Grant read log
API permission.
External DocumentationTo learn more, visit the Duo documentation.
Basic Parameters
Parameter | Description |
---|---|
Applications | A comma-seperated list of application keys to filter the logs by. For example: DIY231J8BR23QK4UKBY8,DIF947T2MN58HZ1DPWRC .An application key can be retrieved from the application field of a previous List Authentication Logs output.If no value is provided, logs will be retrieved for all applications. |
Assessment | The risk-based authentication assessment to filter by. The assessment is based on risk-based factor selection (RBFS) and risk-based remembered device (RBRD) policy enforcement. This information is only available to Duo Premier and Duo Advantage planh customers. If no value is provided, logs will be retrieved for all assessments. |
Authentication Factors | The authentication factor or method to filter by. If no value is provided, logs will be retrieved for all factors. |
Detections | The risk-based authentication detections to filter by, identified during or after an authentication attempt. This information is only available to Duo Premier and Duo Advantage plan customers. If no value is provided, logs will be retrieved for all detections. |
Event Type | The type of authentication event to filter by. * Choose Authentication to filter logs related to authentication attempts.* Choose Enrollment to filter logs related to a user completing Duo’s inline enrollment.If no value is provided, logs will be retrieved for all event types. |
Groups | A comma-seperated list of group IDs to filter the logs by. For example: KJQZT852R7HNU3AWLERV,VBNRZ731L8QTY6WDFJHU .A group ID can be retrieved using the List Groups action.If no value is provided, logs will be retrieved for all groups. |
Maximum Time | Retrieve logs that have a timestamp of Maximum Time or earlier.This value must be strictly greater then Minimum Time . |
Minimum Time | Retrieve logs that have a timestamp of Minimum Time or later.This value must be strictly less then Maximum Time . |
Reasons | The reason associated with an authentication attempt to filter by. If no value is provided, logs will be retrieved for all reasons. Note: Enrollment events have no associated reason. |
Results | The result of an authentication attempt to filter by. If no value is provided, logs will be retrieved for any result. |
Security Tokens | A security token to filter by. Either a WebAuthn security key’s webauthnkey or U2F security key’s registration_id .If no value is provided, logs will be retrieved for any security token. |
Users | A comma-seperated list of user keys to filter the logs by. For example: DU3KC77WJ06Y5HIV7XKQ,QZ8RM22LT95F4EOG6JYP .A user key can be retrieved from the user field of a previous List Authentication Logs output.If no value is provided, logs will be retrieved for all users. |
Advanced Parameters
Parameter | Description |
---|---|
Limit | The maximum number of records to retrieve. Defaults to 100 , with maximum value of 1000 . |
Next Offset | The offset at which to start record retrieval. The offset is provided in the metadata field of a previous List Authentication Logs response in the form of a 13 character date string in milliseconds and the event txid .These two values must be provided together, separated by a comma (e.g. 1547486297000,5bea1c1e-612c-4f1d-b310-75fd31385b15 ).When used with Limit , the handler will return Limit records starting at the n-th record, where n is the offset. |
Sort | The order in which to return the logs. |