This page provides JSON examples of different types of audit events. Administrators can view these audit logs as described in Account Management audit logs.
The contents of the JSON schema may be extended in the future to accommodate additional information, but nothing will be removed.
Accounts can be created, updated, and deleted. The code block below is a JSON example of updating an account from active to inactive.
{"userId": "system","timestamp": "2026-02-27T00:00:02.951958812Z","eventId": "ba70630b-6153-4ec2-9ea4-9dae5ad45fc6","eventProvider": "Account","eventType": "STATE_CHANGED","resource": "ACCOUNT","resourceName": "TEST name","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationType": "NONE","details": {"json_after": {"state": "INACTIVE"},"json_before": {"state": "ACTIVE"},"json_patch": {"state": {"from": "ACTIVE","to": "INACTIVE"}}},"eventOutcome": "success","eventVersion": "1.0.0","originType": "LOCAL","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","user": "SYSTEM","userName": "System","userOrganization": "DYNATRACE"}
You can create, update, and delete boundaries. The code block below is a JSON example of creating a boundary.
{"timestamp": "2026-01-21T10:22:15.446477947Z","eventId": "ba70630b-6153-4ec2-9ea4-9dae5ad45fc6","eventProvider": "Identity & access management","eventType": "CREATE", / "UPDATE", / "DELETE","resource": "BOUNDARY","resourceName": "TEST boundary","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationGrantType": "AUTHORIZATION_CODE","authenticationType": "OAUTH2","details": {"json_after": "{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"TEST boundary\",\"metadata\":{},\"boundaryQuery\":\"settings:schemaId = \\\"buitlin:test\\\";\"}","json_before": "null","json_patch": "[{\"op\":\"replace\",\"path\":\"/\",\"value\":{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"TEST boundary\",\"metadata\":{},\"boundaryQuery\":\"settings:schemaId = \\\"buitlin:test\\\";\"},\"oldValue\":null}]"},"eventOutcome": "SUCCESS","eventVersion": "1.0.0","originAddress": "12.123.123.123","originType": "REST","originXForwardedFor": "12.345.678.901, 10.111.213.141","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","userOrganization": "DYNATRACE","user": "DYNATRACE"}
You can create, update, and delete groups. The code block below is a JSON example of updating the policy for a group.
{"timestamp": "2026-01-21T08:07:06.239203135Z","eventId": "bf6b4609-b3de-4d46-acee-b603b3912fb5","eventProvider": "Identity & access management","eventType": "UPDATE_POLICIES", / "UPDATE_ROLES", / "UPDATE","resource": "GROUP","resourceName": "grp_5","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationGrantType": "AUTHORIZATION_CODE","authenticationType": "OAUTH2","details": {"json_after": "{\"account\":[{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy3\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}},{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}}],\"environments\":{}}","json_before": "{\"account\":[{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy3\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}}],\"environments\":{}}","json_patch": "[{\"op\":\"add\",\"path\":\"/account/1\",\"value\":{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}},\"oldValue\":null}]"},"eventOutcome": "SUCCESS","eventVersion": "1.0.0","originAddress": "12.123.123.123","originType": "REST","originXForwardedFor": "12.345.678.901, 10.111.213.141","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","userOrganization": "DYNATRACE","user": "DYNATRACE"}
You can create, update, and delete policies. The code block below provides a JSON example of creating a policy.
{"timestamp": "2026-01-21T08:06:33.137823893Z","eventId": "c7083308-31ca-4210-a7e4-40bd62d07c1c","eventProvider": "Identity & access management","eventType": "CREATE", / "UPDATE", / "DELETE","resource": "POLICY","resourceName": "Policy4","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationGrantType": "AUTHORIZATION_CODE","authenticationType": "OAUTH2","details": {"json_after": "{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"description\":\"\",\"tags\":[],\"statementQuery\":\"//States\\nALLOW state:app-states:delete, state:app-states:read, state:app-states:write, state:user-app-states:read, state:user-app-states:write, state:user-app-states:delete, state-management:user-app-states:delete, state-management:user-app-states:delete-all;\\n\\n//Hub\\nALLOW hub:catalog:read;\\n\\n//AppEngine\\nALLOW app-engine:apps:run, app-engine:functions:run, app-engine:edge-connects:read;\\n\\n//Classics\\nALLOW environment:roles:viewer, environment:roles:view-security-problems;\\n\\n//Extensions\\nALLOW extensions:definitions:read;\"}","json_before": "null","json_patch": "[{\"op\":\"replace\",\"path\":\"/\",\"value\":{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"description\":\"\",\"tags\":[],\"statementQuery\":\"//States\\nALLOW state:app-states:delete, state:app-states:read, state:app-states:write, state:user-app-states:read, state:user-app-states:write, state:user-app-states:delete, state-management:user-app-states:delete, state-management:user-app-states:delete-all;\\n\\n//Hub\\nALLOW hub:catalog:read;\\n\\n//AppEngine\\nALLOW app-engine:apps:run, app-engine:functions:run, app-engine:edge-connects:read;\\n\\n//Classics\\nALLOW environment:roles:viewer, environment:roles:view-security-problems;\\n\\n//Extensions\\nALLOW extensions:definitions:read;\"},\"oldValue\":null}]"},"eventOutcome": "SUCCESS","eventVersion": "1.0.0","originAddress": "12.123.123.123","originType": "REST","originXForwardedFor": "12.345.678.901, 10.111.213.141","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","userOrganization": "DYNATRACE","user": "DYNATRACE"}