Help Center/ Host Security Service/ API Reference/ API Description/ Cluster Management/ Querying the Audit Log List of the Kubernetes Cluster
Updated on 2025-08-15 GMT+08:00

Querying the Audit Log List of the Kubernetes Cluster

Function

This API is used to query the audit log list of the Kubernetes cluster.

Calling Method

For details, see Calling APIs.

URI

GET /v5/{project_id}/container/kubernetes/cluster/audit-logs

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

The project ID.

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

enterprise_project_id

No

String

Specifies the ID of the enterprise project that the server belongs to.

An enterprise project can be configured only after the enterprise project function is enabled.

Enterprise project ID. The value 0 indicates the default enterprise project. To query servers in all enterprise projects, set this parameter to all_granted_eps. If you have only the permission on an enterprise project, you need to transfer the enterprise project ID to query the server in the enterprise project. Otherwise, an error is reported due to insufficient permission.

cluster_id

Yes

String

Cluster ID

cluster_name

No

String

Cluster name

host_name

No

String

Host name

host_id

No

String

Host ID.

host_ip

No

String

Host IP address.

verb

No

String

Actions recorded in audit logs. The options are as follows:

  • create: resource creation

  • delete: resource deletion

  • deletecollection: batch resource deletion

  • patch: resource modification

  • update: resource update

  • get: resource obtaining

  • list: resource list obtaining

  • watch: resource monitoring

start_time

Yes

Long

Minimum time for querying logs

end_time

Yes

Long

Maximum time for querying logs

limit

Yes

Integer

Number of records displayed on each page. The default value is 10.

offset

Yes

Integer

Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

line_num

No

String

Page number to be transferred when CCE cluster logs are queried.

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token.

It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token.

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

total_num

Integer

Total number of log events.

data_list

Array of ClusterAuditLogResponseInfo objects

Audit log list of the Kubernetes cluster

Table 5 ClusterAuditLogResponseInfo

Parameter

Type

Description

cluster_name

String

Cluster name

cluster_id

String

Cluster ID

time

Long

Time when a log is generated

content

String

Audit log content, which is a string in JSON format.

cluster_type

String

Cluster type. Its value can be:

  • cce: CCE cluster

  • ali: Alibaba Cloud cluster

  • tencent: Tencent Cloud cluster

  • azure: Microsoft Azure Cloud cluster

  • aws: AWS Cloud cluster

  • self_built_hw: customer-built cluster on Huawei Cloud

  • self_built_idc: IDC on-premises cluster

host_id

String

Server ID.

host_name

String

Host name

host_ip

String

Host IP address.

line_num

String

Row number of the CCE cluster log

Example Requests

None

Example Responses

Status code: 200

Request succeeded.

{
  "total_num" : 1,
  "data_list" : [ {
    "cluster_name" : "ywk-55555",
    "cluster_id" : "b075094b-d21a-499a-9006-624089c94402",
    "time" : 1814080859608,
    "content" : "listImageTagscdcssd-2/log4j:*, Method: GET Url=/v2/manage/namespaces/cdcssd-2/repos/log4j/tags, Reason",
    "cluster_type" : "cce",
    "host_id" : "16***0dc-94cb-4ca3-9087-06***cd168c1",
    "host_name" : 111,
    "host_ip" : "192.168.0.93"
  } ]
}

SDK Sample Code

The SDK sample code is as follows.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.hss.v5.region.HssRegion;
import com.huaweicloud.sdk.hss.v5.*;
import com.huaweicloud.sdk.hss.v5.model.*;


public class ListClusterAuditLogsSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        HssClient client = HssClient.newBuilder()
                .withCredential(auth)
                .withRegion(HssRegion.valueOf("<YOUR REGION>"))
                .build();
        ListClusterAuditLogsRequest request = new ListClusterAuditLogsRequest();
        try {
            ListClusterAuditLogsResponse response = client.listClusterAuditLogs(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkhss.v5.region.hss_region import HssRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkhss.v5 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = HssClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(HssRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListClusterAuditLogsRequest()
        response = client.list_cluster_audit_logs(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    hss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/hss/v5/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := hss.NewHssClient(
        hss.HssClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListClusterAuditLogsRequest{}
	response, err := client.ListClusterAuditLogs(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

Request succeeded.

Error Codes

See Error Codes.