Hi Wayne,
That information wouldn't be recorded in the Audit Logs. However, you should be able to check the localhost access logs in Tomcat to see if anyone has accessed the specific API endpoint and the user (provided that you configured your server.xml file to capture that information as outlined here -
https://github.com/LabKey/samples/blob/master/ops/config-examples/server.xml). You'll know your server.xml is setup to capture the LabKey user if it is setup like this:
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="localhost_access_log."
suffix=".txt"
resolveHosts="false"
pattern="%h %l %u %t "%r" %s %b %D %S "%{Referer}i" "%{User-Agent}i" %{LABKEY.username}s %q" />
For example, if I ran an R query from my standalone version of R against LabKey.org to do a query on issues, it would look like this in the localhost access logs:
123.123.123.123 - - [18/Oct/2017:20:49:13 -0700] "GET /query/Support/selectRows.api?schemaName=issues&query.queryName=SupportTickets&apiVersion=8.3&query.showRows=all&query.Status~eq=open&query.IssueNumber~isblank=&query.Milestone~neqornull=TBD HTTP/1.1" 200 24317 1821 B4F1044AXXXXXXXXXXXXXXXX456 "-" "Rlabkey" myuser@domain.com ?
The logs would show the IP that accessed the server, the date, the HTTP method (GET, POST, etc), the specific page or endpoint with any kind of parameters (if applicable), the HTTP protocol, the response (e.g. 200, 302, 404, 500, etc), the size in bytes, the time in milliseconds it took to process, the User Session ID, the referrer (if applicable), the user-agent (this is where it would indicate a browser or if you're using something like R or Perl), and finally the user who did it.
So although your Audit Logs may not have this, that information is still being captured in the localhost access log to a point. You might not be able to see the payload if it is a POST, but you should at least see something hitting the selectRows.api and insertRows.api endpoints, the user-agent being Perl, and the user that did the actual API call.
Regards,
Jon