|
Data Entity |
Add |
{
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "Entity",
"subcategory": "created",
"message": "admin created DataEntity named <Policy name>"
},
"admin": {
"ecoId": "<Eco ID>"
},
"entity": {
"id": "<ID>",
"type": "DATAENTITY",
"displayName": "<Entity display name>"
},
"changes": {
"regions": {
"new": "<Region>"
},
"name":{
"new": "<Data entity name>"
"description": {
"new": "<Description>"
},
"infoTypes": {
"new": "<Info types>"
},
"Type": {
"new": "<Data type>"
},
"Parameters": {
"new": "<parameters>"
},
"algorithm":{
"new":<Algorithm>
}
}
|
|
Data Entity |
Edit |
{
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "ENTITY",
"subcategory": "UPDATED",
"message": "admin updated DataEntity named <Data entity name>",
"crud": {
"admin": {
"ecoId": "<Eco ID>"
},
"entity": {
"id": "<ID>",
"type": "DATAENTITY",
"displayName": "<Data entity display name>"
},
"changes": {
"description": {
"new": "<New description>",
"old": "<Old description>"
}
}
}
}
|
|
Data Entity |
Remove |
{
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "ENTITY",
"subcategory": "DELETED",
"message": "admin deleted DataEntity named <Data entity name>",
"crud": {
"admin": {
"ecoId": "<Eco ID>"
},
"entity": {
"id": "<ID>",
"type": "DATAENTITY",
"displayName": "<Data entity display name>"
}
}
}
|
|
Evidence File |
Download |
{
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "ENTITY",
"subcategory": "READ",
"message": "Evidence File is downloaded",
"crud": {
"admin": {
"ecoId": "<Eco ID>"
},
"entity": {
"id": "<ID>",
"type": "<Entity type>"
}
}
}
|
|
Evidence File |
Remove |
{
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "ENTITY",
"subcategory": "DELETED",
"message": "Evidence File is DELETED",
"crud": {
"admin": {
"ecoId": "<Eco ID>"
},
"entity": {
"id": "<ID>",
"type": "<Entity type>"
}
}
}
|
|
Policy |
Add |
{
"common": {
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "Entity",
"subcategory": "created",
"message": "admin created Policy named <Policy name>"
},
"admin": {
"ecoId": "<Eco ID>"
},
"entity": {
"id": "<ID>",
"type": "PROFILE",
"displayName": "<Entity display name>"
},
"changes": {
"emailDomainsRule": {
"new": "<Domain rule>"
},
"condition": {
"new": "<Condition>"
},
"policyName": {
"new": "<Policy name>"
},
"policyType": {
"new": "<Policy type>"
},
"description": {
"new": "<Description>"
},
"policyRules": {
"new": "<Policy rules>"
},
"classification": {
"new": "<Classification>"
},
"browserDomains": {
"new": "<Browser domains>"
}
}
}
|
|
Policy |
Edit |
{
"common": {
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "Entity",
"subcategory": "Updated",
"message": "admin created Policy named <Policy name>"
},
"admin": {
"ecoId": " "
},
"entity": {
"id": "fbfa8366-e58c-4018-925f-2a536dce4c2d",
"type": "PROFILE",
"displayName": "policy-test-name-created-from-auto-test"
},
"changes":
{
"policyName":{
"old" : "HIPAA",
"new" : "HIPAA Compliance"
},
"condition": {
"old": "<Old condition>",
"new":"<New condition>"
},
"policyRules": {
"old":[{<Old policy rules>}],
"new":[{<New policy rules>}]
},
"policyConfigs": {
"old":[{<Old policy rules>}],
"new":[{<New policy rules>}]
},
"browserDomains":{
"old":<Old browser domains>,
"new":<New browser domains>
},
"emailDomainsRule": {
"old":<Old domain rule>,
"new":<New domain rule>
}
}
}
|
|
Policy |
Remove |
{
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "ENTITY",
"subcategory": "DELETED",
"message": "admin DELETED Policy named <Policy name>",
"crud": {
"admin": {
"ecoId": "<Eco ID>"
},
"entity": {
"id": "<ID>",
"type": "PROFILE",
"displayName": "<Entity display name>"
}
}
}
|
|
Setting |
Update |
{
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "SETTING",
"subcategory": "UPDATED",
"message": "admin UPDATED DLP settings",
"crud": {
"admin": {
"ecoId": "<Eco ID>"
},
"changes": {
"ui.tenant.setting.emailRecipients": {
"new": "<New email recipients>",
"old": "<Old email recipients>"
}
}
}
}
|
|
Template |
Remove |
{
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "ENTITY",
"subcategory": "DELETED",
"message": "Template <Template name> was deleted",
"crud": {
"admin": {
"ecoId": "<Eco ID>"
},
"entity": {
"id": "<ID>",
"type": "TEMPLATE",
"displayName": "<Template name>"
}
}
}
|
|
Template |
Add |
{
"id": "<ID>",
"tenantId": "<Tenant ID>",
"occurred": "<Date/Time>",
"traceId": "<Trace ID>",
"spanId": "<Span ID>",
"source": "com.blackberry.dlp",
"type": "AUDIT",
"category": "ENTITY",
"subcategory": "CREATED",
"message": "Template <Template name> was created",
"crud": {
"admin": {
"ecoId": "<Eco ID>"
},
"entity": {
"id": "<ID>",
"type": "TEMPLATE",
"displayName": "<Template name>"
},
"changes": {
"condition": {
"new": "<Condition>"
},
"regions": {
"new": "<Region>"
},
"name": {
"new": "<Template name>"
},
"description": {
"new": <Description>"
},
"infoTypes": {
"new": "<Info type>"
},
"type": {
"new": "<Template type>"
}
}
}
}
|
