Viewing Amazon CodeCatalyst events in a space
When users perform actions in Amazon CodeCatalyst, these actions are recorded as events. You can use the AWS CLI to view logs of events in a space in a specified timeframe. You can view these events to review actions taken in the space, including the date and time of the actions, the name of the user who performed the action, and the IP address where the user made the request.
Note
In order to download a log of events for a space, you must have installed and configured the AWS CLI with a profile for CodeCatalyst, and you must have the Space administrator role for the space. For more information, see Setting up to use the AWS CLI with CodeCatalyst and Space administrator role.
To view logs of events that occur on behalf of CodeCatalyst in connected AWS accounts, you can use AWS CloudTrail. For more information, see Logging connections, billing, and workflow action API calls in AWS CloudTrail.
Open a terminal or command line and run the aws codecatalyst list-event-logs command, specifying:
The name of the space with the
--space-nameoption.The date and time when you want to start reviewing events, in coordinated universal time (UTC) timestamp format as specified in RFC 3339
, with the --start-timeoption.The date and time when you want to stop reviewing events, in coordinated universal time (UTC) timestamp format as specified in RFC 3339
, with the --end-timeoption.(Optional) The maximum number of results to return in a single response, with the
--max-resultsoption. If the number of results is larger than the number you specify, the response will include anextTokenelement which you can use to return the next results.(Optional) Limit the results to a specific event type you want returned, with the
--event-nameoption.
This example returns logged events in the space named
ExampleCorpfrom the time period2022-11-30to2022-12-01, and that a maximum of2events be returned in the repsonse.aws codecatalyst list-event-logs --space-nameExampleCorp--start-time2022-11-30--end-time2022-12-01--event-namelist-event-logs--max-results2If successful, the command returns results similar to the following:
{ "nextToken": "EXAMPLE", "items": [ { "id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", "eventName": "listEventLogs", "eventType": "AwsApiCall", "eventCategory": "MANAGEMENT", "eventSource": "manage", "eventTime": "2022-12-01T22:47:24.605000+00:00", "operationType": "READONLY", "userIdentity": { "userType": "USER", "principalId": "a1b2c3d4e5-678fgh90-1a2b-3c4d-e5f6-EXAMPLE11111" "userName": "MaryMajor" }, "requestId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE22222", "requestPayload": { "contentType": "application/json", "data": "{\"spaceName\":\"ExampleCorp\",\"startTime\":\"2022-12-01T00:00:00Z\",\"endTime\":\"2022-12-10T00:00:00Z\",\"maxResults\":\"2\"}" }, "sourceIpAddress": "127.0.0.1", "userAgent": "aws-cli/2.9.0 Python/3.9.11 Darwin/21.3.0 exe/x86_64 prompt/off command/codecatalyst.list-event-logs" }, { "id": "a1b2c3d4-5678-90ab-cdef-EXAMPLEaaaaa", "eventName": "createProject", "eventType": "AwsApiCall", "eventCategory": "MANAGEMENT", "eventSource": "manage", "eventTime": "2022-12-01T09:15:32.068000+00:00", "operationType": "MUTATION", "userIdentity": { "userType": "USER", "principalId": "a1b2c3d4e5-678fgh90-1a2b-3c4d-e5f6-EXAMPLE11111", "userName": "MaryMajor" }, "requestId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE33333", "requestPayload": { "contentType": "application/json", "data": "{\"spaceName\":\"ExampleCorp\",\"name\":\"MyFirstProject\",\"displayName\":\"MyFirstProject\"}" }, "responsePayload": { "contentType": "application/json", "data": "{\"spaceName\":\"ExampleCorp\",\"name\":\"MyFirstProject\",\"displayName\":\"MyFirstProject\",\"id\":\"a1b2c3d4-5678-90ab-cdef-EXAMPLE4444\"}" }, "sourceIpAddress": "192.0.2.23", "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Firefox/102.0" } ] }Run the list-event-logs command again with the --next-token option and the value of the returned token to retrieve the next set of logged events that match the request.
