katydorjee/auditevents.js

## auditevents.js
<script runat="server" language="JavaScript">

Platform.Load("core","1");
var debug = false;

// Mirrors AuditEvent REST Object data into a data extension
// - Audit Event Log must be configured in the account first -- Email Studio > Admin > Security Settings > Enable Audit Trail Data Collection: Yes
// - creates its own data extension
// - docs: https://developer.salesforce.com/docs/marketing/marketing-cloud/guide/getAuditEvents.html
// - defaults to the past 30 days of events

try {

    var prox = new Script.Util.WSProxy();

    var TargetDECustomerKey = 'AuditEvents';
    var TargetDECategoryID = 12345; // target Data Extension CategoryId

    var startTime = Now();
    var maxMilliseconds = 1500000; // 25 minutes

    // API CONFIGURATION
    // NOTE: installed package must have permissions to read audit events
    var clientId = "YOURCLIENTID";
    var clientSecret = "YOURCLIENTSECRET";
    var tenant = "YOURTENANT";
    var mid = "YOURMID";
    var authURL = "https://" + tenant + ".auth.marketingcloudapis.com/v2/token";
    var endPoint = "https://" + tenant + ".rest.marketingcloudapis.com/";

    // ASSUMPTION: this not take longer than the accessToken's expiration
    var accessToken = getAccessToken(clientId, clientSecret, mid, authURL);
    if (debug) { Write("<br>accessToken: " + accessToken); }

    // CREATE SEND DE
    try {

      var result=prox.createItem("DataExtension",{"CustomerKey":"AuditEvents","Name":"AuditEvents","CategoryID":323569,"Fields":[
        {"CustomerKey":"id","Name":"id","FieldType":"Number","IsPrimaryKey":true,"IsRequired":true},
        {"CustomerKey":"createdDate","Name":"createdDate","FieldType":"Date","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"memberId","Name":"memberId","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"enterpriseId","Name":"enterpriseId","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"employee_id","Name":"employee_id","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"employee_employeeName","Name":"employee_employeeName","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"employee_userName","Name":"employee_userName","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"objectType_id","Name":"objectType_id","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"objectType_name","Name":"objectType_name","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"operation_id","Name":"operation_id","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"operation_name","Name":"operation_name","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"object_id","Name":"object_id","FieldType":"Text","MaxLength":"36","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"object_name","Name":"object_name","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"transactionId","Name":"transactionId","FieldType":"Text","MaxLength":"36","IsPrimaryKey":false,"IsRequired":false},
        {"CustomerKey":"insertedDate","Name":"insertedDate","FieldType":"Date","IsPrimaryKey":false,"IsRequired":false,"DefaultValue":"getdate()"},
      ]});
      if (debug) {
        Write("<br>add AuditEvents DE result:"+ Stringify(result))
      }

    } catch (e) {

      if (debug) { Write("<br>e: " + Stringify(e)); }

    }

    // GET AUDIT TRAIL VIA REST API
    if (accessToken != "") {

      var url = endPoint + "data/v1/audit/auditEvents";
      var headerNames = ["Authorization"];
      var headerValues = ["Bearer " + accessToken];
      var contentType = 'application/json';

      try {

          var auditEvents0 = Platform.Function.HTTPGet(url, false, 0, headerNames, headerValues, status);
          var auditEvents = Platform.Function.ParseJSON(auditEvents0);

          if (debug) { Write("<br>auditEvents.items.length: " + auditEvents.items.length); }

          if (auditEvents.items && auditEvents.items.length > 0) {

              var de = DataExtension.Init(TargetDECustomerKey);
              var rowsAddedUpdated = 0;

              for (i = 0; i < auditEvents.items.length; i++) {

                var row = {};
                row.id = auditEvents.items[i].id;
                row.createdDate = auditEvents.items[i].createdDate;
                row.memberId = auditEvents.items[i].memberId;
                row.enterpriseId = auditEvents.items[i].enterpriseId;
                row.employee_id = auditEvents.items[i].employee.id;
                row.employee_employeeName = auditEvents.items[i].employee.employeeName;
                row.employee_userName = auditEvents.items[i].employee.userName;
                row.objectType_id = auditEvents.items[i].objectType.id;
                row.objectType_name = auditEvents.items[i].objectType.name;
                row.operation_id = auditEvents.items[i].operation.id;
                row.operation_name = auditEvents.items[i].operation.name;
                row.object_id = auditEvents.items[i].object.id;
                row.object_name = auditEvents.items[i].object.name;
                row.transactionId = auditEvents.items[i].transactionId;

                try {

                  rowsAddedUpdated = de.Rows.Add(row);

                } catch (e) {

                  if (debug) { Write("<br>e: " + Stringify(e)); }

                  try {

                    rowsAddedUpdated = de.Rows.Update(row, ['id'], [id]);

                  } catch(e2) {

                    if (debug) { Write("<br>e2: " + Stringify(e2)); }

                  }
                }

                if (debug) { Write("<br>rowsAddedUpdated: " + rowsAddedUpdated); }

              }


          }

      } catch (e) {

         if (debug) { Write("<br>REST API e: " + Stringify(e)); }

      }

    } // end accessToken if-then


    function getAccessToken(clientId, clientSecret, mid, authURL) {

      var accessToken = "";

      if (clientId != "" && clientSecret != "" && mid != "" && authURL !="") {

          var payload = {
            "grant_type": "client_credentials",
            "client_id": clientId,
            "client_secret": clientSecret,
            "account_id": mid
          };

          var contentType = "application/json";
          var result = HTTP.Post(authURL, contentType, Stringify(payload), null, null);
          accessToken = Platform.Function.ParseJSON(result["Response"][0]).access_token;

      }

      return accessToken

    }


} catch (e) {

  if (debug) {
    Platform.Response.Write("<br><br>e: " + Stringify(e));
  }

}
</script>
	<script runat="server" language="JavaScript">

	Platform.Load("core","1");
	var debug = false;

	// Mirrors AuditEvent REST Object data into a data extension
	// - Audit Event Log must be configured in the account first -- Email Studio > Admin > Security Settings > Enable Audit Trail Data Collection: Yes
	// - creates its own data extension
	// - docs: https://developer.salesforce.com/docs/marketing/marketing-cloud/guide/getAuditEvents.html
	// - defaults to the past 30 days of events

	try {

	var prox = new Script.Util.WSProxy();

	var TargetDECustomerKey = 'AuditEvents';
	var TargetDECategoryID = 12345; // target Data Extension CategoryId

	var startTime = Now();
	var maxMilliseconds = 1500000; // 25 minutes

	// API CONFIGURATION
	// NOTE: installed package must have permissions to read audit events
	var clientId = "YOURCLIENTID";
	var clientSecret = "YOURCLIENTSECRET";
	var tenant = "YOURTENANT";
	var mid = "YOURMID";
	var authURL = "https://" + tenant + ".auth.marketingcloudapis.com/v2/token";
	var endPoint = "https://" + tenant + ".rest.marketingcloudapis.com/";

	// ASSUMPTION: this not take longer than the accessToken's expiration
	var accessToken = getAccessToken(clientId, clientSecret, mid, authURL);
	if (debug) { Write("<br>accessToken: " + accessToken); }

	// CREATE SEND DE
	try {

	var result=prox.createItem("DataExtension",{"CustomerKey":"AuditEvents","Name":"AuditEvents","CategoryID":323569,"Fields":[
	{"CustomerKey":"id","Name":"id","FieldType":"Number","IsPrimaryKey":true,"IsRequired":true},
	{"CustomerKey":"createdDate","Name":"createdDate","FieldType":"Date","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"memberId","Name":"memberId","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"enterpriseId","Name":"enterpriseId","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"employee_id","Name":"employee_id","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"employee_employeeName","Name":"employee_employeeName","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"employee_userName","Name":"employee_userName","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"objectType_id","Name":"objectType_id","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"objectType_name","Name":"objectType_name","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"operation_id","Name":"operation_id","FieldType":"Number","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"operation_name","Name":"operation_name","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"object_id","Name":"object_id","FieldType":"Text","MaxLength":"36","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"object_name","Name":"object_name","FieldType":"Text","MaxLength":"100","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"transactionId","Name":"transactionId","FieldType":"Text","MaxLength":"36","IsPrimaryKey":false,"IsRequired":false},
	{"CustomerKey":"insertedDate","Name":"insertedDate","FieldType":"Date","IsPrimaryKey":false,"IsRequired":false,"DefaultValue":"getdate()"},
	]});
	if (debug) {
	Write("<br>add AuditEvents DE result:"+ Stringify(result))
	}

	} catch (e) {

	if (debug) { Write("<br>e: " + Stringify(e)); }

	}

	// GET AUDIT TRAIL VIA REST API
	if (accessToken != "") {

	var url = endPoint + "data/v1/audit/auditEvents";
	var headerNames = ["Authorization"];
	var headerValues = ["Bearer " + accessToken];
	var contentType = 'application/json';

	try {

	var auditEvents0 = Platform.Function.HTTPGet(url, false, 0, headerNames, headerValues, status);
	var auditEvents = Platform.Function.ParseJSON(auditEvents0);

	if (debug) { Write("<br>auditEvents.items.length: " + auditEvents.items.length); }

	if (auditEvents.items && auditEvents.items.length > 0) {

	var de = DataExtension.Init(TargetDECustomerKey);
	var rowsAddedUpdated = 0;

	for (i = 0; i < auditEvents.items.length; i++) {

	var row = {};
	row.id = auditEvents.items[i].id;
	row.createdDate = auditEvents.items[i].createdDate;
	row.memberId = auditEvents.items[i].memberId;
	row.enterpriseId = auditEvents.items[i].enterpriseId;
	row.employee_id = auditEvents.items[i].employee.id;
	row.employee_employeeName = auditEvents.items[i].employee.employeeName;
	row.employee_userName = auditEvents.items[i].employee.userName;
	row.objectType_id = auditEvents.items[i].objectType.id;
	row.objectType_name = auditEvents.items[i].objectType.name;
	row.operation_id = auditEvents.items[i].operation.id;
	row.operation_name = auditEvents.items[i].operation.name;
	row.object_id = auditEvents.items[i].object.id;
	row.object_name = auditEvents.items[i].object.name;
	row.transactionId = auditEvents.items[i].transactionId;

	try {

	rowsAddedUpdated = de.Rows.Add(row);

	} catch (e) {

	if (debug) { Write("<br>e: " + Stringify(e)); }

	try {

	rowsAddedUpdated = de.Rows.Update(row, ['id'], [id]);

	} catch(e2) {

	if (debug) { Write("<br>e2: " + Stringify(e2)); }

	}
	}

	if (debug) { Write("<br>rowsAddedUpdated: " + rowsAddedUpdated); }

	}


	}

	} catch (e) {

	if (debug) { Write("<br>REST API e: " + Stringify(e)); }

	}

	} // end accessToken if-then


	function getAccessToken(clientId, clientSecret, mid, authURL) {

	var accessToken = "";

	if (clientId != "" && clientSecret != "" && mid != "" && authURL !="") {

	var payload = {
	"grant_type": "client_credentials",
	"client_id": clientId,
	"client_secret": clientSecret,
	"account_id": mid
	};

	var contentType = "application/json";
	var result = HTTP.Post(authURL, contentType, Stringify(payload), null, null);
	accessToken = Platform.Function.ParseJSON(result["Response"][0]).access_token;

	}

	return accessToken

	}


	} catch (e) {

	if (debug) {
	Platform.Response.Write("<br><br>e: " + Stringify(e));
	}

	}
	</script>