飞书 aPaaS平台-审计日志查询筛选功能说明
开发者可以通过查询审计日志列表API 中的查询参数 filter,指定筛选条件进行日志列表检索。格式为:左值(支持筛选的字段),操作符,右值。
[{"left":"eventName","operator":"=","right":[19001]}]支持多个条件组合筛选,如:
[{left: "operator", operator: "=", right: ["1806739689315545"]},{left: "eventName", operator: "in", right: [19055, 19056]}]请求头示例:
{
"quickQuery": "关键词",
"from": 1699965579130,
"to": 1700051979130,
"pageSize": 20, // 单页限制
"offset": 0, // 分页偏移量
"logType": 10000,
"appType":0 // 应用类型(0:飞书 aPaaS;1:飞书智能伙伴创建平台)
"columns": ["operator", "opTime", "logType" ...],
"filter": {
"items": [
{
"left": "operator", // 操作人
"operator": "=", // 等于
"right": [1771391137650734], // userID
},
{
"left": "outsider", // 是否外部用户
"operator": "!=", // 不等于
"right": [true],
},
{
"left": "deviceID", // 设备ID
"operator": "notEmpty", //不为空
"right": [],
},
{
"left": "module", // 事件模块
"operator": "empty", //为空
"right": [],
},
{
"left": "logType", // 日志类型
"operator": "in", // 属于
"right": [10001, 10002], // 枚举值,见数据枚举
},
{
"left": "osVersion", // 系统版本
"operator": "notIn", // 不属于
"right": ["1.0.1", "2.0.1"],
},
{
"left": "webDeviceID", //web 设备ID
"operator": "contain", // 包含
"right": ["chrome"], // 包含和不包含也仅有1个值
},
{
"left": "clientIP", //客户端 IP
"operator": "notContain", // 不包含
"right": ["123.24.20.45"], // 包含和不包含也仅有1个值
},
}
}可筛选的字段说明
| 支持筛选的字段(左值) | 数据类型 | 描述 |筛选示例| | --------- | --------------- | ------- | --------- | ---------| |operator | string | 操作人 |[{left: "operator", operator: "=", right: ["1806739689315545"]}]| |logType | enum | 日志类型(10000:所有类型;10001:企业管理日志;10002:登录日志;10003:应用管理日志;10005:应用开发日志) |[{left: "operator", operator: "=", right: ["1806739689315545"]}]| |eventName | enum | 事件名称,支持筛选的事件请见【审计事件列表】 |[{left: "eventName", operator: "in", right: [19055, 19056]}]}| |status | enum | 操作状态(18001:成功;18002:失败)|[{left: "status", operator: "=", right: [18001]}]| |outsider | bool | 是否为外部用户(true:是;false:否) |[{left: "outsider", operator: "=", right: [true]}]| |auditScope | enum | 审计域(操作在哪里产生,15001:企业管理后台;15002:应用管理后台;15003:应用开发态;15004:应用运行时) |[{left: "auditScope", operator: "notIn", right: [15003, 15004]}]| |namespace | string | 应用命名空间 |[{left: "namespace", operator: "=", right: ["package_810ea6__c"]}]| |appName | string | 应用名称 |[{left: "appName", operator: "=", right: ["这是一个应用名称"]}]| |envType | enum | 环境类型(16001:开发环境;16002:测试环境;16003:生产环境) |[{left: "envType", operator: "in", right: [16001, 16003]}]| |keywordFieldAppVersion | string | 应用版本 |[{left: "namespace", operator: "=", right: ["package_810ea6__c"]},{left: "keywordFieldAppVersion", operator: "contain", right: ["0.5.0"]}]| |opSource | enum | 操作来源(20001:用户界面操作;20002:流程执行;20003:云函数;20004:OpenAPI;20005:未知来源) |[{left: "opSource", operator: "in", right: [20001, 20002, 20003]}]| |dataObject | string | 数据对象 |[{left: "dataObject", operator: "=", right: ["test"]}]| |clientIP | string | 请求 IP |[{left: "clientIP", operator: "contain", right: [".118.2"]}]| |ipLoc | string | IP 地理位置 |[{left: "ipLoc", operator: "contain", right: ["CN-Hebei"]}]| |ipProvider | string | IP 供应商 |[{left: "ipProvider", operator: "=", right: ["feishu"]}]| |deviceID | string | 设备 ID |[{left: "deviceID", operator: "notEmpty"}]| |webDeviceID | string | WEB 设备 ID |[{left: "webDeviceID", operator: "=", right: ["7386524913106124803"]}]| |terminalType | enum | 端类型(13001:未知;13002:PC;13003:Web;13004:Android;13005:iOS;13006:MiniProgram) |[{left: "terminalType", operator: "=", right: [13002]}]| |osType | enum | 操作系统类型(14001:未知;14002:Windows;14003:Linux;14004:Mac;14005:Android;14006:iOS) |[{left: "osType", operator: "=", right: [14006]}]| |osVersion | string | 操作系统版本 |[{left: "osType", operator: "=", right: [14006]}]|