...
The Audit Logs page shows the following information for each event:
Timestamp: the The UTC timestamp of the task performed by the user
User: the The name of the user account from which the task was performed
Source IP: the The IP address of the source that initiated the task
Resource Type: the The resource with which the performed task was associatedFor example, if a user performed a specific task on a host, this field would display the host’s name.
Action: the The action performed by a user
For example, this field would display Update if a user updated the host’s configuration or Delete if a user deleted tags on a host.Event Summary: information Information about the action taken for the event
Click View Metadata to view the following additional information for a specific event:Session Type: the The type of authentication used for the event’s session
For example, this can be bearer (which is session-based) or token (which is token-based).Subject Role: the The role of the subject who generated this event
Session ID: the The audit session ID associated with this login session
App Identifier: the The application source associated with the audit session
Full Request URI: the The full URI of the API request sent for this event
API Request ID: the The API request ID of the audit event
Resource ID: the The ID of the resource type
HTTP Verb: the The operation performed on the event
The most commonly used operations are POST, GET, PUT, PATCH,and DELETE.HTTP Response Code: the The HTTP status code that indicates whether the HTTP request associated with this event has been completed successfully
For example, 200 indicates the request completed successfully.
...