The /eventlog/list endpoint allows you to retrieve the list of
current security events that occurred on your account, including remote connections by users,
modification changes, etc.
Request
curl -X POST \
'https://cloud.vadesecure.com/rest/v3.0/eventlog/list' \
-H 'x-vrc-authorization: LOGIN:TOKEN' \
-H 'Content-type: application/json' \
--data '{
"accountId": your_accountID,
"pageSize": 10,
"pageToGet": 0
}'; echo
- x-vrc-authorization - Required
- string
- The authorization token that must be passed to the request for authorization.
- The header value is the concatenation of:
-
authHeader = LOGIN:TOKEN
-
- Accept
- application/json
- accountId - Required
- integer
- Defines the unique Account ID the request should be applied to. This corresponds to
the Account ID that was retrieved following the steps described in Retrieve Auth token and accountID.
- pageSize - Required
- integer
- For pagination purpose, pageSize indicates the number of events
to return in a single page of results. pageSize range must be
within 0 to 100.
- pageToGet - Required
- integer
- For pagination purpose, pageToGet indicates the number of the
page to retrieve. The number of pages available is returned in the response.
- startDate
- integer
- The date the search should start on, provided as a milliseconds timestamp.
- endDate
- integer
- The date the search should end on, provided as a milliseconds timestamp.
- eventCategory
- string
- Return events matching the provided category; one of:
- SESSIONS: Information about session opening
- DOMAINS contains operations such as:
- Add, update or delete user domain
- Add, update or delete invalid domains
- Add Inbound or Outbound domain relay
- SMTP check failures
- Disclaimers & Terms of use approval
- ACCOUNTS contains operations such as:
- Add, update or delete exception rules
- Customization changes (graphics, reports, etc.)
- Account creation (clients, users, etc.)
- Add, update or delete subscription
- Add, update or delete system settings
- Customer expiration information
- Add Black and white rules
- Add, update or delete LDAP information
- Error during release note update
- Update or delete domain relay
Response
200
OK
application/json
- The response body contains a JSON blob which can be parsed to retrieve the
Account ID.
400
Error
application/json
- In case an error occurred, a 400 error is returned along with a JSON object
containing a description of the error, typically:
{"error": "error description"}
401
Unauthorized
application/json
- There was a problem authenticating your request.
- logs
- array
- The logs array contains the list of events, provided as JSON
objects. Each object provides details about each event.
- account
- object
-
- id
- integer
- The ID of the user that performed the request for this event.
- login
- string
- The Client account the operation was performed on.
- date
- integer
- Date (provided as milliseconds timestamp) that the current event
occurred.
- event
- string
- A detailed description of the event that occurred. The events may include one
of the following:
-
- create quarantine account...
- Update Domain Relay: Account: ...
- Delete Domain Relay
- Add Domain Relay
- Update LDAP: server_host from ...
- level
- string
- The criticity level of the event that occurred. Can be one of
INFORMATION,
WARNING, ERROR,
FATAL, SECURITY or
UNKNOWN.
- availablePages
- integer
- The total number of pages available using this paginated results, which depends on
the number of events you requested per page.
- currentPage
- integer
- The current page number you are viewing.
{
"availablePages": 17,
"currentPage": 0,
"logs": [
{
"account": {
"id": 12345678,
"login": "VRC00000n"
},
"date": 1615805419801,
"event": "Add BlackAndWhite Rule: Quarantine VRC00000n- Value: @domain.fr - Type: BLACK",
"level": "INFORMATION"
},
...
]
}