kolide_admin_userkolide_audit_logkolide_auth_logkolide_checkkolide_deprovisioned_personkolide_devicekolide_device_groupkolide_device_group_devicekolide_device_open_issuekolide_exemption_requestkolide_issuekolide_packagekolide_personkolide_person_groupkolide_person_open_issuekolide_person_registered_devicekolide_registration_request
Table: kolide_audit_log
Lists the tracked events occurring in the Kolide web console.
Examples
Basic info
select timestamp, description, actor_namefrom kolide_audit_log;List all events from the past day
select timestamp, description, actor_namefrom kolide_audit_logwhere timestamp > date_trunc('day', current_date) - interval '1 day';List all events performed by a specific user
select timestamp, description,from kolide_audit_logwhere actor_name = 'Dennis Nedry';Schema for kolide_audit_log
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| actor_name | text | =, ~~ | Name of the entity triggering this event. |
| description | text | =, ~~ | Description of the event that occurred. |
| id | text | = | Canonical identifier for this audit log event. |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| timestamp | timestamp with time zone | =, >, < | When this event occurred. |
| title | text | Display name for this event. |