审计 API 中的 createdOndate 和 userName 筛选器示例
创建一个筛选器,可检索指定日期范围内的用户(在 userName 字段中具有特定值)的审核日志条目。
userName
字段中具有值“john,doe”的用户的登录尝试失败。请求正文:
{
"sort": [
{
"field": "createdOn",
"direction": "desc"
}
],
"filter": {
"operator": "and",
"operands": [
{
"operator": "gt",
"field": "createdOn",
"value": "2020-12-01T00:00:00.001Z"
},
{
"operator": "lt",
"field": "createdOn",
"value": "2020-12-31T23:59:59.999Z"
},
{
"operator": "eq",
"field": "status",
"value": "Unsuccessful"
},
{
"operator": "substring",
"field": "activityType",
"value": "LOGIN"
},
{
"operator": "substring",
"field": "userName",
"value": "john,doe"
}
]
},
"page": {
"length": "1000",
"offset": "0"
}
}
此请求从此 Control Room 日志条目中的 731,148,339 个条目中确定了三个审核日志条目。
响应正文:
{
"page": {
"offset": 0,
"total": 731148339,
"totalFilter": 3
},
"list": [
{
"id": "kLjB8G4BFXSpOOjiomK1",
"eventDescription": "User does not exist in Control Room.",
"activityType": "LOGIN",
"environmentName": "",
"hostName": "50.xxx.xxx.xx",
"userName": "john,doe@mycompany.com",
"status": "Unsuccessful",
"source": "Control Room",
"objectName": "N/A",
"detail": "",
"createdOn": "2020-12-10T17:00:52Z",
"requestId": "3c0f8e47-5820-43e8-b2b3-83b2f1cb86c9",
"createdBy": "0"
},
{
"id": "SLjB8G4BFXSpOOjikl5i",
"eventDescription": "User does not exist in Control Room.",
"activityType": "LOGIN",
"environmentName": "",
"hostName": "50.xxx.xxx.xx",
"userName": "john,doe@mycompany.com",
"status": "Unsuccessful",
"source": "Control Room",
"objectName": "N/A",
"detail": "",
"createdOn": "2020-12-10T17:00:48Z",
"requestId": "eba3e5a7-0034-440a-a786-110a84fea7c9",
"createdBy": "0"
},
{
"id": "7bjB8G4BFXSpOOjicEGO",
"eventDescription": "User does not exist in Control Room.",
"activityType": "LOGIN",
"environmentName": "",
"hostName": "50.xxx.xxx.xx",
"userName": "john,doe",
"status": "Unsuccessful",
"source": "Control Room",
"objectName": "N/A",
"detail": "",
"createdOn": "2020-12-10T17:00:39Z",
"requestId": "64184450-aad5-4024-bcf5-491fb5276d0c",
"createdBy": "0"
}
]
}
REST API 用 HTTP 响应代码响应每个请求。
有关响应代码,请参阅 API 响应代码。