",
      "code": 400,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Not Authorized",
      "originalRequest": {
        "method": "GET",
        "header": [
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "url": {
          "raw": "{{baseUrl}}/api/v2/audit/events?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "audit",
            "events"
          ],
          "query": [
            {
              "key": "filter[query]",
              "value": "<string>",
              "description": "Search query following Audit Logs syntax."
            },
            {
              "key": "filter[from]",
              "value": "<dateTime>",
              "description": "Minimum timestamp for requested events."
            },
            {
              "key": "filter[to]",
              "value": "<dateTime>",
              "description": "Maximum timestamp for requested events."
            },
            {
              "key": "sort",
              "value": "-timestamp",
              "description": "Order of events in results."
            },
            {
              "key": "page[cursor]",
              "value": "<string>",
              "description": "List following results with a cursor provided in the previous query."
            },
            {
              "key": "page[limit]",
              "value": "10",
              "description": "Maximum number of events in the response."
            }
          ]
        }
      },
      "status": "Forbidden",
      "code": 403,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    },
    {
      "name": "Too many requests",
      "originalRequest": {
        "method": "GET",
        "header": [
          {
            "key": "Accept",
            "value": "application/json"
          },
          {
            "description": "Added as a part of security scheme: apikey",
            "key": "DD-API-KEY",
            "value": "<API Key>"
          }
        ],
        "url": {
          "raw": "{{baseUrl}}/api/v2/audit/events?filter[query]=<string>&filter[from]=<dateTime>&filter[to]=<dateTime>&sort=-timestamp&page[cursor]=<string>&page[limit]=10",
          "host": [
            "{{baseUrl}}"
          ],
          "path": [
            "api",
            "v2",
            "audit",
            "events"
          ],
          "query": [
            {
              "key": "filter[query]",
              "value": "<string>",
              "description": "Search query following Audit Logs syntax."
            },
            {
              "key": "filter[from]",
              "value": "<dateTime>",
              "description": "Minimum timestamp for requested events."
            },
            {
              "key": "filter[to]",
              "value": "<dateTime>",
              "description": "Maximum timestamp for requested events."
            },
            {
              "key": "sort",
              "value": "-timestamp",
              "description": "Order of events in results."
            },
            {
              "key": "page[cursor]",
              "value": "<string>",
              "description": "List following results with a cursor provided in the previous query."
            },
            {
              "key": "page[limit]",
              "value": "10",
              "description": "Maximum number of events in the response."
            }
          ]
        }
      },
      "status": "Too Many Requests",
      "code": 429,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "Content-Type",
          "value": "application/json"
        }
      ],
      "cookie": [
      ],
      "body": "{\n  \"errors\": [\n    \"<string>\",\n    \"<string>\"\n  ]\n}"
    }
  ]
}