Back to Collection Items
#import <CkoHttp.h>
#import <CkoJsonObject.h>
#import <CkoHttpResponse.h>
#import <CkoStringBuilder.h>
#import <NSString.h>
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkoHttp *http = [[CkoHttp alloc] init];
BOOL success;
// Use this online tool to generate code from sample JSON: Generate Code to Create JSON
// The following JSON is sent in the request body.
// {
// "filter": {
// "from": "now-15m",
// "query": "*",
// "to": "now"
// },
// "options": {
// "time_offset": "<long>",
// "timezone": "UTC"
// },
// "page": {
// "cursor": "<string>",
// "limit": 10
// },
// "sort": "-timestamp"
// }
CkoJsonObject *json = [[CkoJsonObject alloc] init];
[json UpdateString: @"filter.from" value: @"now-15m"];
[json UpdateString: @"filter.query" value: @"*"];
[json UpdateString: @"filter.to" value: @"now"];
[json UpdateString: @"options.time_offset" value: @"<long>"];
[json UpdateString: @"options.timezone" value: @"UTC"];
[json UpdateString: @"page.cursor" value: @"<string>"];
[json UpdateInt: @"page.limit" value: [NSNumber numberWithInt: 10]];
[json UpdateString: @"sort" value: @"-timestamp"];
[http SetRequestHeader: @"Content-Type" value: @"application/json"];
[http SetRequestHeader: @"Accept" value: @"application/json"];
CkoHttpResponse *resp = [http PostJson3: @"https://api.app.ddog-gov.com/api/v2/audit/events/search" contentType: @"application/json" json: json];
if (http.LastMethodSuccess == NO) {
NSLog(@"%@",http.LastErrorText);
return;
}
CkoStringBuilder *sbResponseBody = [[CkoStringBuilder alloc] init];
[resp GetBodySb: sbResponseBody];
CkoJsonObject *jResp = [[CkoJsonObject alloc] init];
[jResp LoadSb: sbResponseBody];
jResp.EmitCompact = NO;
NSLog(@"%@",@"Response Body:");
NSLog(@"%@",[jResp Emit]);
int respStatusCode = [resp.StatusCode intValue];
NSLog(@"%@%d",@"Response Status Code = ",respStatusCode);
if (respStatusCode >= 400) {
NSLog(@"%@",@"Response Header:");
NSLog(@"%@",resp.Header);
NSLog(@"%@",@"Failed.");
return;
}
// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)
// {
// "data": [
// {
// "attributes": {
// "attributes": {
// "utaff": {},
// "dolore_6c": {},
// "fugiat3b": {}
// },
// "message": "<string>",
// "service": "<string>",
// "tags": [
// "<string>",
// "<string>"
// ],
// "timestamp": "<dateTime>"
// },
// "id": "<string>",
// "type": "audit"
// },
// {
// "attributes": {
// "attributes": {
// "cillum_a": {}
// },
// "message": "<string>",
// "service": "<string>",
// "tags": [
// "<string>",
// "<string>"
// ],
// "timestamp": "<dateTime>"
// },
// "id": "<string>",
// "type": "audit"
// }
// ],
// "links": {
// "next": "<string>"
// },
// "meta": {
// "elapsed": "<long>",
// "page": {
// "after": "<string>"
// },
// "request_id": "<string>",
// "status": "timeout",
// "warnings": [
// {
// "code": "<string>",
// "detail": "<string>",
// "title": "<string>"
// },
// {
// "code": "<string>",
// "detail": "<string>",
// "title": "<string>"
// }
// ]
// }
// }
// Sample code for parsing the JSON response...
// Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
NSString *Message = 0;
NSString *Service = 0;
NSString *Timestamp = 0;
NSString *id = 0;
NSString *v_type = 0;
int j;
int count_j;
NSString *strVal = 0;
NSString *code = 0;
NSString *detail = 0;
NSString *title = 0;
NSString *v_Next = [jResp StringOf: @"links.next"];
NSString *Elapsed = [jResp StringOf: @"meta.elapsed"];
NSString *After = [jResp StringOf: @"meta.page.after"];
NSString *Request_id = [jResp StringOf: @"meta.request_id"];
NSString *Status = [jResp StringOf: @"meta.status"];
int i = 0;
int count_i = [[jResp SizeOfArray: @"data"] intValue];
while (i < count_i) {
jResp.I = [NSNumber numberWithInt: i];
Message = [jResp StringOf: @"data[i].attributes.message"];
Service = [jResp StringOf: @"data[i].attributes.service"];
Timestamp = [jResp StringOf: @"data[i].attributes.timestamp"];
id = [jResp StringOf: @"data[i].id"];
v_type = [jResp StringOf: @"data[i].type"];
j = 0;
count_j = [[jResp SizeOfArray: @"data[i].attributes.tags"] intValue];
while (j < count_j) {
jResp.J = [NSNumber numberWithInt: j];
strVal = [jResp StringOf: @"data[i].attributes.tags[j]"];
j = j + 1;
}
i = i + 1;
}
i = 0;
count_i = [[jResp SizeOfArray: @"meta.warnings"] intValue];
while (i < count_i) {
jResp.I = [NSNumber numberWithInt: i];
code = [jResp StringOf: @"meta.warnings[i].code"];
detail = [jResp StringOf: @"meta.warnings[i].detail"];
title = [jResp StringOf: @"meta.warnings[i].title"];
i = i + 1;
}
Curl Command
curl -X POST
-H "Content-Type: application/json"
-H "Accept: application/json"
-d '{
"filter": {
"from": "now-15m",
"query": "*",
"to": "now"
},
"options": {
"time_offset": "<long>",
"timezone": "UTC"
},
"page": {
"cursor": "<string>",
"limit": 10
},
"sort": "-timestamp"
}'
https://api.app.ddog-gov.com/api/v2/audit/events/search
Postman Collection Item JSON
{
"name": "Search Audit Logs events",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"filter\": {\n \"from\": \"now-15m\",\n \"query\": \"*\",\n \"to\": \"now\"\n },\n \"options\": {\n \"time_offset\": \"<long>\",\n \"timezone\": \"UTC\"\n },\n \"page\": {\n \"cursor\": \"<string>\",\n \"limit\": 10\n },\n \"sort\": \"-timestamp\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/audit/events/search",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"audit",
"events",
"search"
]
},
"description": "List endpoint returns Audit Logs events that match an Audit search query.\n[Results are paginated][1].\n\nUse this endpoint to build complex Audit Logs events filtering and search.\n\n[1]: https://docs.datadoghq.com/logs/guide/collect-multiple-logs-with-pagination"
},
"response": [
{
"name": "OK",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"filter\": {\n \"from\": \"now-15m\",\n \"query\": \"*\",\n \"to\": \"now\"\n },\n \"options\": {\n \"time_offset\": \"<long>\",\n \"timezone\": \"UTC\"\n },\n \"page\": {\n \"cursor\": \"<string>\",\n \"limit\": 10\n },\n \"sort\": \"-timestamp\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/audit/events/search",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"audit",
"events",
"search"
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"data\": [\n {\n \"attributes\": {\n \"attributes\": {\n \"utaff\": {},\n \"dolore_6c\": {},\n \"fugiat3b\": {}\n },\n \"message\": \"<string>\",\n \"service\": \"<string>\",\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"timestamp\": \"<dateTime>\"\n },\n \"id\": \"<string>\",\n \"type\": \"audit\"\n },\n {\n \"attributes\": {\n \"attributes\": {\n \"cillum_a\": {}\n },\n \"message\": \"<string>\",\n \"service\": \"<string>\",\n \"tags\": [\n \"<string>\",\n \"<string>\"\n ],\n \"timestamp\": \"<dateTime>\"\n },\n \"id\": \"<string>\",\n \"type\": \"audit\"\n }\n ],\n \"links\": {\n \"next\": \"<string>\"\n },\n \"meta\": {\n \"elapsed\": \"<long>\",\n \"page\": {\n \"after\": \"<string>\"\n },\n \"request_id\": \"<string>\",\n \"status\": \"timeout\",\n \"warnings\": [\n {\n \"code\": \"<string>\",\n \"detail\": \"<string>\",\n \"title\": \"<string>\"\n },\n {\n \"code\": \"<string>\",\n \"detail\": \"<string>\",\n \"title\": \"<string>\"\n }\n ]\n }\n}"
},
{
"name": "Bad Request",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"filter\": {\n \"from\": \"now-15m\",\n \"query\": \"*\",\n \"to\": \"now\"\n },\n \"options\": {\n \"time_offset\": \"<long>\",\n \"timezone\": \"UTC\"\n },\n \"page\": {\n \"cursor\": \"<string>\",\n \"limit\": 10\n },\n \"sort\": \"-timestamp\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/audit/events/search",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"audit",
"events",
"search"
]
}
},
"status": "Bad Request",
"code": 400,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Not Authorized",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"filter\": {\n \"from\": \"now-15m\",\n \"query\": \"*\",\n \"to\": \"now\"\n },\n \"options\": {\n \"time_offset\": \"<long>\",\n \"timezone\": \"UTC\"\n },\n \"page\": {\n \"cursor\": \"<string>\",\n \"limit\": 10\n },\n \"sort\": \"-timestamp\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/audit/events/search",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"audit",
"events",
"search"
]
}
},
"status": "Forbidden",
"code": 403,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
},
{
"name": "Too many requests",
"originalRequest": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"description": "Added as a part of security scheme: apikey",
"key": "DD-API-KEY",
"value": "<API Key>"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"filter\": {\n \"from\": \"now-15m\",\n \"query\": \"*\",\n \"to\": \"now\"\n },\n \"options\": {\n \"time_offset\": \"<long>\",\n \"timezone\": \"UTC\"\n },\n \"page\": {\n \"cursor\": \"<string>\",\n \"limit\": 10\n },\n \"sort\": \"-timestamp\"\n}",
"options": {
"raw": {
"headerFamily": "json",
"language": "json"
}
}
},
"url": {
"raw": "{{baseUrl}}/api/v2/audit/events/search",
"host": [
"{{baseUrl}}"
],
"path": [
"api",
"v2",
"audit",
"events",
"search"
]
}
},
"status": "Too Many Requests",
"code": 429,
"_postman_previewlanguage": "json",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"cookie": [
],
"body": "{\n \"errors\": [\n \"<string>\",\n \"<string>\"\n ]\n}"
}
]
}
