Skip to main content

ReportsApi

MethodHTTP requestDescription
auditEventPageUsingPOSTPOST /api/web/v2/reports/auditeventspagedLists a page of audit events
siemAuditEventPageUsingPOSTPOST /api/web/v2/reports/auditeventspaged/siemLists a page of audit events (SIEM)

auditEventPageUsingPOST

AuditEventPage auditEventPageUsingPOST(searchParms)

Lists a page of audit events

Returns audit events for the provided search parameters. Caller requires the REPORTS:VIEW permission.The following searchByAttributes are supported:

  • eventTime: a <b>mandatory</b> String value representing an ISO-8601 date in UTC time (e.g., 2018-08-04T18:15:30). Allowed operators are: GREATER_THAN, GREATER_THAN_OR_EQUAL, LESS_THAN, LESS_THAN_OR_EQUAL.
  • outcome: SUCCESS or FAIL. Allowed operator: EQUALS.
  • category: AUTHENTICATION or MANAGEMENT. Allowed operator: EQUALS.
  • entityName: a String up to 100 characters. Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
  • entityType: a String up to 40 characters (e.g., USERS, GROUPS, QUESTIONS, REPORTS, ROLES). Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
  • entityAction: a String up to 100 characters (e.g., ADD, EDIT, REMOVE, ASSIGN, RESET). Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
  • resourceName: a String up to 100 characters. Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
  • sourceIp: a String up to 39 characters. Allowed operators: EQUALS, STARTS_WITH.
  • subjectName: a String up to 100 characters (e.g., jsmith). Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
  • eventType: a String up to 100 characters (e.g., AuthenticationDeniedEvent). Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
  • subject: Restrict events to the UUID of a specific subject. Allowed operator: EQUALS.

If you provide more than one search attribute, they are joined with an AND condition.

The orderByAttribute supports these attribute names: eventTime, outcome, category, entityName, entityType, entityAction, resourceName, sourceIp, subjectName.
The results will only include audit events with data in the orderByAttribute selected. If ordering by entityName, entityType, or entityAction, then AUTHENTICATION events will not be returned.

Parameters

NameTypeDescriptionNotes
searchParmsSearchParms

Return type

AuditEventPage

Authorization

AdminAPIAuthentication

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

HTTP response details

Status codeDescriptionResponse headers
200Successful-
400Bad Request-
401Access denied-
403Forbidden-
404Not Found-
409Conflict-

siemAuditEventPageUsingPOST

AuditEventPage siemAuditEventPageUsingPOST(searchParms)

Lists a page of audit events (SIEM)

Returns audit events for the provided search parameters in ascending order always. Caller requires the REPORTS:VIEW permission.The following searchByAttributes are supported:

  • startTime: a <b>mandatory</b> String value representing an ISO-8601 date in UTC time (e.g., 2018-08-04T18:15:30). Allowed operators are: GREATER_THAN_OR_EQUAL.
  • endTime: a String value representing an ISO-8601 date in UTC time (e.g., 2018-08-31T18:15:30). Allowed operators are: LESS_THAN_OR_EQUAL.
  • outcome: SUCCESS or FAIL. Allowed operator: EQUALS.
  • category: AUTHENTICATION or MANAGEMENT. Allowed operator: EQUALS.

If you provide more than one search attribute, they are joined with an AND condition.

The orderByAttribute is not used even if provided. Results are returned in ascending order always (oldest to newest event)

Example

Parameters

NameTypeDescriptionNotes
searchParmsSearchParms

Return type

AuditEventPage

Authorization

AdminAPIAuthentication

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

HTTP response details

Status codeDescriptionResponse headers
200Successful-
400Bad Request-
401Access denied-
403Forbidden-
404Not Found-
409Conflict-