EventĪctions related to registering, updating, and revoking service account tokens. EventĪctions related to adding service accounts. EventĪctions related to viewing and exporting reports. EventĪctions related to provisioning new team members. Multi-factor authentication of a certain type was disabled for everyone in the account.Īctions related to team members sending a copy of an item within 1Password. Multi-factor authentication was disabled for everyone in the account.ĭisable Multi-Factor Authentication Type For All Users Multi-factor authentication was disabled.ĭisable Multi-Factor Authentication For All Users Multi-factor authentication ID, multi-factor authentication type The account's item sharing settings were updated.Īctions related to enabling, updating, and removing multi-factor authentication. Number of items that were marked to be purged.Īrchived vault items were marked to be purged. Vault Content Version, number of items deleted.ĭeleted vault items were marked to be purged. Vault Content Version, number of items added or updated. The email address the invite was sent to.Īctions related to creating, editing, archiving, and deleting items. Group ID, group UUID, Access Control ListĪctions related to inviting team members and guests. EventĪ user's group membership role was changed.Īctions related to modifying groups' access to vaults. EventĪctions related to updating team members' group membership. EventĪctions related to creating, updating, and removing groups. EventĪctions related to firewall settings. EventĪ team member linked their free family account.Ī team member unlinked their free family account.Īctions related to creating documents. EventĪn email change was proposed by an admin.Īctions related to linking and unlinking family accounts. EventĪ device was reauthorized after being deauthorizedĪctions related to beginning and completing email changes for team members. EventĪctions related to authorizing and removing devices. The Duo configuration for the account was updated.Īctions related to delegating sessions. EventĪccount attributes, such as the name, were changed. The following example event shows that a team member joined a group as a group manager:Īctions related to updating and confirming accounts. To understand the activity an audit event object is describing, you'll need to look at the action and object_type fields as well as any aux info fields that may be included. aux_info: Additional information about the activity.aux_uuid: The unique identifier that relates to additional information about the activity.aux_id: The identifier that relates to additional information about the activity.object_uuid: The unique identifier for the object the action was performed on.object_type: The type of object that the action was performed on.action: The type of action that was performed.actor_uuid: The unique identifier for the team member who performed the action.timestamp: When the action was performed.uuid: The unique identifier for the event.Event objects can include the following properties: When you use the 1Password Events API to fetch audit events from your 1Password Business account, the API will return a JSON array of audit event objects. Audit event data includes actions performed by team members in a 1Password account, such as changes made to the account, vaults, groups, users, and more. You can use the 1Password Events API to return audit events from the Activity Log of your 1Password Business account and send them to your security information and event management (SIEM) system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |