Complete API reference for integrating Argus into your microservices architecture.
- Development:
http://localhost:3001 - Production:
https://argus.yourdomain.comorhttp://argus-service:3001(internal)
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/audit-logs |
Create a new audit log entry |
| GET | /api/audit-logs |
Retrieve audit logs with filtering |
| GET | /health |
Service health check |
| GET | /version |
Service version information |
Endpoint: POST /api/audit-logs
Request Body:
| Field | Type | Required | Description |
|---|---|---|---|
timestamp |
string | Required | ISO 8601 timestamp (RFC3339 format) |
status |
string | Required | Event status: SUCCESS or FAILURE |
actorType |
string | Required | Actor type: SERVICE, ADMIN, MEMBER, SYSTEM |
actorId |
string | Required | Actor identifier (email, UUID, service name) |
targetType |
string | Required | Target type: SERVICE or RESOURCE |
traceId |
string (UUID) | Optional | Trace ID for distributed tracing |
eventType |
string | Optional | Custom event type (e.g., MANAGEMENT_EVENT) |
eventAction |
string | Optional | Action: CREATE, READ, UPDATE, DELETE |
targetId |
string | Optional | Target identifier |
requestMetadata |
object | Optional | Request payload (without PII/sensitive data) |
responseMetadata |
object | Optional | Response or error details |
additionalMetadata |
object | Optional | Additional context-specific data |
Example Request:
curl -X POST http://localhost:3001/api/audit-logs \
-H "Content-Type: application/json" \
-d '{
"traceId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": "2024-01-20T10:00:00Z",
"eventType": "MANAGEMENT_EVENT",
"eventAction": "READ",
"status": "SUCCESS",
"actorType": "SERVICE",
"actorId": "my-service",
"targetType": "SERVICE",
"targetId": "target-service",
"requestMetadata": {"schemaId": "schema-123"},
"responseMetadata": {"decision": "ALLOWED"}
}'Success Response: 201 Created
{
"id": "550e8400-e29b-41d4-a716-446655440001",
"traceId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": "2024-01-20T10:00:00Z",
"eventType": "MANAGEMENT_EVENT",
"status": "SUCCESS",
"actorType": "SERVICE",
"actorId": "my-service",
"targetType": "SERVICE",
"targetId": "target-service",
"createdAt": "2024-01-20T10:00:00.123456Z"
}Error Response: 400 Bad Request
{
"error": "Validation error: invalid timestamp format, expected RFC3339"
}Endpoint: GET /api/audit-logs
Query Parameters:
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
traceId |
string (UUID) | Optional | - | Filter by trace ID |
eventType |
string | Optional | - | Filter by event type |
eventAction |
string | Optional | - | Filter by event action |
status |
string | Optional | - | Filter by status (SUCCESS or FAILURE) |
limit |
integer | Optional | 100 | Max results per page (1-1000) |
offset |
integer | Optional | 0 | Number of results to skip |
Example Requests:
# Get all audit logs (paginated)
curl http://localhost:3001/api/audit-logs
# Filter by trace ID
curl http://localhost:3001/api/audit-logs?traceId=550e8400-e29b-41d4-a716-446655440000
# Filter by event type
curl http://localhost:3001/api/audit-logs?eventType=MANAGEMENT_EVENT
# Multiple filters with pagination
curl http://localhost:3001/api/audit-logs?eventType=MANAGEMENT_EVENT&status=SUCCESS&limit=20&offset=0Success Response: 200 OK
{
"logs": [
{
"id": "550e8400-e29b-41d4-a716-446655440001",
"traceId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": "2024-01-20T10:00:00Z",
"eventType": "MANAGEMENT_EVENT",
"status": "SUCCESS",
"actorType": "SERVICE",
"actorId": "my-service",
"targetType": "SERVICE",
"targetId": "target-service",
"createdAt": "2024-01-20T10:00:00.123456Z"
}
],
"total": 100,
"limit": 100,
"offset": 0
}Endpoint: GET /health
curl http://localhost:3001/healthResponse: 200 OK
{
"service": "argus",
"status": "healthy"
}Endpoint: GET /version
curl http://localhost:3001/versionResponse: 200 OK
{
"service": "argus",
"version": "1.0.0",
"buildTime": "2024-01-20T10:00:00Z",
"gitCommit": "abc123def456"
}SUCCESS- Event completed successfullyFAILURE- Event failed or encountered an error
SERVICE- Internal serviceADMIN- Administrator userMEMBER- End user/memberSYSTEM- System-level operations
SERVICE- Target is a serviceRESOURCE- Target is a resource
CREATE- Resource creationREAD- Data retrievalUPDATE- Resource modificationDELETE- Resource deletion
Custom event types can be defined per use case:
MANAGEMENT_EVENT- Administrative actionUSER_MANAGEMENT- User management operationsDATA_FETCH- Data retrieval operation
Always use RFC3339 format (ISO 8601):
- Correct:
2024-01-20T10:00:00Z - Correct:
2024-01-20T10:00:00.123456Z - Wrong:
2024-01-20 10:00:00
- Use UUIDs (RFC 4122) for trace IDs
- Generate at the entry point of a distributed flow
- Pass through all services in the request chain
- Use
nullfor standalone events
DO:
- Include operation context in
requestMetadata - Include decision/result in
responseMetadata - Use
additionalMetadatafor service-specific context
DON'T:
- Store PII (Personally Identifiable Information)
- Store sensitive data (passwords, tokens, keys)
- Store full response payloads with user data
Example:
{
"requestMetadata": {
"schemaId": "schema-123",
"requestedFields": ["name", "address"]
},
"responseMetadata": {
"decision": "ALLOWED",
"fieldsReturned": 2
}
}Always log failed operations:
{
"status": "FAILURE",
"responseMetadata": {
"error": "operation_failed",
"errorMessage": "Resource not found",
"errorCode": "404"
}
}For large result sets, use pagination:
# First page
GET /api/audit-logs?limit=100&offset=0
# Second page
GET /api/audit-logs?limit=100&offset=100Use the total field in the response to calculate total pages.
You can test the API using:
- curl - Command-line HTTP client (examples provided above)
- Postman - Import the API endpoints manually
- HTTPie - User-friendly HTTP client