Reports an event to the Trust Protection Platform Log server. When you log events, avoid placing sensitive information in the request body because this information is exposed when full request logging is enabled.

Setup is required. POST Log requires you to send your own custom events. For more information, see Importing event definitions for add-on applications.

Unless the Trust Protection Platform channel has a different configuration, the log events that you send appear in the default SQL channel log. The event also appears on the General Log View tab of the Component.

NOTE  Parameter names and values differ from those in GET Log. Here are the differences:

GET Log and POST Log data types differ





Id is mixed case.

Example: Id=43646975

ID is upper case.

Example ID: 43646975


Severity takes a string.

Example, Severity=Alert

Severity takes an integer that represents event severity.

Example, for an Alert, specify Severity: 2


  • Permissions:  The caller must have View permission and Read permission to the default SQL channel object.
  • Token scope:  Any valid scope, such as Agent, Certificate, or SSH:Manage


  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.


POST Log data types differ from the UI. For EventIDs or GroupIDs, be sure the value is an integer. To translate the hexadecimal value to an integer, use a conversion tool.

In the UI, Event and Group IDs use the hexcadecimal format

When adding query parameters, use the /? syntax. If you are not passing any parameters, make sure the URL ends with a trailing slash. Otherwise, some environments, such as cURL and PowerShell, return a HTTP 307 Temporary Redirect message.

Input parameters




Required. A string that identifies a Distinguished Name (DN) or application name such as Encyption DPAPI or LogQueueMsSql. For example: Component: \\VED\\Policy\\DataCenter1\\Cert1.


An integer that corresponds to a set of events that involved the Component. For example Grouping: 496258952.


Required. The integer value that corresponds to a custom hexadecimal Event ID that appears in your custom .lsc event definition. For example, your custom event ID must be either only integer 4294901761 (FFFF0001 hexidecimal) for temporary debugging or in the range integer values from 16777216 - 43646975 (1000000-299FFFF hexidecimal).


(Optional) If no severity is specified, the value is 7. A string value that matches an event severity. For example: Severity: 2.

  • 1 = Emergency
  • 2 = Alert
  • 3 = Critical
  • 4 = Error
  • 5 = Warning
  • 6 = Notice
  • 7 = Info
  • 8 = Debug (does not appear in the log)


(Optional) Valid only for POST Log. The IP address of the client that originated the event. For example SourceIp:


Corresponds with Value1. A string variable that may be referenced by the event translation as defined by the log schema. For example, Text1: Heavy job.


A second string variable that may be referenced by the event translation as defined by the log schema. For example, Text2: Nightly job.


Corresponds with Text1. An integer variable that may be referenced by the event translation as defined by the log schema. For example: Value1: Job in progress.


Corresponds with Text2. A second integer variable that may be referenced by the event translation as defined by the log schema. For example: Value2: Job complete.


  • HTTP 400: Value 1963264 is not allowed; only integer value 4294901761 and integer values from 16777216 to 43646975 are allowed for the event ID.
  • HTTP 307: If the method is missing a slash (/) at the end of the URL or between the query parameters, this message appears: There is no operation listening for [Web SDK method], but there is an operation listening for [Web SDK method/], so you are being redirected there.
  • HTTP 200: The following message body:
Response description




The status of event recording:

  • 0: The Log Server successfully stored the event in the event log.
  • 1: The Log Server failed to store the event in the event log.

Example: Log a debug event


POST https://tpp.venafi.example/vedsdk/Log/
Authorization:Bearer 4MyGeneratedBearerTknz==
   "Text1":"some text",
   "Text2":"X509 Certificate",


HTTP/1.1 200 OK