Cmdlets for Azure DevOps

Build 24.0.9060

AuditLogEntries

Retrieves all audit log entries. This table includes custom fields which are automatically discovered when 'IncludeCustomFields' is enabled.

Table Specific Information

Select

The cmdlet uses the Azure DevOps API to process WHERE clause conditions built with the following columns and operators:

  • BatchSize supports the '=' operator.
  • DownloadWindow supports the '>,>=,<,<=' operators.
  • SkipAggregation supports the '=' operator.
The rest of the filter is executed client-side in the cmdlet.

For example:

	
	SELECT * FROM AuditLogEntries WHERE BatchSize = 5
	SELECT * FROM AuditLogEntries WHERE DownloadWindow > '2020-04-06 05:50:00' AND DownloadWindow < '2020-04-06T06:50:00.000+00:00'

Columns

Name Type References Description
Id [KEY] String Id of the audit log entry.
ActionId String The action if for the event, i.e Git.CreateRepo, Project.RenameProject.
ActivityId String Id of the activity.
ActorCUID String The actor's CUID.
ActorDisplayName String DisplayName of the user who initiated the action.
ActorImageUrl String URL of actor's profile image.
ActorUserId String The actor's user Id.
Area String Area of Azure DevOps the action occurred.
AuthenticationMechanism String Type of authentication used by the actor.
Category String Type of action executed.
CategoryDisplayName String DisplayName of the category.
CorrelationId String This allows related audit entries to be grouped together. Generally this occurs when a single action causes a cascade of audit entries. For example, project creation.
Details String Decorated details.
IpAddress String IP Address where the event was originated.
ScopeDisplayName String Display Name of the scope.
ScopeId String The organization or project Id.
ScopeType String The type of the scope, organization or project.
Timestamp Datetime The time when the event occurred in UTC.
UserAgent String The user agent from the request.
Data String External data such as CUIDs, item names, etc.

Pseudo-Columns

Pseudo column fields are used in the WHERE clause of SELECT statements, and offer a more granular control over the tuples that are returned from the data source. Unless otherwise specified, only the = operator is permitted when filtering on pseudocolumns.

Name Type Description
BatchSize Integer Max number of results to return.
DownloadWindow Datetime Start and end time of download window.
SkipAggregation Boolean Skips aggregating events and leaves them as individual entries instead.

Copyright (c) 2024 CData Software, Inc. - All rights reserved.
Build 24.0.9060