Table: kolide_audit_log
Lists the tracked events occurring in the Kolide web console.
Examples
Basic info
select timestamp, description, actor_namefrom kolide_audit_log;List all events from the past day
select timestamp, description, actor_namefrom kolide_audit_logwhere timestamp > date_trunc('day', current_date) - interval '1 day';List all events performed by a specific user
select timestamp, description,from kolide_audit_logwhere actor_name = 'Dennis Nedry';Schema for kolide_audit_log
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| actor_name | text | =, ~~ | Name of the entity triggering this event. |
| description | text | =, ~~ | Description of the event that occurred. |
| id | text | = | Canonical identifier for this audit log event. |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| timestamp | timestamp with time zone | =, >, < | When this event occurred. |
| title | text | Display name for this event. |