The Controller audit history is a record of the configuration and user activities in the Controller configuration. The ControllerAuditHistory API method returns the audit log for the time range specified. The output format can be JSON or CSV. This information is the same as that found in the audit.log file. See Platform Log Files and Log File Information by Platform

Format

GET /controller/ ControllerAuditHistory?startTime=<start-time>&endTime=<end-time>&include=<field>:<value>&exclude=<field>:<value>

Input parameters

Parameter Name

Parameter Type

Value

Mandatory

start-time

Query

Start time in the format: yyyy-MM-dd'T'HH:mm:ss.SSSZ

Yes

end-time

Query

End time in the format: yyyy-MM-dd'T'HH:mm:ss.SSSZ

Yes

time-zone-idQueryTime zoneNo
includeQueryRestricted information in the Controller audit historyNo
excludeQueryRestricted information in the Controller audit historyNo
http://localhost:8080/controller/ControllerAuditHistory?startTime=yyyy-MM-dd&HH:mm:ss.SSSZ&endTime=yyyy-MM-dd&HH:mm:ss.SSSZ?include=filterName1:filterValue1&include=filterName1:filterValue1&exclude=filterName1:filterValue1&exclude=filterName1:filterValue1
curl --user user1@customer1:welcome "http://demo.appdynamics.com:8090/controller/ControllerAuditHistory?startTime=2015-12-19T10:50:03.607-0700&endTime=2015-12-19T17:50:03.607-0700&timeZoneId=America%2FSan%20Francisco&include=userName:user1&include=action:LOGIN&exclude=accountName:system&exclude=action:OBJECT_UPDATE"
  
[{"timeStamp":1450569821811,"auditDateTime":"2015-12-20T00:03:41.811+0000","accountName":"customer1","securityProviderType":"INTERNAL","userName":"user1","action":"LOGIN"},{"timeStamp":1450570234518,"auditDateTime":"2015-12-20T00:10:34.518+0000","accountName":"customer1","securityProviderType":"INTERNAL","userName":"user1","action":"LOGIN"},{"timeStamp":1450570273841,"auditDateTime":"2015-12-20T00:11:13.841+0000","accountName":"customer1","securityProviderType":"INTERNAL","userName":"user1","action":"OBJECT_CREATED","objectType":"AGENT_CONFIGURATION"},
...
{"timeStamp":1450570675345,"auditDateTime":"2015-12-20T00:17:55.345+0000","accountName":"customer1","securityProviderType":"INTERNAL","userName":"user1","action":"OBJECT_DELETED","objectType":"BUSINESS_TRANSACTION"},{"timeStamp":1450570719240,"auditDateTime":"2015-12-20T00:18:39.240+0000","accountName":"customer1","securityProviderType":"INTERNAL","userName":"user1","action":"APP_CONFIGURATION","objectType":"APPLICATION","objectName":"ACME Book Store Application"},{"timeStamp":1450571834835,"auditDateTime":"2015-12-20T00:37:14.835+0000","accountName":"customer1","securityProviderType":"INTERNAL","userName":"user1","action
 
curl --user user1@customer1:welcome "http://127.0.0.1:8080/controller/ControllerAuditHistory?startTime=2019-05-28T08:00:03.607-0700&endTime=2019-05-28T11:32:03.607-0700&timeZoneId=America%2FSan%20Francisco&include=applicationName:ACME"
[{"timeStamp":1559066415823,"auditDateTime":"2019-05-28T18:00:15.823+0000","accountName":"customer1","securityProviderType":"INTERNAL","userName":"user1","action":"LOGIN","objectId":0,"applicationName":"ACME"}]

Positive Time Zone Offsets

When you use the Controller Audit History API URL with a positive time zone offset such as +0100, +0530 to fetch audit logs, an error occurs.

For example, if you are in the UTC+1/CET time zone and want to fetch audit logs from 11 AM to 12 PM using the API, an error occurs when you enter the time zone as +0100 in the API URL:

https://customer1.saas.appdynamics.com/controller/ControllerAuditHistory?startTime=2025-03-25T11:00:00.000+0100&endTime=2025-03-25T12:00:00.000+0100

This issue arises because the plus sign (+) is converted into a space during the URL encoding and decoding process.

Workaround:

To use a positive time zone offset in your API URL, you must replace the plus (+)  sign with the character %2B. The modified API URL is as follows:

https://customer1.saas.appdynamics.com/controller/ControllerAuditHistory?startTime=2025-03-25T11:00:00.000%2B0100&endTime=2025-03-25T12:00:00.000%2B0100