ixp
latest
false
- Introduction
- Setting up your account
- Balance
- Clusters
- Concept drift
- Coverage
- Datasets
- General fields
- Labels (predictions, confidence levels, label hierarchy, and label sentiment)
- Models
- Streams
- Model Rating
- Projects
- Precision
- Recall
- Annotated and unannotated messages
- Extraction Fields
- Sources
- Taxonomies
- Training
- True and false positive and negative predictions
- Validation
- Messages
- Access control and administration
- Manage sources and datasets
- Understanding the data structure and permissions
- Creating or deleting a data source in the GUI
- Preparing data for .CSV upload
- Uploading a CSV file into a source
- Creating a dataset
- Multilingual sources and datasets
- Enabling sentiment on a dataset
- Amending dataset settings
- Deleting a message
- Deleting a dataset
- Exporting a dataset
- Using Exchange integrations
- Model training and maintenance
- Understanding labels, general fields, and metadata
- Label hierarchy and best practices
- Comparing analytics and automation use cases
- Turning your objectives into labels
- Overview of the model training process
- Generative Annotation
- Dastaset status
- Model training and annotating best practice
- Training with label sentiment analysis enabled
- Understanding data requirements
- Train
- Introduction to Refine
- Precision and recall explained
- Precision and Recall
- How validation works
- Understanding and improving model performance
- Reasons for label low average precision
- Training using Check label and Missed label
- Training using Teach label (Refine)
- Training using Search (Refine)
- Understanding and increasing coverage
- Improving Balance and using Rebalance
- When to stop training your model
- Using general fields
- Generative extraction
- Using analytics and monitoring
- Automations and Communications Mining™
- Developer
- Uploading data
- Downloading data
- Exchange Integration with Azure service user
- Exchange Integration with Azure Application Authentication
- Exchange Integration with Azure Application Authentication and Graph
- Migration Guide: Exchange Web Services (EWS) to Microsoft Graph API
- Fetching data for Tableau with Python
- Elasticsearch integration
- General field extraction
- Self-hosted Exchange integration
- UiPath® Automation Framework
- UiPath® official activities
- How machines learn to understand words: a guide to embeddings in NLP
- Prompt-based learning with Transformers
- Efficient Transformers II: knowledge distillation & fine-tuning
- Efficient Transformers I: attention mechanisms
- Deep hierarchical unsupervised intent modelling: getting value without training data
- Fixing annotating bias with Communications Mining™
- Active learning: better ML models in less time
- It's all in the numbers - assessing model performance with metrics
- Why model validation is important
- Comparing Communications Mining™ and Google AutoML for conversational data intelligence
- Licensing
- FAQs and more
Communications Mining user guide
Last updated Mar 13, 2026
Audit events
Query audit events
/api/v1/audit_events/query
Permissions required: Read audit logs.
- Bash
curl -X POST 'https://<my_api_endpoint>/api/v1/audit_events/query' \ -H "Authorization: Bearer $REINFER_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "filter": { "timestamp": { "maximum": "2021-07-10T00:00:00Z", "minimum": "2021-06-10T00:00:00Z" } } }'curl -X POST 'https://<my_api_endpoint>/api/v1/audit_events/query' \ -H "Authorization: Bearer $REINFER_TOKEN" \ -H "Content-Type: application/json" \ -d '{ "filter": { "timestamp": { "maximum": "2021-07-10T00:00:00Z", "minimum": "2021-06-10T00:00:00Z" } } }' - Node
const request = require("request"); request.post( { url: "https://<my_api_endpoint>/api/v1/audit_events/query", headers: { Authorization: "Bearer " + process.env.REINFER_TOKEN, }, json: true, body: { filter: { timestamp: { maximum: "2021-07-10T00:00:00Z", minimum: "2021-06-10T00:00:00Z", }, }, }, }, function (error, response, json) { // digest response console.log(JSON.stringify(json, null, 2)); } );const request = require("request"); request.post( { url: "https://<my_api_endpoint>/api/v1/audit_events/query", headers: { Authorization: "Bearer " + process.env.REINFER_TOKEN, }, json: true, body: { filter: { timestamp: { maximum: "2021-07-10T00:00:00Z", minimum: "2021-06-10T00:00:00Z", }, }, }, }, function (error, response, json) { // digest response console.log(JSON.stringify(json, null, 2)); } ); - Python
import json import os import requests response = requests.post( "https://<my_api_endpoint>/api/v1/audit_events/query", headers={"Authorization": "Bearer " + os.environ["REINFER_TOKEN"]}, json={ "filter": { "timestamp": { "minimum": "2021-06-10T00:00:00Z", "maximum": "2021-07-10T00:00:00Z", } } }, ) print(json.dumps(response.json(), indent=2, sort_keys=True))import json import os import requests response = requests.post( "https://<my_api_endpoint>/api/v1/audit_events/query", headers={"Authorization": "Bearer " + os.environ["REINFER_TOKEN"]}, json={ "filter": { "timestamp": { "minimum": "2021-06-10T00:00:00Z", "maximum": "2021-07-10T00:00:00Z", } } }, ) print(json.dumps(response.json(), indent=2, sort_keys=True)) - Response
{ "audit_events": [ { "actor_user_id": "e2148a6625225593", "dataset_ids": ["1fe230edc85ffc1a"], "event_id": "2555880060c23eb5", "event_type": "get_datasets", "project_ids": ["ce3c61dcf210f425", "274400867ab17af9"], "tenant_ids": ["c59b6e209da438a8"], "timestamp": "2021-06-10T16:32:53Z" } ], "continuation": "2555880060c23eb5", "datasets": [ { "id": "1fe230edc85ffc1a", "name": "collateral-sharing", "project_id": "ce3c61dcf210f425", "title": "Collateral Sharing" }, { "id": "274400867ab17af9", "name": "Customer-Feedback", "project_id": "ce3c61dcf210f425", "title": "Customer Feedback" } ], "projects": [ { "id": "ce3c61dcf210f425", "name": "bank-collateral", "tenant_id": "c59b6e209da438a8" } ], "status": "ok", "tenants": [ { "id": "c59b6e209da438a8", "name": "acme" } ], "users": [ { "display_name": "Alice", "email": "alice@acme.example", "id": "e2148a6625225593", "tenant_id": "c59b6e209da438a8", "username": "alice" } ] }{ "audit_events": [ { "actor_user_id": "e2148a6625225593", "dataset_ids": ["1fe230edc85ffc1a"], "event_id": "2555880060c23eb5", "event_type": "get_datasets", "project_ids": ["ce3c61dcf210f425", "274400867ab17af9"], "tenant_ids": ["c59b6e209da438a8"], "timestamp": "2021-06-10T16:32:53Z" } ], "continuation": "2555880060c23eb5", "datasets": [ { "id": "1fe230edc85ffc1a", "name": "collateral-sharing", "project_id": "ce3c61dcf210f425", "title": "Collateral Sharing" }, { "id": "274400867ab17af9", "name": "Customer-Feedback", "project_id": "ce3c61dcf210f425", "title": "Customer Feedback" } ], "projects": [ { "id": "ce3c61dcf210f425", "name": "bank-collateral", "tenant_id": "c59b6e209da438a8" } ], "status": "ok", "tenants": [ { "id": "c59b6e209da438a8", "name": "acme" } ], "users": [ { "display_name": "Alice", "email": "alice@acme.example", "id": "e2148a6625225593", "tenant_id": "c59b6e209da438a8", "username": "alice" } ] }
An audit event is a record of an action taken by a user of the Communications Mining™ platform. Example auditable events include:
- A user logging in
- A user changing their password
- A user changing another user's permissions.
| NAME | TYPE | REQUIRED | DESCRIPTION |
|---|---|---|---|
continuation | string | no | If a previous query returned a continuation in the response, another page of events is available. Set the returned continuation value here to fetch the next page. |
limit | number | no | The number of audit events to return per page. Defaults to 128. |
filter | Filter | no | A filter specifying which audit events to return. |
Where Filter has the following format:
| NAME | TYPE | REQUIRED | DESCRIPTION |
|---|---|---|---|
timestamp | TimestampFilter | no | A filter specifying what time range to return events in. |
Where TimestampFilter has the following format:
| NAME | TYPE | REQUIRED | DESCRIPTION |
|---|---|---|---|
minimum | string | no | An ISO-8601 timestamp. If provided, only returns audit event after or including this timestamp. |
maximum | string | no | An ISO-8601 timestamp. If provided, only returns audit event before this timestamp. |
Response format
The list of audit events can be found under the audit_events key at the top level of the response. Each AuditEvent can reference other resources (such as sources, datasets, users, etc) by ID. For each referenced resource, additional information can be found under the respective key (sources, datasets, users, etc) at the top level of the response.
An AuditEvent represents an action taken by a user in the platform, and has the following base format. Additional keys may be present depending on the value of event_type. For example, a get_datasets audit event will have a list of dataset_ids that were read by the user.
| NAME | TYPE | DESCRIPTION |
|---|---|---|
event_id | string | The unique ID of this event. |
event_type | string | The type of this event. Please refer to the list of event types in the next section. |
timestamp | string | The ISO-8601 timestamp of this event, to the nearest second. |
actor_user_id | string | The ID of the user who executed this action. |
actor_tenant_id | string | The tenant ID of the user who executed this action. |
Finally, if the response contains a continuation key, you should fetch the next page of events by setting the continuation field in the request to this value.
Audit Event Types
Alert audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
alert_create | An alert is created. |
alert_get | An alert is viewed. |
alert_get_all | A list of alerts is viewed. |
alert_update | An alert's configuration is edited. |
alert_delete | An alert is deleted. |
alert_subscriptions_get | A list of alert subscriptions is viewed. |
alert_subscriptions_delete | An alert subscription is deleted. |
Quota audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
quotas_get | Quotas are viewed. |
quotas_set | A quota is updated. |
quotas_reset | A quota is reset. |
Streams audit events
Note:
Streams were formerly called triggers.
| EVENT TYPE | DESCRIPTION |
|---|---|
trigger_create | A stream is created. |
trigger_get | A stream is viewed. |
trigger_get_all | A list of streams is viewed. |
trigger_update | A stream's configuration is edited. |
trigger_delete | A stream is deleted. |
trigger_fetch | A stream is queried (legacy operation). |
trigger_advance | A stream is advanced. |
trigger_reset | A stream is reset. |
trigger_fetch_gx | A generative extraction stream is queried (legacy operation). |
trigger_get_results | A stream is queried. |
Model management audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
model_version_published | When a model is published (UCD) / pinned (CM). |
model_version_unpublished | When a published model is deleted. |
model_tag_updated | When a model tag is updated. |
model_tag_deleted | When a model tag is removed. |
Dataset management audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
get_datasets | When datasets are retrieved. |
get_datasets_by_owner | When datasets are retrieved by owner. |
get_dataset | When a specific dataset is retrieved. |
export_dataset | When a dataset is exported. |
User management audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
create_user | When a new user is created. |
delete_user | When a user is deleted. |
get_users | When user information is retrieved. |
update_user | When user information is modified. |
Authentication and security audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
login_success | Successful user login. |
authentication_failed_password | Failed login due to wrong password. |
authentication_failed_totp | Failed login due to wrong TOTP code. |
login_failed_ip_address | Failed login due to IP address restrictions. |
revoke_api_tokens | When API tokens are revoked. |
revoke_login_tokens | When login tokens are revoked. |
revoke_current_login_token | When current session token is revoked. |
replace_api_token | When API token is replaced. |
authentication_failed_totp_lockout | Failed login due to TOTP lockout. |
Password reset audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
send_password_reset_success | Successful password reset email sent. |
send_password_reset_failed_ip_address | Password reset blocked by IP. |
verify_password_reset_success | Successful password reset verification. |
verify_password_reset_failed_ip_address | Password reset verification blocked by IP. |
change_password_success | Successful password change. |
change_password_failed_totp | Password change failed due to TOTP. |
change_password_failed_ip_address | Password change blocked by IP. |
verify_password_reset_failed_signature | Invalid password reset signature. |
verify_password_reset_failed_timestamp | Expired password reset link. |
change_password_failed_current_password | Wrong current password provided. |
Comment query audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
comment_query_text | Text-based comment queries. |
comment_query_sample | Sample comment queries. |
comment_query_learning | Learning-related comment queries. |
comment_query_any_label_asc | Label-based queries (ascending). |
comment_query_recent | Recent comments queries. |
comment_query_by_label | Queries filtered by specific labels. |
comment_query_diagnostic | Diagnostic comment queries. |
comment_query_label_property | Label property queries. |
comment_query_attachment_text | Attachment text queries. |
comment_query_check | Check-type comment queries. |
comment_query_missed | Missed comments queries. |
Annotation audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
get_annotations | When annotations are retrieved. |
update_annotation | When annotations are modified. |
System and admin audit events
| EVENT TYPE | DESCRIPTION |
|---|---|
get_deprecated_user_models | When deprecated user models are accessed. |
audit_event_query | When audit events themselves are queried. |
email_get | When emails are retrieved. |