You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

OCI Logging Search details

in Integration 1 comment

Summary:

Hi Team,

We are getting OCI audit logs through Observability & Management → Logging → Search, through the audit console.

We are using the query below to get results.

search "<tenancy_OCID>" | sort by datetime desc | where (data.additionalDetails.domainDisplayName = '<Domain>') and (data.additionalDetails.eventId = 'sso.app.access.success') | select data.additionalDetails.clientIp as "ClientIP" , time_format(datetime, 'yyyy-MM-dd hh:mm:ss z') as "Date", data.additionalDetails.domainDisplayName as "Domain", data.additionalDetails.actorName as "Actor",data.additionalDetails.ecId as "ECID", data.additionalDetails.eventId as "Event Id", data.message as "Event Description",data.additionalDetails.regionId as "regionId", data.additionalDetails.adminResourceName as "Target" ,data.additionalDetails.auditEventMapValue as "Details"

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!