Search Audit Events - C1 documentation

package main import( "context" "github.com/conductorone/conductorone-sdk-go/pkg/models/shared" conductoronesdkgo "github.com/conductorone/conductorone-sdk-go" "log" ) func main() { ctx := context.Background() s := conductoronesdkgo.New( conductoronesdkgo.WithSecurity(shared.Security{ BearerAuth: "<YOUR_BEARER_TOKEN_HERE>", Oauth: "<YOUR_OAUTH_HERE>", }), ) res, err := s.PaperSecretAdmin.SearchAuditEvents(ctx, nil) if err != nil { log.Fatal(err) } if res.PaperSecretAdminServiceSearchAuditEventsResponse != nil { // handle response } }

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Authorization

string

header

required

This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.

Body

application/json

The PaperSecretAdminServiceSearchAuditEventsRequest message.

actorEmail

string | null

Filter by external email (partial match via full-text search)

actorUserId

string | null

Filter by C1 user ID (internal users)

clientIp

string | null

Filter by client IP (exact match)

pageSize

integer<int32> | null

The pageSize field.

pageToken

string | null

The pageToken field.

vaultId

string | null

Filter by specific vault

Response

200 - application/json

Successful response

The PaperSecretAdminServiceSearchAuditEventsResponse message.

list

object[] | null

List contains OCSF events directly as JSON structs. Follows the same pattern as SystemLogServiceListEventsResponse.

nextPageToken

string | null

The nextPageToken field.