Audit API 中的 createdOndate 和用戶名過濾器示例
爲 用戶名 字段中具有特定值的用戶創建檢索指定日期範圍的審計日誌條目的過濾器。
了用戶名字段中值爲 "john,doe" (從 2020 年 12月 1 日至 2020 年 12月 31 日)的用戶登錄嘗試失敗。請求主體:
{
"sort": [
{
"field": "createdOn",
"direction": "desc"
}
],
"filter": {
"operator": "and",
"operands": [
{
"operator": "gt",
"field": "createdOn",
"value": "2020-12-01T00:00:00.001Z"
},
{
"operator": "lt",
"field": "createdOn",
"value": "2020-12-31T23:59:59.999Z"
},
{
"operator": "eq",
"field": "status",
"value": "Unsuccessful"
},
{
"operator": "substring",
"field": "activityType",
"value": "LOGIN"
},
{
"operator": "substring",
"field": "userName",
"value": "john,doe"
}
]
},
"page": {
"length": "1000",
"offset": "0"
}
}
這 請求從該 Control Room 日誌條目中的 731,148.339 個條目中確定了三個審計日誌條目。
響應主體:
{
"page": {
"offset": 0,
"total": 731148339,
"totalFilter": 3
},
"list": [
{
"id": "kLjB8G4BFXSpOOjiomK1",
"eventDescription": "User does not exist in Control Room.",
"activityType": "LOGIN",
"environmentName": "",
"hostName": "50.xxx.xxx.xx",
"userName": "john,doe@mycompany.com",
"status": "Unsuccessful",
"source": "Control Room",
"objectName": "N/A",
"detail": "",
"createdOn": "2020-12-10T17:00:52Z",
"requestId": "3c0f8e47-5820-43e8-b2b3-83b2f1cb86c9",
"createdBy": "0"
},
{
"id": "SLjB8G4BFXSpOOjikl5i",
"eventDescription": "User does not exist in Control Room.",
"activityType": "LOGIN",
"environmentName": "",
"hostName": "50.xxx.xxx.xx",
"userName": "john,doe@mycompany.com",
"status": "Unsuccessful",
"source": "Control Room",
"objectName": "N/A",
"detail": "",
"createdOn": "2020-12-10T17:00:48Z",
"requestId": "eba3e5a7-0034-440a-a786-110a84fea7c9",
"createdBy": "0"
},
{
"id": "7bjB8G4BFXSpOOjicEGO",
"eventDescription": "User does not exist in Control Room.",
"activityType": "LOGIN",
"environmentName": "",
"hostName": "50.xxx.xxx.xx",
"userName": "john,doe",
"status": "Unsuccessful",
"source": "Control Room",
"objectName": "N/A",
"detail": "",
"createdOn": "2020-12-10T17:00:39Z",
"requestId": "64184450-aad5-4024-bcf5-491fb5276d0c",
"createdBy": "0"
}
]
}
REST API 會以 HTTP 回應碼回應每個要求。 有關響應代碼,請參閱 API 回應碼。