Get Logs 3.1

API version

3.1

Last Update

04/13/2021

Authentication

YES

HTTP Method

POST

Content Type

application/json

Rate limited

YES

Requests per rate limit

10/min

Response Format

JSON

MetaAccess records events on your accounts. There are 3 types of event logs: admin event logs, device event logs and webhook event logs. To retrieve event logs on your account, you can use this API. You can set filters in parameters to filter event logs you concern.

API URL

https://gears.opswat.com/o/api/v3.1/logs

Request Parameters

Key

Datatype

Parameter Type

Required

Description

Default

access_token

string

URL

Yes

access token which archived from OAuth authentication step

 

category

string

Body

Yes

Values can be:

  • device

  • admin

  • webhook

 

limit

int

Body

Optional

Specific maximum number of event logs will be returned in the response. The value should be in [1,50]. If there are more event logs than what the limit asks for, error code will be 406.

Event logs in response is ordered by date.

20

page

int

Body

Optional

Specific page number which event logs will be returned in. If the requested page exceeds the number of pages of event logs, error code will be 413. It means that the requested page number is too large, no devices will be returned in this case.

1

start_date

long

Body

Optional

Specific the start date for the query duration. Starting date of the query. Format: Unix epoch time in milliseconds

 

end_date

long

Body

Optional

Specific the end date for the query duration. Format: Unix epoch time in milliseconds

 

age

int

Body

Optional

Specify age of the information in seconds. Maximum value is 86400 (1 day)

For example: if you want to query event logs in last 5 minutes, you need to pass age as 300.

 

filter

object

Body

Optional

Specify filter criteria

 

filter.events

string

Body

Optional

Specify which events you want to retrieve.

Values for category admin can be:

  • cac_change: an admin changed CAC configuration

  • config: an admin changed configuration

  • failed_auth:

  • login: an admin loggin to portal

  • rev_mobile_code: an admin revoke mobile code

  • submit_ticket: an admin submmited a ticket

  • whitelist:

Values for category device can be:

  • access_granted

  • access_revoked

  • added: events when a device is added

  • added_duplicate_mac

  • compliance_check

  • compliant: events when a device becomes/changes status to COMPLIANT

  • deleted: events when a device is deleted by Admin

  • deleted_user: events when a device is uninstalled by remote users on endpoints

  • exempt_all

  • fetch_log

  • noncompliant: events when a device becomes/changes status to NON-COMPLIANT

  • scan_threat

  • unexempt

  • unseen: events when a device is deleted by Lost Devices feature (a device is unseen for a long time)

Values for category webhook can be:

  • added

  • deleted

  • status_changed_to_compliant

  • status_changed_to_exempted

  • status_changed_to_non_compliant

 

filter.agent_types

string

Body

Optional

Only valid for category device. For filter event logs by agent type.

Values can be:

  • 0: metaaccess agent

  • 2: dc agent

 

filter.search

string

Body

Optional

Search by device name, device id

 

Response HTTP Code

See 4.1.2. OAuth APIs


Response Parameters for category admin:

Key

DataType

Description

timestamp

string

timestamp when the event log occurs

event

string

Event text

log

string

Detail about event

admin_name

string

Name

admin_email

string

Email

Response Parameters for category device:

Key

DataType

Description

timestamp

string

timestamp when the event log occurs

log

string

Detail about event

device_id

string

Device id of the device which the event occurred on

device_name

string

Device name which the event occurred on

device_user

string

User which the event occurred on

Response Parameters for category webhook:

Key

DataType

Description

timestamp

string

timestamp when the event log occurs

log

string

Detail about event

device_id

string

Device id of the device which the event occurred on

device_name

string

Device name which the event occurred on

response_code

string

Response code from calling webhoook API

response_body

string

Response body from calling webhoook API


Example

Example Request

https://gears.opswat.com/o/api/v3.1/logs?access_token=TEST7P9ZMJ2LBF8AMOMJLFNPMMLO953AVQ4C9YFF52R61234
{
"filter": {
events: ["added","added_duplicate_mac","compliance_check","compliant","deleted","deleted_user"]
},
"start_date": 1617662410591,
"end_date": 1618267210591,
"page": 1,
"limit" : 30,
"category": "device"
}


Example Response

{
{
"timestamp": "2021-04-12T07:58:57Z",
"log": "Changes status to COMPLIANT. A policy this device is assigned to was changed as a result of an admin action or an API call",
"device_name": "WET9-D3S89",
"device_id": "Rose0403202001",
"device_user": "tuoi.dinh"
},
{
"timestamp": "2021-04-12T07:58:57Z",
"log": "Changes status to COMPLIANT. A policy this device is assigned to was changed as a result of an admin action or an API call",
"device_name": "TD10-C6828",
"device_id": "mac100701",
"device_user": "tuoi.dinh"
}
}

History

Version

URL

v3.0

Logs 2.0