Axis Alerts and Audit
Track operational signals through alert APIs, immutable audit logs, and signed rollout receipts.
Overview
Axis provides tenant-scoped alert listing (`/api/alerts`), audit log queries (`/api/audit-logs`), and rollout receipt retrieval (`/api/rollout-receipts`).
Owner/Admin role is required for high-impact audit and rollout evidence APIs.
Endpoint Assumptions
- Production auth and API host:
https://axis.velikey.com(signin:https://axis.velikey.com/auth/signin). - Non-production override: set
AXIS_BASE_URLexplicitly before running docs commands. - Manual operator substitutions: provide tenant-scoped values for cookies, bearer tokens, agent IDs, and tenant slugs.
Actionable Steps
- Query recent alerts and unresolved critical events.
- Filter audit logs for rollout and SSO changes.
- Store signed rollout receipts in your compliance evidence pipeline.
# manual-only example
# production default; set AXIS_BASE_URL explicitly for staging/test.
export AXIS_BASE_URL="${AXIS_BASE_URL:-https://axis.velikey.com}"
export SESSION_COOKIE="axis-session=REDACTED"
curl -fsS -H "Cookie: $SESSION_COOKIE" "$AXIS_BASE_URL/api/alerts?severity=critical&resolved=false&limit=20" | jq
curl -fsS -H "Cookie: $SESSION_COOKIE" "$AXIS_BASE_URL/api/audit-logs?action=rollout&limit=20" | jq
curl -fsS -H "Cookie: $SESSION_COOKIE" "$AXIS_BASE_URL/api/rollout-receipts?limit=20" | jq
Validation Checks (Last Step)
# executable example command -v curl command -v jq date -u +"%Y-%m-%dT%H:%M:%SZ"
Include UTC timestamps in manual runbooks for later forensic correlation.
Common Failure Modes
- Parsing audit output without `limit` defaults to larger payloads and slows operator triage.
- Using non-admin account for `/api/rollout-receipts` causes permission failures.
- Alert creation payloads missing required fields fail with `400` and no downstream delivery.
Navigate Docs
Docs Index • Previous: Axis Agent Management • Next: Troubleshooting