Kaa Documentation

Audit

Overview

Auditing is crucial for ensuring accountability and traceability within a system. It involves tracking essential activities related to user, device, or any other type of resource. Auditing provides a structured way to monitor operations for security, compliance, and operational insights. This process allows administrators to track who did what and when for detecting unauthorized actions and understanding system behaviors in case of issues.

Kaa platform supports Syslog as the audit channel for forwarding audit events to the remote audit server.

Event structure

An audit event is a JSON object with a standardized set of fields that captures information about activity within the Kaa platform.

Field Type Description Example
timestamp ISO 8601 Timestamp when event was triggered 2024-09-18T07:24:43.847059593Z
type string The type of event that triggered the audit USER_CREATED
principalId string ID of the principal who triggered the event aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=
principalType string Type of the principal who triggered the event user
resourceId string ID of the audit event’s entity aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL09zY2Fy
resourceType string Type of the audit event’s entity user
details object Additional details about the event (key-value pairs) {"name": "Oscar", "email": "oscar@gmail.com"}

Syslog

Protocol format:

<PRI>TIMESTAMP HOSTNAME APP-NAME PROCID MSG

Example

<86>Sep 18 07:24:43 localhost iamcore[234088]: {"timestamp":"2024-09-18T07:24:43.847059593Z","type":"USER_CREATED","principalType":"user","principalId":"aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=","resourceType":"user","resourceId":"aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL09zY2Fy","details":{"name":"Oscar","email":"oscar@gmail.com"}}
Field Description
PRI The value in angle brackets, (<86> in the example above), is called the Priority Value (PRIVAL).
It represents two values, Facility and Severity, such that: Priority Value = Facility * 8 + Severity

For example, the Priority Value of <86> represents Facility 10 and Severity 6 so that 10 * 8 + 6 = 86.
TIMESTAMP The time the event was created in a format that conforms to ISO 8601
HOSTNAME Identifies the machine that sent the syslog message and is determined by the syslog process running on Conjur Enterprise.
APP-NAME Identifies the name of the workload sending the log message.
PROCID The Process ID can be used to further identify the sender of a log message.
MSG Audit event.

Event types

Type Description
Account management  
ACCOUNT_CREATED Indicates that a system account is created during the platform’s initial setup.
APPLICATION_CREATED Indicates that Kaa system application is created during the platform’s initial setup.
RESOURCE_TYPE_CREATED Indicates that Kaa resource types are created during the platform’s setup.
TENANT_CREATED Indicates that a tenant is created.
TENANT_DISPLAY_NAME_UPDATED Indicates that a tenant`s name is updated.
TENANT_DELETED Indicates that a tenant is deleted.
   
User management  
USER_CREATED Indicates that a user is created on the platform.
USER_EMAIL_UPDATED Indicates that a user`s email is updated.
USER_FIRST_NAME_UPDATED Indicates that a user`s first name is updated.
USER_LAST_NAME_UPDATED Indicates that a user`s last name is updated.
USER_ENABLED_UPDATED Indicates that a user`s state is updated.
USER_PASSWORD_UPDATED Indicates that a user’s password is updated, either through a reset or a change.
USER_DELETED Indicates that a user is deleted.
API_KEY_CREATED Indicates that an Api Key is created for a user.
API_KEY_STATE_UPDATED Indicates that a user’s Api Key state is updated.
GROUP_CREATED Indicates that a group is created.
GROUP_DELETED Indicates that a group is deleted.
GROUP_DISPLAY_NAME_UPDATED Indicates that a group`s name is updated.
GROUP_MEMBER_ATTACHED Indicates that a user is added to a group.
GROUP_MEMBER_DETACHED Indicates that a user is removed from a group.
POOL_CREATED Indicates that a resource group is created.
POOL_DELETED Indicates that a resource group is deleted.
POOL_RESOURCE_ATTACHED Indicates that a resource is added to a resource group.
POOL_RESOURCE_DETACHED Indicates that a resource is removed from a resource group.
POLICY_CREATED Indicates that a policy is created.
POLICY_DESCRIPTION_UPDATED Indicates that a policy`s description is updated.
POLICY_STATEMENTS_UPDATED Indicates that a policy`s statements are updated.
POLICY_DELETED Indicates that a policy is deleted.
POLICY_PRINCIPAL_ATTACHED Indicates that a principal is attached to a policy.
POLICY_PRINCIPAL_DETACHED Indicates that a principal is detached from a policy.
   
Resource management  
RESOURCE_CREATED Indicates that a resource of a specific type is created on the platform.
RESOURCE_DELETED Indicates that a resource of a specific type is deleted from the platform.

ACCOUNT_CREATED

Indicates that a system account is created during the platform’s initial setup.

{
  "timestamp": "2024-09-23T05:31:49.215956859Z",
  "type": "ACCOUNT_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
  "resourceType": "account",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OmFjY291bnQvcmM3M2RiaDdxMA==",
  "details": {
    "email": "admin@gmail.com",
    "irn": "irn:rc73dbh7q0:iamcore:::account/rc73dbh7q0",
    "issuerId": "c02202db-7e4a-4125-9c14-c72467a6b079"
  }
}

APPLICATION_CREATED

Indicates that Kaa system application is created during the platform’s initial setup.

{
  "timestamp": "2024-09-23T05:31:57.565798026Z",
  "type": "APPLICATION_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
  "resourceType": "application",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OmFwcGxpY2F0aW9uL2thYQ==",
  "details": {
    "displayName": "Kaa",
    "irn": "irn:rc73dbh7q0:iamcore:::application/kaa",
    "name": "kaa"
  }
}

RESOURCE_TYPE_CREATED

Indicates that Kaa resource types are created during the platform’s setup.

{
  "timestamp": "2024-09-23T05:32:06.524802484Z",
  "type": "RESOURCE_TYPE_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
  "resourceType": "resource-type",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjo6cmVzb3VyY2UtdHlwZS9lbmRwb2ludA==",
  "details": {
    "irn": "irn:rc73dbh7q0:kaa:::resource-type/endpoint",
    "description": "Device resource type",
    "type": "endpoint",
    "actionPrefix": "endpoint",
    "application": "irn:rc73dbh7q0:iamcore:::application/kaa",
    "operations": [
      "read",
      "delete"
    ]
  }
}

TENANT_CREATED

Indicates that a tenant is created.

{
  "timestamp": "2024-09-23T05:33:09.184410422Z",
  "type": "TENANT_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
  "resourceType": "tenant",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp0ZW5hbnQvNDdnNWwyaWpjMA==",
  "details": {
    "accountId": "rc73dbh7q0",
    "displayName": "Kaa",
    "irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::tenant/47g5l2ijc0",
    "loginTheme": "iamcore",
    "name": "kaa"
  }
}

TENANT_DISPLAY_NAME_UPDATED

Indicates that a tenant`s name is updated.

{
  "timestamp": "2024-09-23T05:33:10.949813696Z",
  "type": "TENANT_DISPLAY_NAME_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
  "resourceType": "tenant",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp0ZW5hbnQvNDdnNWwyaWpjMA==",
  "details": {
    "newDisplayName": "Kaa Cloud",
    "oldDisplayName": "Kaa"
  }
}

TENANT_DELETED

Indicates that a tenant is deleted.

{
  "timestamp": "2024-09-23T05:33:10.949813696Z",
  "type": "TENANT_DELETED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
  "resourceType": "tenant",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp0ZW5hbnQvNDdnNWwyaWpjMA=="
}

USER_CREATED

Indicates that a user is created on the platform.

{
  "timestamp": "2024-09-18T07:24:43.847059593Z",
  "type": "USER_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
  "resourceType": "user",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "details": {
    "irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/oscar",
    "authId": "dde1a9d7-8485-4a49-9e7d-6fd993339b05",
    "username": "oscar",
    "firstName": "Oscar",
    "lastName": "Doe",
    "email": "oscar@gmail.com",
    "enabled": true,
    "tenantId": "47g5l2ijc0"
  }
}

USER_EMAIL_UPDATED

Indicates that a user`s email is updated.

{
  "timestamp": "2024-09-19T11:00:54.1036762-05:00",
  "type": "USER_EMAIL_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
  "resourceType": "user",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "details": {
    "newEmail": "oscar-doe@gmail.com",
    "oldEmail": "oscar@gmail.com"
  }
}

USER_FIRST_NAME_UPDATED

Indicates that a user`s first name is updated.

{
  "timestamp": "2024-09-19T11:00:54.1036762-05:00",
  "type": "USER_FIRST_NAME_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
  "resourceType": "user",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "details": {
    "newFirstName": "Oscar M",
    "oldFirstName": "Oscar"
  }
}

USER_LAST_NAME_UPDATED

Indicates that a user`s last name is updated.

{
  "timestamp": "2024-09-19T11:00:54.1036762-05:00",
  "type": "USER_LAST_NAME_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
  "resourceType": "user",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "details": {
    "newLastName": "Doe T",
    "oldLastName": "Doe"
  }
}

USER_ENABLED_UPDATED

Indicates that a user`s state is updated.

{
  "timestamp": "2024-09-19T11:00:54.1036762-05:00",
  "type": "USER_ENABLED_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
  "resourceType": "user",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "details": {
    "newEnabled": false,
    "oldEnabled": true
  }
}

USER_PASSWORD_UPDATED

Indicates that a user’s password is updated, either through a reset or a change.

{
  "timestamp": "2024-09-19T11:00:54.1036762-05:00",
  "type": "USER_PASSWORD_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
  "resourceType": "user",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy"
}

USER_DELETED

Indicates that a user is deleted.

{
  "timestamp": "2024-09-19T11:00:54.1036762-05:00",
  "type": "USER_DELETED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
  "resourceType": "user",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy"
}

API_KEY_CREATED

Indicates that an Api Key is created for a user.

{
  "timestamp": "2024-09-23T05:31:52.881782158Z",
  "type": "API_KEY_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "api-key",
  "resourceId": "HRz3icLSAPojohB4PJz0b4OCKXjaDqqZAkJm5KhCxkqLNMHHUbnKhQGRxjw6SuzL",
  "details": {
    "principal": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/oscar",
    "state": "active"
  }
}

API_KEY_STATE_UPDATED

Indicates that a user’s Api Key state is updated.

{
  "timestamp": "2024-09-23T05:31:55.854325061Z",
  "type": "API_KEY_STATE_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "api-key",
  "resourceId": "HRz3icLSAPojohB4PJz0b4OCKXjaDqqZAkJm5KhCxkqLNMHHUbnKhQGRxjw6SuzL",
  "details": {
    "newState": "suspended",
    "oldState": "active",
    "principal": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/oscar"
  }
}

GROUP_CREATED

Indicates that a group is created.

{
  "timestamp": "2024-09-23T05:32:36.507289587Z",
  "type": "GROUP_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "group",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ==",
  "details": {
    "displayName": "Java developers",
    "irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::group/developer/java",
    "name": "java",
    "path": "/developer",
    "tenantId": "47g5l2ijc0"
  }
}

GROUP_DISPLAY_NAME_UPDATED

Indicates that a group`s name is updated.

{
  "timestamp": "2024-09-23T05:32:36.507289587Z",
  "type": "GROUP_DISPLAY_NAME_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "group",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ==",
  "details": {
    "newDisplayName": "Java Junior developers",
    "oldDisplayName": "Java developers"
  }
}

GROUP_DELETED

Indicates that a group is deleted.

{
  "timestamp": "2024-09-23T05:32:36.507289587Z",
  "type": "GROUP_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "group",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ=="
}

GROUP_MEMBER_ATTACHED

Indicates that a user is added to a group.

{
  "timestamp": "2024-09-23T05:32:43.090589379Z",
  "type": "GROUP_MEMBER_ATTACHED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "group",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ==",
  "details": {
    "member": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/Jack"
  }
}

GROUP_MEMBER_DETACHED

Indicates that a user is removed from a group.

{
  "timestamp": "2024-09-23T05:32:43.090589379Z",
  "type": "GROUP_MEMBER_DETACHED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "group",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ==",
  "details": {
    "member": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/Jack"
  }
}

POOL_CREATED

Indicates that a resource group is created.

{
  "timestamp": "2024-09-23T05:32:51.152087477-05:00",
  "type": "POOL_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "pool",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb29sL2xhcHRvcA==",
  "details": {
    "irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::pool/laptop",
    "name": "laptop"
  }
}

POOL_DELETED

Indicates that a resource group is deleted.

{
  "timestamp": "2024-09-23T05:32:51.152087477-05:00",
  "type": "POOL_DELETED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "pool",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb29sL2xhcHRvcA=="
}

POOL_RESOURCE_ATTACHED

Indicates that a resource is added to a resource group.

{
  "timestamp": "2024-09-23T05:32:51.484213881Z",
  "type": "POOL_RESOURCE_ATTACHED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "pool",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb29sL2xhcHRvcA==",
  "details": {
    "resource": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/nebula-pad"
  }
}

POOL_RESOURCE_DETACHED

Indicates that a resource is removed from a resource group.

{
  "timestamp": "2024-09-23T05:32:51.484213881Z",
  "type": "POOL_RESOURCE_DETACHED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "pool",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb29sL2xhcHRvcA==",
  "details": {
    "resource": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/nebula-pad"
  }
}

POLICY_CREATED

Indicates that a policy is created.

{
  "timestamp": "2024-09-23T05:33:00.964473226Z",
  "type": "POLICY_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "policy",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
  "details": {
    "id": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
    "irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::policy/device-reader",
    "name": "device-reader",
    "type": "identity",
    "origin": "api",
    "version": "1.0.0",
    "statements": [
      {
        "Effect": "allow",
        "Resources": [
          "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat"
        ],
        "Actions": [
          "endpoint:read"
        ]
      }
    ]
  }
}

Specifies that a resource policy is created, granting full permissions to the resource created by the principal.

{
  "timestamp": "2024-09-23T05:33:00.964473226Z",
  "type": "POLICY_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "policy",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmVuZHBvaW50L3RoZXJtb3N0YXQ=",
  "details": {
    "description": "Resource policy",
    "irn": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat",
    "name": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat",
    "origin": "api",
    "type": "resource",
    "version": "1.0.0",
    "statements": [
      {
        "Effect": "allow",
        "Principals": [
          "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/oscar"
        ],
        "Resources": [
          "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat"
        ],
        "Actions": [
          "*"
        ]
      }
    ]
  }
}

POLICY_DESCRIPTION_UPDATED

Indicates that a policy`s description is updated.

{
  "timestamp": "2024-09-23T05:33:00.964473226Z",
  "type": "POLICY_DESCRIPTION_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "policy",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
  "details": {
    "newDescription": "Allow device read access",
    "oldDescription": ""
  }
}

POLICY_STATEMENTS_UPDATED

Indicates that a policy`s statements are updated.

{
  "timestamp": "2024-09-23T05:33:00.964473226Z",
  "type": "POLICY_STATEMENTS_UPDATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "policy",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
  "details": {
    "oldStatements": [
      {
        "Effect": "allow",
        "Resources": [
          "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat"
        ],
        "Actions": [
          "endpoint:read"
        ]
      }
    ],
    "newStatements": [
      {
        "Effect": "deny",
        "Resources": [
          "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat"
        ],
        "Actions": [
          "endpoint:delete"
        ]
      }
    ]
  }
}

POLICY_DELETED

Indicates that a policy is deleted

{
  "timestamp": "2024-09-23T05:33:00.964473226Z",
  "type": "POLICY_DELETED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "policy",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg=="
}

POLICY_PRINCIPAL_ATTACHED

Indicates that a principal is attached to a policy.

{
  "timestamp": "2024-09-23T05:32:11.581492798Z",
  "type": "POLICY_PRINCIPAL_ATTACHED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "policy",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
  "details": {
    "principal": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/Jack"
  }
}

POLICY_PRINCIPAL_DETACHED

Indicates that a principal is detached from a policy.

{
  "timestamp": "2024-09-23T05:32:11.581492798Z",
  "type": "POLICY_PRINCIPAL_DETACHED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "policy",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
  "details": {
    "principal": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/Jack"
  }
}

RESOURCE_CREATED

Indicates that a resource is created. Each resource type represents a unique entity within the platform.

Examples of resources:

  • application
  • endpoint
  • dashboard
  • ui-system
  • report
  • asset
  • asset-type
  • rule
  • rule-execution-action
  • alert-activation-action
  • alert-resolution-action
  • send-email-action
  • ttn-app-integration
  • ttn-device-integration
  • etc.

The structure of the RESOURCE_CREATED event varies depending on the resource type, but in general it follows the next template.

{
  "timestamp": "2024-09-18T07:33:21.588026971z",
  "type": "RESOURCE_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "${resource-type}",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmFwcGxpY2F0aW9uL2Nyb2dpZm5yY2diYzczZnY3bWFn",
  "details": {
    "id": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmFwcGxpY2F0aW9uL2Nyb2dpZm5yY2diYzczZnY3bWFn",
    "irn": "irn:rc73dbh7q0:kaa:47g5l2ijc0::${resource-type}/${resourceId}",
    "name": "${resourceId}",
    "resourceType": "${resource-type}",
    "description": "resource description",
    "tenantID": "47g5l2ijc0",
    "application": "kaa"
  }
}

RESOURCE_CREATED event specific examples.

Application created event.

{
  "timestamp": "2024-09-18T07:33:21.588026971z",
  "type": "RESOURCE_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "application",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmFwcGxpY2F0aW9uL2Nyb2dpZm5yY2diYzczZnY3bWFn",
  "details": {
    "id": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmFwcGxpY2F0aW9uL2Nyb2dpZm5yY2diYzczZnY3bWFn",
    "irn": "irn:rc73dbh7q0:kaa:47g5l2ijc0::application/crogifnrcgbc73fv7mag",
    "name": "crogifnrcgbc73fv7mag",
    "description": "Energy Consumption application",
    "tenantID": "47g5l2ijc0",
    "application": "kaa",
    "resourceType": "application"
  }
}

Device registration event.

{
  "timestamp": "2024-09-18T07:33:21.588026971z",
  "type": "RESOURCE_CREATED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
  "resourceType": "endpoint",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmVuZHBvaW50L3RoZXJtb3N0YXQ=",
  "details": {
    "irn": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat",
    "name": "thermostat",
    "description": "Connected thermostat",
    "tenantID": "47g5l2ijc0",
    "application": "kaa",
    "resourceType": "endpoint"
  }
}

RESOURCE_DELETED

{
  "timestamp": "2024-09-18T07:33:21.588026971z",
  "type": "RESOURCE_DELETED",
  "principalType": "user",
  "principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy=",
  "resourceType": "${resource-type}",
  "resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmVuZHBvaW50L3RoZXJtb3N0YXQ="
}