This page provides JSON examples of different types of audit events. Administrators can view these audit logs as described in Account Management audit logs.
The contents of the JSON schema may be extended in the future to accommodate additional information, but nothing will be removed.
You can create, update, and delete policies. The code block below provides a JSON example of creating a policy.
{"timestamp": "2026-01-21T08:06:33.137823893Z","eventId": "c7083308-31ca-4210-a7e4-40bd62d07c1c","eventProvider": "Identity & access management","eventType": "CREATE", / "UPDATE", / "DELETE","resource": "POLICY","resourceName": "Policy4","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationGrantType": "AUTHORIZATION_CODE","authenticationType": "OAUTH2","details": {"json_after": "{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"description\":\"\",\"tags\":[],\"statementQuery\":\"//States\\nALLOW state:app-states:delete, state:app-states:read, state:app-states:write, state:user-app-states:read, state:user-app-states:write, state:user-app-states:delete, state-management:user-app-states:delete, state-management:user-app-states:delete-all;\\n\\n//Hub\\nALLOW hub:catalog:read;\\n\\n//AppEngine\\nALLOW app-engine:apps:run, app-engine:functions:run, app-engine:edge-connects:read;\\n\\n//Classics\\nALLOW environment:roles:viewer, environment:roles:view-security-problems;\\n\\n//Extensions\\nALLOW extensions:definitions:read;\"}","json_before": "null","json_patch": "[{\"op\":\"replace\",\"path\":\"/\",\"value\":{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"description\":\"\",\"tags\":[],\"statementQuery\":\"//States\\nALLOW state:app-states:delete, state:app-states:read, state:app-states:write, state:user-app-states:read, state:user-app-states:write, state:user-app-states:delete, state-management:user-app-states:delete, state-management:user-app-states:delete-all;\\n\\n//Hub\\nALLOW hub:catalog:read;\\n\\n//AppEngine\\nALLOW app-engine:apps:run, app-engine:functions:run, app-engine:edge-connects:read;\\n\\n//Classics\\nALLOW environment:roles:viewer, environment:roles:view-security-problems;\\n\\n//Extensions\\nALLOW extensions:definitions:read;\"},\"oldValue\":null}]"},"eventOutcome": "SUCCESS","eventVersion": "1.0.0","originAddress": "12.123.123.123","originType": "REST","originXForwardedFor": "12.345.678.901, 10.111.213.141","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","userOrganization": "DYNATRACE","user": "DYNATRACE"}
You can create, update, and delete groups. The code block below is a JSON example of updating the policy for a group.
{"timestamp": "2026-01-21T08:07:06.239203135Z","eventId": "bf6b4609-b3de-4d46-acee-b603b3912fb5","eventProvider": "Identity & access management","eventType": "UPDATE_POLICIES", / "UPDATE_ROLES", / "UPDATE","resource": "GROUP","resourceName": "grp_5","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationGrantType": "AUTHORIZATION_CODE","authenticationType": "OAUTH2","details": {"json_after": "{\"account\":[{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy3\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}},{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}}],\"environments\":{}}","json_before": "{\"account\":[{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy3\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}}],\"environments\":{}}","json_patch": "[{\"op\":\"add\",\"path\":\"/account/1\",\"value\":{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}},\"oldValue\":null}]"},"eventOutcome": "SUCCESS","eventVersion": "1.0.0","originAddress": "12.123.123.123","originType": "REST","originXForwardedFor": "12.345.678.901, 10.111.213.141","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","userOrganization": "DYNATRACE","user": "DYNATRACE"}
You can create, update, and delete boundaries. The code block below is a JSON example of creating a boundary.
{"timestamp": "2026-01-21T10:22:15.446477947Z","eventId": "ba70630b-6153-4ec2-9ea4-9dae5ad45fc6","eventProvider": "Identity & access management","eventType": "CREATE", / "UPDATE", / "DELETE"."resource": "BOUNDARY","resourceName": "TEST boundary","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationGrantType": "AUTHORIZATION_CODE","authenticationType": "OAUTH2","details": {"json_after": "{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"TEST boundary\",\"metadata\":{},\"boundaryQuery\":\"settings:schemaId = \\\"buitlin:test\\\";\"}","json_before": "null","json_patch": "[{\"op\":\"replace\",\"path\":\"/\",\"value\":{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"TEST boundary\",\"metadata\":{},\"boundaryQuery\":\"settings:schemaId = \\\"buitlin:test\\\";\"},\"oldValue\":null}]"},"eventOutcome": "SUCCESS","eventVersion": "1.0.0","originAddress": "12.123.123.123","originType": "REST","originXForwardedFor": "12.345.678.901, 10.111.213.141","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","userOrganization": "DYNATRACE","user": "DYNATRACE"}