:py:mod:`laceworksdk.api.v2.audit_logs`
=======================================

.. py:module:: laceworksdk.api.v2.audit_logs

.. autoapi-nested-parse::

   Lacework AuditLogs API wrapper.



Module Contents
---------------

Classes
~~~~~~~

.. autoapisummary::

   laceworksdk.api.v2.audit_logs.AuditLogsAPI




.. py:class:: AuditLogsAPI(session)


   Bases: :py:obj:`laceworksdk.api.base_endpoint.BaseEndpoint`

   A class used to represent the `Audit Log API endpoint <https://docs.lacework.net/api/v2/docs/#tag/AuditLogs>`_

   Get audit logs.

   .. py:property:: session

      Get the :class:`HttpSession` instance the object is using.

   .. py:method:: get(start_time=None, end_time=None, **request_params)

      A method to get audit logs.

      :param start_time: A "%Y-%m-%dT%H:%M:%SZ" structured timestamp to begin from.
      :type start_time: str
      :param end_time: A "%Y-%m-%dT%H:%M:%S%Z" structured timestamp to end at.
      :type end_time: str
      :param request_params: Use to pass any additional parameters the API
      :type request_params: dict, optional

      :returns: The audit logs for the requested time period.
      :rtype: dict


   .. py:method:: search(json=None)

      A method to search audit logs.

      See the API documentation for this API endpoint for valid fields to search against.

      NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them,
      depending on the operation you are using.

      :param json: A list of dictionaries containing the desired search parameters:

                   - field (str): The name of the data field to which the condition applies

                   - expression (str): The comparison operator for the filter condition. Valid values are:

                       "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge",                 "lt", "le", "between"
                   - value (str, optional):  The value that the condition checks for in the specified field. Use this attribute              when using an operator that requires a single value.
                   - values (list of str, optional): The values that the condition checks for in the specified field. Use this             attribute when using an operator that requires multiple values.
      :type json: list of dicts

      :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API.