This page provides JSON examples of different types of audit events. Administrators can view these audit logs as described in Account Management audit logs.
The contents of the JSON schema may be extended in the future to accommodate additional information, but nothing will be removed.
Accounts can be created, updated, and deleted. The code block below shows an example of updating an account from active to inactive.
{"userId": "system","timestamp": "2026-02-27T00:00:02.951958812Z","eventId": "ba70630b-6153-4ec2-9ea4-9dae5ad45fc6","eventProvider": "Account","eventType": "STATE_CHANGED","resource": "ACCOUNT","resourceName": "TEST name","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationType": "NONE","details": {"json_after": {"state": "INACTIVE"},"json_before": {"state": "ACTIVE"},"json_patch": {"state": {"from": "ACTIVE","to": "INACTIVE"}}},"eventOutcome": "success","eventVersion": "1.0.0","originType": "LOCAL","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","user": "SYSTEM","userName": "System","userOrganization": "DYNATRACE"}
You can create, update, and delete boundaries. The code block below shows an example of creating a boundary.
{"timestamp": "2026-01-21T10:22:15.446477947Z","eventId": "ba70630b-6153-4ec2-9ea4-9dae5ad45fc6","eventProvider": "Identity & access management","eventType": "CREATE","resource": "BOUNDARY","resourceName": "TEST boundary","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationGrantType": "AUTHORIZATION_CODE","authenticationType": "OAUTH2","details": {"json_after": "{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"TEST boundary\",\"metadata\":{},\"boundaryQuery\":\"settings:schemaId = \\\"buitlin:test\\\";\"}","json_before": "null","json_patch": "[{\"op\":\"replace\",\"path\":\"/\",\"value\":{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"TEST boundary\",\"metadata\":{},\"boundaryQuery\":\"settings:schemaId = \\\"buitlin:test\\\";\"},\"oldValue\":null}]"},"eventOutcome": "SUCCESS","eventVersion": "1.0.0","originAddress": "12.123.123.123","originType": "REST","originXForwardedFor": "12.345.678.901, 10.111.213.141","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","userOrganization": "DYNATRACE","user": "DYNATRACE"}
You can create, update, and delete groups. The code block below shows an example of updating the policy for a group.
{"timestamp": "2026-01-21T08:07:06.239203135Z","eventId": "bf6b4609-b3de-4d46-acee-b603b3912fb5","eventProvider": "Identity & access management","eventType": "UPDATE_POLICIES", / "UPDATE_ROLES", / "UPDATE","resource": "GROUP","resourceName": "grp_5","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationGrantType": "AUTHORIZATION_CODE","authenticationType": "OAUTH2","details": {"json_after": "{\"account\":[{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy3\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}},{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}}],\"environments\":{}}","json_before": "{\"account\":[{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy3\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}}],\"environments\":{}}","json_patch": "[{\"op\":\"add\",\"path\":\"/account/1\",\"value\":{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"boundaries\":[],\"parameters\":{},\"metadata\":{}},\"oldValue\":null}]"},"eventOutcome": "SUCCESS","eventVersion": "1.0.0","originAddress": "12.123.123.123","originType": "REST","originXForwardedFor": "12.345.678.901, 10.111.213.141","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","userOrganization": "DYNATRACE","user": "DYNATRACE"}
You can create, update, and delete policies. The code block below shows an example of creating a policy.
{"timestamp": "2026-01-21T08:06:33.137823893Z","eventId": "c7083308-31ca-4210-a7e4-40bd62d07c1c","eventProvider": "Identity & access management","eventType": "CREATE","resource": "POLICY","resourceName": "Policy4","accountUuid": "abc123ab-c123-abc1-23ab-c123abc123ab","authenticationGrantType": "AUTHORIZATION_CODE","authenticationType": "OAUTH2","details": {"json_after": "{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"description\":\"\",\"tags\":[],\"statementQuery\":\"//States\\nALLOW state:app-states:delete, state:app-states:read, state:app-states:write, state:user-app-states:read, state:user-app-states:write, state:user-app-states:delete, state-management:user-app-states:delete, state-management:user-app-states:delete-all;\\n\\n//Hub\\nALLOW hub:catalog:read;\\n\\n//AppEngine\\nALLOW app-engine:apps:run, app-engine:functions:run, app-engine:edge-connects:read;\\n\\n//Classics\\nALLOW environment:roles:viewer, environment:roles:view-security-problems;\\n\\n//Extensions\\nALLOW extensions:definitions:read;\"}","json_before": "null","json_patch": "[{\"op\":\"replace\",\"path\":\"/\",\"value\":{\"uuid\":\"abcd1234-efgh-5678-ijkl-9012345abcde\",\"name\":\"Policy4\",\"description\":\"\",\"tags\":[],\"statementQuery\":\"//States\\nALLOW state:app-states:delete, state:app-states:read, state:app-states:write, state:user-app-states:read, state:user-app-states:write, state:user-app-states:delete, state-management:user-app-states:delete, state-management:user-app-states:delete-all;\\n\\n//Hub\\nALLOW hub:catalog:read;\\n\\n//AppEngine\\nALLOW app-engine:apps:run, app-engine:functions:run, app-engine:edge-connects:read;\\n\\n//Classics\\nALLOW environment:roles:viewer, environment:roles:view-security-problems;\\n\\n//Extensions\\nALLOW extensions:definitions:read;\"},\"oldValue\":null}]"},"eventOutcome": "SUCCESS","eventVersion": "1.0.0","originAddress": "12.123.123.123","originType": "REST","originXForwardedFor": "12.345.678.901, 10.111.213.141","resourceId": "abcd1234-efgh-5678-ijkl-9012345abcde","userOrganization": "DYNATRACE","user": "DYNATRACE"}
You can create, update, or delete budgets. The code blocks below show an example for each.
{"userId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","accountUuid": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","authenticationClientId": "system01s02.example.email@heimdall.dynatrace.com","authenticationType": "OAUTH2","details": {"json_after": "{\"eventSetting\":{\"id\":296939,\"uuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"createdAt\":1776942146.681554608,\"updatedAt\":1776942146.681554928,\"type\":\"BUDGET\",\"accountUuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"capabilities\":[],\"environments\":[],\"settings\":{\"name\":\"Audit Test Budget\",\"tags\":null,\"budgetAmount\":null,\"budgetPercent\":80.0,\"eventType\":\"BUDGET\"},\"version\":1,\"default\":false},\"channelSettings\":[{\"id\":0,\"eventSetting\":0,\"createdAt\":1776942146.682000000,\"updatedAt\":1776942146.682000000,\"channel\":\"EMAIL\",\"channelTypeSetting\":{\"subjectText\":null,\"messageText\":null,\"sendToAdmins\":true,\"sendToEmergencyContacts\":false,\"sendToSecurityContacts\":false,\"sendToOthers\":[],\"securityContactAlternateEmails\":[],\"channelType\":\"EMAIL\"}}]}"},"eventId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","eventOutcome": "SUCCESS","eventProvider": "Notifications","eventType": "CREATE","eventVersion": "1.0.0","originAddress": "10.108.16.78","originType": "REST","resource": "EVENT_SETTING","resourceId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","resourceName": "Audit Test Budget","timestamp": "2026-04-23T11:02:26.702871846Z","user": "alex.example@dynatrace.com","userEmail": "alex.example@dynatrace.com","userOrganization": "DYNATRACE"}
{"userId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","accountUuid": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","authenticationClientId": "system01s02.example.email@heimdall.dynatrace.com","authenticationType": "OAUTH2","details": {"json_after": "{\"eventSetting\":{\"id\":296939,\"uuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"createdAt\":1776942146.681555000,\"updatedAt\":1776942157.971257000,\"type\":\"BUDGET\",\"accountUuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"capabilities\":[],\"environments\":[],\"settings\":{\"name\":\"Audit Test Budget\",\"tags\":null,\"budgetAmount\":null,\"budgetPercent\":90.0,\"eventType\":\"BUDGET\"},\"version\":2,\"default\":false},\"channelSettings\":[{\"id\":0,\"eventSetting\":0,\"createdAt\":1776942157.971000000,\"updatedAt\":1776942157.971000000,\"channel\":\"EMAIL\",\"channelTypeSetting\":{\"subjectText\":null,\"messageText\":null,\"sendToAdmins\":true,\"sendToEmergencyContacts\":false,\"sendToSecurityContacts\":false,\"sendToOthers\":[],\"securityContactAlternateEmails\":[],\"channelType\":\"EMAIL\"}}]}","json_before": "{\"eventSetting\":{\"id\":296939,\"uuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"createdAt\":1776942146.681555000,\"updatedAt\":1776942146.681555000,\"type\":\"BUDGET\",\"accountUuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"capabilities\":[],\"environments\":[],\"settings\":{\"name\":\"Audit Test Budget\",\"tags\":null,\"budgetAmount\":null,\"budgetPercent\":80.0,\"eventType\":\"BUDGET\"},\"version\":1,\"default\":false},\"channelSettings\":[{\"id\":291302,\"eventSetting\":296939,\"createdAt\":1776942146.682000000,\"updatedAt\":1776942146.682000000,\"channel\":\"EMAIL\",\"channelTypeSetting\":{\"subjectText\":null,\"messageText\":null,\"sendToAdmins\":true,\"sendToEmergencyContacts\":false,\"sendToSecurityContacts\":false,\"sendToOthers\":[],\"securityContactAlternateEmails\":[],\"channelType\":\"EMAIL\"}}]}"},"eventId": "4a4e3840-e7ee-4b80-a9c3-a005a287d739","eventOutcome": "SUCCESS","eventProvider": "Notifications","eventType": "UPDATE","eventVersion": "1.0.0","originAddress": "10.108.16.78","originType": "REST","resource": "EVENT_SETTING","resourceId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","resourceName": "Audit Test Budget","timestamp": "2026-04-23T11:02:37.988904262Z","user": "alex.example@dynatrace.com","userEmail": "alex.example@dynatrace.com","userOrganization": "DYNATRACE"}
{"userId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","accountUuid": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","authenticationClientId": "system01s02.example.email@heimdall.dynatrace.com","authenticationType": "OAUTH2","details": {"json_before": "{\"eventSetting\":{\"id\":296939,\"uuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"createdAt\":1776942146.681555000,\"updatedAt\":1776942157.971257000,\"type\":\"BUDGET\",\"accountUuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"capabilities\":[],\"environments\":[],\"settings\":{\"name\":\"Audit Test Budget\",\"tags\":null,\"budgetAmount\":null,\"budgetPercent\":90.0,\"eventType\":\"BUDGET\"},\"version\":2,\"default\":false},\"channelSettings\":[{\"id\":291302,\"eventSetting\":296939,\"createdAt\":1776942146.682000000,\"updatedAt\":1776942157.971000000,\"channel\":\"EMAIL\",\"channelTypeSetting\":{\"subjectText\":null,\"messageText\":null,\"sendToAdmins\":true,\"sendToEmergencyContacts\":false,\"sendToSecurityContacts\":false,\"sendToOthers\":[],\"securityContactAlternateEmails\":[],\"channelType\":\"EMAIL\"}}]}"},"eventId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","eventOutcome": "SUCCESS","eventProvider": "Notifications","eventType": "DELETE","eventVersion": "1.0.0","originAddress": "10.0.5.10","originType": "REST","resource": "EVENT_SETTING","resourceId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","resourceName": "Audit Test Budget","timestamp": "2026-04-23T11:27:26.730600740Z","user": "alex.example@dynatrace.com","userEmail": "alex.example@dynatrace.com","userOrganization": "DYNATRACE"}
Forecasts are created by Dynatrace, and you can update an existing forecast. The code blocks below show an example for each.
{"userId": "system","accountUuid": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","authenticationType": "NONE","details": {"json_after": "{\"eventSetting\":{\"id\":296894,\"uuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"createdAt\":1776916669.218000000,\"updatedAt\":1776916669.218000000,\"type\":\"FORECAST\",\"accountUuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"capabilities\":null,\"environments\":null,\"settings\":{\"weekOverWeek\":10.0,\"exceed\":95.0,\"eventType\":\"FORECAST\"},\"version\":1,\"default\":true},\"channelSettings\":[{\"id\":0,\"eventSetting\":0,\"createdAt\":1776916669.218000000,\"updatedAt\":1776916669.218000000,\"channel\":\"EMAIL\",\"channelTypeSetting\":{\"subjectText\":null,\"messageText\":null,\"sendToAdmins\":true,\"sendToEmergencyContacts\":false,\"sendToSecurityContacts\":false,\"sendToOthers\":[],\"securityContactAlternateEmails\":[],\"channelType\":\"EMAIL\"}}]}"},"eventId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","eventOutcome": "SUCCESS","eventProvider": "Notifications","eventType": "CREATE","eventVersion": "1.0.0","originType": "LOCAL","resource": "EVENT_SETTING","resourceId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","resourceName": "FORECAST","timestamp": "2026-04-23T03:57:49.242048976Z","user": "SYSTEM","userName": "System","userOrganization": "DYNATRACE"}
{"userId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","accountUuid": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","authenticationClientId": "system01s02.example.email@heimdall.dynatrace.com","authenticationType": "OAUTH2","details": {"json_after": "{\"eventSetting\":{\"id\":296894,\"uuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"createdAt\":1776916669.218000000,\"updatedAt\":1776943830.306176000,\"type\":\"FORECAST\",\"accountUuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"capabilities\":[],\"environments\":[],\"settings\":{\"weekOverWeek\":15.0,\"exceed\":90.0,\"eventType\":\"FORECAST\"},\"version\":3,\"default\":false},\"channelSettings\":[{\"id\":0,\"eventSetting\":0,\"createdAt\":1776943830.306000000,\"updatedAt\":1776943830.306000000,\"channel\":\"EMAIL\",\"channelTypeSetting\":{\"subjectText\":null,\"messageText\":null,\"sendToAdmins\":true,\"sendToEmergencyContacts\":false,\"sendToSecurityContacts\":false,\"sendToOthers\":[],\"securityContactAlternateEmails\":[],\"channelType\":\"EMAIL\"}}]}","json_before": "{\"eventSetting\":{\"id\":296894,\"uuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"createdAt\":1776916669.218000000,\"updatedAt\":1776918414.950413000,\"type\":\"FORECAST\",\"accountUuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"capabilities\":[],\"environments\":[],\"settings\":{\"weekOverWeek\":10.0,\"exceed\":90.0,\"eventType\":\"FORECAST\"},\"version\":2,\"default\":false},\"channelSettings\":[{\"id\":291251,\"eventSetting\":296894,\"createdAt\":1776916669.218000000,\"updatedAt\":1776918414.950000000,\"channel\":\"EMAIL\",\"channelTypeSetting\":{\"subjectText\":null,\"messageText\":null,\"sendToAdmins\":true,\"sendToEmergencyContacts\":false,\"sendToSecurityContacts\":false,\"sendToOthers\":[\"alex.example@gmail.com\"],\"securityContactAlternateEmails\":[],\"channelType\":\"EMAIL\"}}]}"},"eventId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","eventOutcome": "SUCCESS","eventProvider": "Notifications","eventType": "UPDATE","eventVersion": "1.0.0","originAddress": "10.0.5.10","originType": "REST","resource": "EVENT_SETTING","resourceId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","resourceName": "FORECAST","timestamp": "2026-04-23T11:30:30.333081787Z","user": "alex.example@dynatrace.com","userEmail": "alex.example@dynatrace.com","userOrganization": "DYNATRACE"}
You can update cost notifications. The code block below shows an example of updating a cost notification.
{"userId": "system","accountUuid": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","authenticationClientId": "system01s02.example.email@heimdall.dynatrace.com","authenticationType": "OAUTH2","details": {"json_after": "{\"eventSetting\":{\"id\":296895,\"uuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"createdAt\":1776916669.247000000,\"updatedAt\":1776918407.835438000,\"type\":\"COST\",\"accountUuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"capabilities\":[],\"environments\":[],\"settings\":{\"eventType\":\"COST\"},\"version\":2,\"default\":false},\"channelSettings\":[{\"id\":0,\"eventSetting\":0,\"createdAt\":1776918407.835000000,\"updatedAt\":1776918407.835000000,\"channel\":\"EMAIL\",\"channelTypeSetting\":{\"subjectText\":\"New Cost Subject\",\"messageText\":\"New cost message.\",\"sendToAdmins\":true,\"sendToEmergencyContacts\":false,\"sendToSecurityContacts\":false,\"sendToOthers\":[\"alex.example@gmail.com\"],\"securityContactAlternateEmails\":[],\"channelType\":\"EMAIL\"}}]}","json_before": "{\"eventSetting\":{\"id\":296895,\"uuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"createdAt\":1776916669.247000000,\"updatedAt\":1776916669.247000000,\"type\":\"COST\",\"accountUuid\":\"c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3\",\"capabilities\":[],\"environments\":[],\"settings\":{\"eventType\":\"COST\"},\"version\":1,\"default\":true},\"channelSettings\":[{\"id\":291252,\"eventSetting\":296895,\"createdAt\":1776916669.247000000,\"updatedAt\":1776916669.247000000,\"channel\":\"EMAIL\",\"channelTypeSetting\":{\"subjectText\":null,\"messageText\":null,\"sendToAdmins\":true,\"sendToEmergencyContacts\":false,\"sendToSecurityContacts\":false,\"sendToOthers\":[],\"securityContactAlternateEmails\":[],\"channelType\":\"EMAIL\"}}]}"},"eventId": "1983d2f1-e69d-40c8-a3bb-ad69cab04eb9","eventOutcome": "SUCCESS","eventProvider": "Notifications","eventType": "UPDATE","eventVersion": "1.0.0","originAddress": "10.0.5.10","originType": "REST","resource": "EVENT_SETTING","resourceId": "c4f3c4f3-c4f3-c4f3-c4f3-c4f3c4f3c4f3","resourceName": "COST","timestamp": "2026-04-23T04:26:47.863817118Z","user": "SYSTEM","userName": "System","userOrganization": "DYNATRACE"}