AuditEventManager (Oracle Fusion Middleware Java API Reference for Oracle Identity Manager)

```
public interface AuditEventManager
```
The AuditEventManager is the interface for the Lightweight Audit Framework. It gives various APIs to log successful and failure audit messages.

It provides getDetails() and search() APIs as well to find specific audit events

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`AuditEventManagerResult`	`create(AuditEvent auditEvent)` Creates the audit event in the backend.
`AuditEventManagerBulkResult`	`createBulkAuditEvents(java.util.List auditEvents)` Bulk API to create the audit events in the backend.
`AuditEventManagerBulkResult`	`deleteBulkAuditEvents(SearchCriteria filter, java.util.Map options)`
`AuditEvent`	`getDetails(java.lang.String eventId, java.util.Set retAttrs)` Given an audit event ID, you can use this API to get the details of the audit event
`void`	`log(AuditEvent event)` This method logs the given event as is.
`void`	`logFailure(java.lang.String entityId, java.lang.String entityName, java.lang.String entityType, java.lang.String action, java.util.Map addValues, java.util.Map removeValues, java.lang.String reason)` This API accepts the entity details as parameters and creates a failure audit event internally This will internally invoke `log(AuditEvent event) API`
`void`	`logFailure(java.lang.String entityId, java.lang.String entityName, java.lang.String entityType, java.lang.String action, java.util.Map addValues, java.util.Map removeValues, java.lang.String toEntityId, java.lang.String toEntityName, java.lang.String toEntityType, java.lang.String reason)` This API accepts the entity details as parameters and creates a failure audit event internally This should be invoked for relationship entities (like `RoleRole` or `RoleUser`) This will internally invoke `log(AuditEvent event) API`
`void`	`logFailure(java.lang.String entityId, java.lang.String entityName, java.lang.String entityType, java.lang.String action, java.lang.String reason)` This API accepts the entity details as parameters and creates a failure audit event internally This will internally invoke `log(AuditEvent event) API`
`void`	`logSuccess(java.lang.String entityId, java.lang.String entityName, java.lang.String entityType, java.lang.String action)` This API accepts the entity details as parameters and creates an audit event internally This will internally invoke `log(AuditEvent event) API`
`void`	`logSuccess(java.lang.String entityId, java.lang.String entityName, java.lang.String entityType, java.lang.String action, java.util.Map addValues, java.util.Map removeValues)` This API accepts the entity details as parameters and creates an audit event internally This will internally invoke `log(AuditEvent event) API`
`void`	`logSuccess(java.lang.String entityId, java.lang.String entityName, java.lang.String entityType, java.lang.String action, java.util.Map addValues, java.util.Map removeValues, java.lang.String toEntityId, java.lang.String toEntityName, java.lang.String toEntityType)` This API accepts the entity details as parameters and creates an audit event internally This should be invoked for relationship entities (like `RoleRole` or `RoleUser` This will internally invoke `log(AuditEvent event) API`
`void`	`logSuccess(java.lang.String entityId, java.lang.String entityName, java.lang.String entityType, java.lang.String action, java.lang.String toEntityId, java.lang.String toEntityName, java.lang.String toEntityType)` This API accepts the entity details as parameters and creates an audit event internally This should be invoked for relationship entities (like `RoleRole` or `RoleUser` This will internally invoke `log(AuditEvent event) API`
`java.util.List`	`search(SearchCriteria sc, java.util.Set retAttrs, java.util.Map config)` This API lets you query for audit events by most fields of audit event.
`boolean`	`validateAuditEventIntegrity(java.lang.String eventId)` Validates the saved hash of the audit record is still valid, by computing new hash and comparing

- Method Detail
  - log
```
void log(AuditEvent event)
  throws AuditEventCreateException,
         AccessDeniedException
```
    This method logs the given event as is. If there are any mandatory null fields, those are populated with default values as follows
    eventActorId = -1000
    eventActorName = ANONYMOUS eventMechanish = ADMIN This will internally invoke create(AuditEvent entity) API
    
    Parameters:
    
    event - The audit event to be logged
    
    Throws:
    
    AuditEventCreateException - In case there's any exception while auditing the event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - logSuccess
```
void logSuccess(java.lang.String entityId,
                java.lang.String entityName,
                java.lang.String entityType,
                java.lang.String action)
         throws AuditEventCreateException,
                AccessDeniedException
```
    This API accepts the entity details as parameters and creates an audit event internally This will internally invoke log(AuditEvent event) API
    
    Parameters:
    
    entityId - The entityId (key) of the entity being audited (can NOT be null)
    
    entityName - The entity name of the entity being audited (can NOT be null)
    
    entityType - The entity type of the entity being audited (can NOT be null)
    
    action - The type of operation AuditConstants.AuditEventActions
    
    Throws:
    
    AuditEventCreateException - In case there's any exception while auditing the event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - logSuccess
```
void logSuccess(java.lang.String entityId,
                java.lang.String entityName,
                java.lang.String entityType,
                java.lang.String action,
                java.util.Map addValues,
                java.util.Map removeValues)
         throws AuditEventCreateException,
                AccessDeniedException
```
    This API accepts the entity details as parameters and creates an audit event internally This will internally invoke log(AuditEvent event) API
    
    Parameters:
    
    entityId - The entityId (key) of the entity being audited (can NOT be null)
    
    entityName - The entity name of the entity being audited (can NOT be null)
    
    entityType - The entity type of the entity being audited (can NOT be null)
    
    action - The type of operation AuditConstants.AuditEventActions
    
    addValues - the values being added in this operation on the entityId
    
    removeValues - the values being replaced/removed (if any) during the operation
    
    Throws:
    
    AuditEventCreateException - In case there's any exception while auditing the event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - logSuccess
```
void logSuccess(java.lang.String entityId,
                java.lang.String entityName,
                java.lang.String entityType,
                java.lang.String action,
                java.lang.String toEntityId,
                java.lang.String toEntityName,
                java.lang.String toEntityType)
         throws AuditEventCreateException,
                AccessDeniedException
```
    This API accepts the entity details as parameters and creates an audit event internally This should be invoked for relationship entities (like RoleRole or RoleUser This will internally invoke log(AuditEvent event) API
    
    Parameters:
    
    entityId - The entityId (key) of the entity being audited (can NOT be null)
    
    entityName - The entity name of the entity being audited (can NOT be null)
    
    entityType - The entity type of the entity being audited (can NOT be null)
    
    action - The type of operation AuditConstants.AuditEventActions
    
    toEntityId - The other entityId in a relation - e.g. if entityId is for a role, then toEntityId can be a user id
    
    toEntityName - The name of the other entity
    
    toEntityType - The type of the other entity
    
    Throws:
    
    AuditEventCreateException - In case there's any exception while auditing the event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - logSuccess
```
void logSuccess(java.lang.String entityId,
                java.lang.String entityName,
                java.lang.String entityType,
                java.lang.String action,
                java.util.Map addValues,
                java.util.Map removeValues,
                java.lang.String toEntityId,
                java.lang.String toEntityName,
                java.lang.String toEntityType)
         throws AuditEventCreateException,
                AccessDeniedException
```
    This API accepts the entity details as parameters and creates an audit event internally This should be invoked for relationship entities (like RoleRole or RoleUser This will internally invoke log(AuditEvent event) API
    
    Parameters:
    
    entityId - The entityId (key) of the entity being audited (can NOT be null)
    
    entityName - The entity name of the entity being audited (can NOT be null)
    
    entityType - The entity type of the entity being audited (can NOT be null)
    
    action - The type of operation AuditConstants.AuditEventActions
    
    addValues - the values being added in this operation on the entityId
    
    removeValues - the values being replaced/removed (if any) during the operation
    
    toEntityId - The other entityId in a relation - e.g. if entityId is for a role, then toEntityId can be a user id
    
    toEntityName - The name of the other entity
    
    toEntityType - The type of the other entity
    
    Throws:
    
    AuditEventCreateException - In case there's any exception while auditing the event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - logFailure
```
void logFailure(java.lang.String entityId,
                java.lang.String entityName,
                java.lang.String entityType,
                java.lang.String action,
                java.lang.String reason)
         throws AuditEventCreateException,
                AccessDeniedException
```
    This API accepts the entity details as parameters and creates a failure audit event internally This will internally invoke log(AuditEvent event) API
    
    Parameters:
    
    entityId - The entityId (key) of the entity being audited (can NOT be null)
    
    entityName - The entity name of the entity being audited (can NOT be null)
    
    entityType - The entity type of the entity being audited (can NOT be null)
    
    action - The type of operation AuditConstants.AuditEventActions
    
    reason - The reason for the failure - the error message
    
    Throws:
    
    AuditEventCreateException - In case there's any exception while auditing the event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - logFailure
```
void logFailure(java.lang.String entityId,
                java.lang.String entityName,
                java.lang.String entityType,
                java.lang.String action,
                java.util.Map addValues,
                java.util.Map removeValues,
                java.lang.String reason)
         throws AuditEventCreateException,
                AccessDeniedException
```
    This API accepts the entity details as parameters and creates a failure audit event internally This will internally invoke log(AuditEvent event) API
    
    Parameters:
    
    entityId - The entityId (key) of the entity being audited (can NOT be null)
    
    entityName - The entity name of the entity being audited (can NOT be null)
    
    entityType - The entity type of the entity being audited (can NOT be null)
    
    action - The type of operation AuditConstants.AuditEventActions
    
    addValues - the values being added in this operation on the entityId
    
    removeValues - the values being replaced/removed (if any) during the operation
    
    reason - The reason for the failure - the error message
    
    Throws:
    
    AuditEventCreateException - In case there's any exception while auditing the event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - logFailure
```
void logFailure(java.lang.String entityId,
                java.lang.String entityName,
                java.lang.String entityType,
                java.lang.String action,
                java.util.Map addValues,
                java.util.Map removeValues,
                java.lang.String toEntityId,
                java.lang.String toEntityName,
                java.lang.String toEntityType,
                java.lang.String reason)
         throws AuditEventCreateException,
                AccessDeniedException
```
    This API accepts the entity details as parameters and creates a failure audit event internally This should be invoked for relationship entities (like RoleRole or RoleUser) This will internally invoke log(AuditEvent event) API
    
    Parameters:
    
    entityId - The entityId (key) of the entity being audited (can NOT be null)
    
    entityName - The entity name of the entity being audited (can NOT be null)
    
    entityType - The entity type of the entity being audited (can NOT be null)
    
    action - The type of operation AuditConstants.AuditEventActions
    
    addValues - the values being added in this operation on the entityId
    
    removeValues - the values being replaced/removed (if any) during the operation
    
    toEntityId - The other entityId in a relation - e.g. if entityId is for a role, then toEntityId can be a user id
    
    toEntityName - The name of the other entity
    
    toEntityType - The type of the other entity
    
    reason - The reason for the failure - the error message
    
    Throws:
    
    AuditEventCreateException - In case there's any exception while auditing the event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - create
```
AuditEventManagerResult create(AuditEvent auditEvent)
                        throws ValidationFailedException,
                               EntityAlreadyExistsException,
                               EntityLockedException,
                               EntityCreateException,
                               AccessDeniedException
```
    Creates the audit event in the backend. If auditevent is populated correctly, this API may be directly called instead of logSuccess/logFailure
    
    Parameters:
    
    auditEvent - The audit event being created
    
    Returns:
    
    the result with success/failure status
    
    Throws:
    
    ValidationFailedException - In case there any validation failure
    
    EntityAlreadyExistsException - Not applicable to AuditEvent
    
    EntityLockedException - Not applicable to AuditEvent
    
    EntityCreateException - In case there's any exception while creating the audit event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - createBulkAuditEvents
```
AuditEventManagerBulkResult createBulkAuditEvents(java.util.List auditEvents)
                                           throws ValidationFailedException,
                                                  EntityAlreadyExistsException,
                                                  EntityLockedException,
                                                  EntityCreateException,
                                                  AccessDeniedException
```
    Bulk API to create the audit events in the backend.
    
    Parameters:
    
    auditEvents - The list of audit event being created in bulk
    
    Returns:
    
    the result with success/failure status
    
    Throws:
    
    ValidationFailedException - In case there any validation failure
    
    EntityAlreadyExistsException - Not applicable to AuditEvent
    
    EntityLockedException - Not applicable to AuditEvent
    
    EntityCreateException - In case there's any exception while creating the audit event
    
    AccessDeniedException - In case user doesn't have authorization to audit
  - getDetails
```
AuditEvent getDetails(java.lang.String eventId,
                      java.util.Set retAttrs)
               throws oracle.iam.platform.entitymgr.NoSuchEntityException,
                      EntitySearchException,
                      ValidationFailedException,
                      AccessDeniedException
```
    Given an audit event ID, you can use this API to get the details of the audit event
    
    Parameters:
    
    eventId - The audit event ID which would identify an audit event entry
    
    retAttrs - The values to be retrieved for the audit event.
    
    Returns:
    
    The audit event which matches the ID
    
    Throws:
    
    oracle.iam.platform.entitymgr.NoSuchEntityException - If this event id doesn't exist
    
    EntitySearchException - If an error occurred while finding the audit event
    
    ValidationFailedException - Not applicable to AuditEvent
    
    AccessDeniedException - In case user doesn't have authorization to find an audit event
  - search
```
java.util.List search(SearchCriteria sc,
                      java.util.Set retAttrs,
                      java.util.Map config)
               throws EntitySearchException,
                      oracle.iam.platform.entitymgr.NoSuchEntityException,
                      ValidationFailedException,
                      AccessDeniedException
```
    This API lets you query for audit events by most fields of audit event.
    
    Parameters:
    
    sc - The search criteria for finding audit events for specific entities
    
    retAttrs - The values to be retrieved for the audit events
    
    config - Parameters to further configure the search operation. There are four configuration parameters. STARTROW, ENDROW, SORTEDBY and SORTORDER.
    The STARTROW and ENDROW search configuration parameters indicates which subset of the complete search result is to be fetched.
    The SORTEDBY search configuration parameter indicates the attribute on which search result is to be sorted. This parameter is optional and is set to Role Name by default.
    The SORTORDER search configuration parameter indicates the order of sorting. There are two possible values for this parameter. To sort the result in ascending order use SortOrder.ASCENDING and to sort the result in descending order use SortOrder.DESCENDING. This parameter is optional and is set to SortOrder.ASCENDING by default.
    
    Returns:
    
    the list of auditevents matching the criteria. Empty list is returned if no matches are found
    
    Throws:
    
    oracle.iam.platform.entitymgr.NoSuchEntityException - Not applicable to AuditEvent
    
    EntitySearchException - If an error occurred while searching by the criteria
    
    ValidationFailedException - Not applicable to AuditEvent
    
    AccessDeniedException - In case user doesn't have authorization to search for audit events
  - deleteBulkAuditEvents
```
AuditEventManagerBulkResult deleteBulkAuditEvents(SearchCriteria filter,
                                                  java.util.Map options)
                                           throws oracle.iam.platform.entitymgr.NoSuchEntityException,
                                                  java.lang.UnsupportedOperationException,
                                                  oracle.iam.platform.entitymgr.ProviderException,
                                                  EntityLockedException,
                                                  EntityDeleteException
```
    Parameters:
    
    filter - The search criteria for finding Audit Events to delete.
    
    options - The operation parameters, e.g. batch size.
    
    Returns:
    
    AuditEventManagerBulkResult containing status plus a Map of returned values.
    
    Throws:
    
    oracle.iam.platform.entitymgr.NoSuchEntityException - Not applicable to AuditEvent
    
    EntityDeleteException - If an error occurred while deleting the audit events.
    
    EntityLockedException
    
    oracle.iam.platform.entitymgr.ProviderException - If the provider throws an exception.
    
    java.lang.UnsupportedOperationException - If the provider does not support the remove operation.
  - validateAuditEventIntegrity
```
boolean validateAuditEventIntegrity(java.lang.String eventId)
                             throws oracle.iam.platform.entitymgr.NoSuchEntityException,
                                    EntitySearchException,
                                    ValidationFailedException,
                                    AccessDeniedException,
                                    oracle.iam.platform.utils.crypto.CryptoException
```
    Validates the saved hash of the audit record is still valid, by computing new hash and comparing
    
    Parameters:
    
    eventId - The audit event id
    
    Returns:
    
    true if the stored hash is still valid for the audit record.
    
    Throws:
    
    oracle.iam.platform.entitymgr.NoSuchEntityException - If this event id doesn't exist
    
    EntitySearchException - If an error occurred while finding the audit event
    
    ValidationFailedException - Not applicable to AuditEvent
    
    AccessDeniedException - In case user doesn't have authorization to find an audit event
    
    oracle.iam.platform.utils.crypto.CryptoException

Interface AuditEventManager

Method Summary

Method Detail

log

logSuccess

logSuccess

logSuccess

logSuccess

logFailure

logFailure

logFailure

create

createBulkAuditEvents

getDetails

search

deleteBulkAuditEvents

validateAuditEventIntegrity