ReportsApi
| Method | HTTP request | Description |
|---|---|---|
| audit_event_page_using_post | POST /api/web/v2/reports/auditeventspaged | Lists a page of audit events |
| siem_audit_event_page_using_post | POST /api/web/v2/reports/auditeventspaged/siem | Lists a page of audit events (SIEM) |
audit_event_page_using_post
AuditEventPage audit_event_page_using_post(search_parms)
Lists a page of audit events
Returns audit events for the provided search parameters. Caller requires the REPORTS:VIEW permission.The following searchByAttributes are supported:
- eventTime: a mandatory String value representing an ISO-8601 date in UTC time (e.g., 2018-08-04T18:15:30). Allowed operators are: GREATER_THAN, GREATER_THAN_OR_EQUAL, LESS_THAN, LESS_THAN_OR_EQUAL.
- outcome: SUCCESS or FAIL. Allowed operator: EQUALS.
- category: AUTHENTICATION or MANAGEMENT. Allowed operator: EQUALS.
- entityName: a String up to 100 characters. Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
- entityType: a String up to 40 characters (e.g., USERS, GROUPS, QUESTIONS, REPORTS, ROLES). Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
- entityAction: a String up to 100 characters (e.g., ADD, EDIT, REMOVE, ASSIGN, RESET). Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
- resourceName: a String up to 100 characters. Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
- sourceIp: a String up to 39 characters. Allowed operators: EQUALS, STARTS_WITH.
- subjectName: a String up to 100 characters (e.g., jsmith). Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
- eventType: a String up to 100 characters (e.g., AuthenticationDeniedEvent). Allowed operators: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
- subject: Restrict events to the UUID of a specific subject. Allowed operator: EQUALS.
If you provide more than one search attribute, they are joined with an AND condition.
The orderByAttribute supports these attribute names: eventTime, outcome, category, entityName, entityType, entityAction, resourceName, sourceIp, subjectName.
The results will only include audit events with data in the orderByAttribute selected. If ordering by entityName, entityType, or entityAction, then AUTHENTICATION events will not be returned.
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| search_parms | SearchParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
siem_audit_event_page_using_post
AuditEventPage siem_audit_event_page_using_post(search_parms)
Lists a page of audit events (SIEM)
Returns audit events for the provided search parameters in ascending order always. Caller requires the REPORTS:VIEW permission.The following searchByAttributes are supported:
- startTime: a mandatory String value representing an ISO-8601 date in UTC time (e.g., 2018-08-04T18:15:30). Allowed operators are: GREATER_THAN_OR_EQUAL.
- endTime: a String value representing an ISO-8601 date in UTC time (e.g., 2018-08-31T18:15:30). Allowed operators are: LESS_THAN_OR_EQUAL.
- outcome: SUCCESS or FAIL. Allowed operator: EQUALS.
- category: AUTHENTICATION or MANAGEMENT. Allowed operator: EQUALS.
If you provide more than one search attribute, they are joined with an AND condition.
The orderByAttribute is not used even if provided. Results are returned in ascending order always (oldest to newest event)
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| search_parms | SearchParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |