Skip to main content
POST
/
api
/
v1
/
search
/
finding_audits
Typescript (SDK)
import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript";

const conductoroneSDKTypescript = new ConductoroneSDKTypescript({
  security: {
    bearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
    oauth: "<YOUR_OAUTH_HERE>",
  },
});

async function run() {
  const result = await conductoroneSDKTypescript.findingAudit.search();

  console.log(result);
}

run();
{
  "list": [
    {
      "actorPrincipalId": "<string>",
      "actorSubject": "<string>",
      "appId": "<string>",
      "bulkOperationId": "<string>",
      "createdAt": "2023-11-07T05:31:56Z",
      "eventId": "<string>",
      "findingId": "<string>",
      "ocsf": {},
      "ticketId": "<string>"
    }
  ],
  "nextPageToken": "<string>"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Authorization
string
header
required

This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.

Body

application/json

The FindingAuditServiceSearchRequest message.

actorPrincipalId
string | null

The actorPrincipalId field.

actorSubject
string | null

Partial match via full-text search over the denormalized actor email / display name column.

appId
string | null

Empty skips the filter; non-empty must be a 27-char alphanumeric id.

eventTypes
enum<string>[] | null

Filter by one or more event types. Empty means any.

Available options:
FINDING_AUDIT_EVENT_TYPE_UNSPECIFIED,
FINDING_AUDIT_EVENT_TYPE_CREATED,
FINDING_AUDIT_EVENT_TYPE_STATE_CHANGED,
FINDING_AUDIT_EVENT_TYPE_SNOOZED,
FINDING_AUDIT_EVENT_TYPE_SNOOZE_EXPIRED,
FINDING_AUDIT_EVENT_TYPE_RISK_ACCEPTED,
FINDING_AUDIT_EVENT_TYPE_RISK_ACCEPTANCE_EXPIRED,
FINDING_AUDIT_EVENT_TYPE_SUPPRESSED,
FINDING_AUDIT_EVENT_TYPE_UNSUPPRESSED,
FINDING_AUDIT_EVENT_TYPE_RESOLVED,
FINDING_AUDIT_EVENT_TYPE_REOPENED,
FINDING_AUDIT_EVENT_TYPE_OWNER_CHANGED,
FINDING_AUDIT_EVENT_TYPE_SEVERITY_OVERRIDDEN,
FINDING_AUDIT_EVENT_TYPE_COMMENT,
FINDING_AUDIT_EVENT_TYPE_TASK_CREATED,
FINDING_AUDIT_EVENT_TYPE_TASK_CANCELLED,
FINDING_AUDIT_EVENT_TYPE_EVIDENCE_UPDATED,
FINDING_AUDIT_EVENT_TYPE_ROUTING_EVALUATED
findingId
string | null

Filter to a single finding. The detail-page timeline uses this. Empty skips the filter; non-empty must be a 27-char alphanumeric id.

pageSize
integer<int32> | null

The pageSize field.

pageToken
string | null

The pageToken field.

since
string<date-time> | null
until
string<date-time> | null

Response

200 - application/json

Successful response

The FindingAuditServiceSearchResponse message.

list
Finding Audit Event · object[] | null

The list field.

nextPageToken
string | null

The nextPageToken field.