Event Monitoring, Quip

What is Quip Event monitoring?

Quip Event Monitoring provides access to API endpoints that can be used to retrieve log data for Quip actions performed by your site members. For example, you might ingest these event logs from Quip into the security information & event management (SIEM) workflows used to govern your company’s applications.

Requirements

In order to utilize these API endpoints, you must have both:

• A subscription to Quip Event Monitoring
• Approved access to the Quip Admin API*

*Note: If you have approved access to the Quip Admin API but have not purchased Quip Shield or Quip Event Monitoring, you are not permitted to use the Events and Near Real-Time Events endpoints of the Admin API. This is also documented here.

Using the API Endpoints

Once you have access to the Quip Admin API, follow the instructions at quip.com/dev/admin/documentation to get set up and start using the following two endpoints:

1. Events: Use this method to access historical logs (as far back as January 2018) for any event that happened more than two hours ago. Among other use cases, this is useful for retroactive investigations.
2. Near Real-Time Events: Use this method to access logs for events that have happened within the past two hours. A typical use case of this method is to set up an ongoing stream of events, to ingest the Quip logs just after the corresponding actions happen in Quip.

For full documentation, please visit our developer API docs.