目的

Confluence’s audit log system restricts access to a maximum of 1000 records per request through its API endpoint /rest/api/audit. To retrieve more than 1000 records, we can employ pagination, making multiple API calls to sequentially gather additional sets of logs.

環境

Confluence 7.19.x

ソリューション

The below command can fetch audit logs from 1 to 1000 records. However, this endpoint is limited to 1000 records and can't be used for accessing all the available audit logs. This is due to the API endpoint  /rest/api/audit limitation.

curl -u <id>:<pass> -X GET "<Base_URL>/rest/api/audit?limit=1&start=1000" -H "Accept: application/json"

We can use the script below to fetch records iteratively beyond the 1000 limit. Please note the username, password, and base_url values must be changed.

#!/bin/bash

USERNAME="username"
PASSWORD="password"
API_ENDPOINT="<base_url>/rest/api/audit"
LIMIT=1000
TOTAL_RECORDS=10000

start=0
iteration=1

while [ $start -lt $TOTAL_RECORDS ]
do
    echo "Iteration: $iteration"

    current_limit=$((start + LIMIT))
    response=$(curl -u $USERNAME:$PASSWORD -X GET "$API_ENDPOINT?start=$start&limit=$current_limit" -H "Accept: application/json")
    records=$(echo "$response" | jq '.results[].creationDate')

    echo "$records"

    start=$((current_limit + 1))
    iteration=$((iteration + 1))
done