Encountering a discrepancy between the Admin UI audit trail and the actual API logs when performing bulk credential rotation on our BYOC trunks in the AP-SE-2 region.
The issue manifests when using the POST /api/v2/admin/users/auditlogs endpoint to verify compliance records. While the UI confirms the SIP credentials were updated for all 15 trunks, the audit logs only capture 12 out of 15 changes. The missing entries correspond to trunks that experienced a brief SIP registration timeout during the rotation window.
Environment Details:
- Region: AP-SE-2
- Trunk Count: 15 BYOC trunks across 3 distinct carriers
- API Version: v2
- SDK: Python 3.9 with Genesys Cloud SDK v2.4.1
- Timezone: Asia/Singapore (UTC+8)
The specific error is not a failure code but a data integrity gap. The audit log entries for the three affected trunks are completely absent, not just delayed. This creates a compliance risk as we cannot prove the credential rotation occurred for those specific connections within the required audit window. The SIP logs show successful re-registration after the timeout, confirming the trunks are functional, but the administrative audit trail is incomplete.
Has anyone faced similar audit log gaps during high-concurrency credential updates? We suspect the API might be dropping events when the underlying SIP registration state is transiently unstable. We need a reliable way to reconcile the actual trunk state with the audit logs for compliance reporting. Is there a separate endpoint or flag that forces audit log generation for BYOC trunk modifications, or is this a known limitation of the AP-SE-2 analytics pipeline? Any workarounds for ensuring 100% audit coverage for BYOC credential changes would be appreciated.