Skip to content

Commit 4f0d66a

Browse files
author
Aleks Mashanski
committed
Fixed api/postdata/activityrecords
1 parent 0ed2dce commit 4f0d66a

File tree

1 file changed

+120
-10
lines changed

1 file changed

+120
-10
lines changed

docs/auditor/10.7/api/postdata/activityrecords.md

Lines changed: 120 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,68 @@ In Netwrix terms, one operable chunk of information is called the Activity Recor
1010
Integration API processes both XML and JSON Activity Records. The Activity Records have the format
1111
similar to the following—the exact schema depends on operation (input or output).
1212

13-
| Format | Example |
14-
| ------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
15-
| XML | `<?xml version="1.0" encoding="UTF-8" ?> `````` <ActivityRecordList xmlns="http://schemas.netwrix.com/api/v1/activity_records/"> `````` <ActivityRecord> `````` <Who>Who</Who> `````` <ObjectType>Object Type</ObjectType> `````` <Action>Action</Action> `````` <What>What</What> `````` <When>When</When> `````` <Where>Where</Where> `````` <MonitoringPlan> `````` <ID>Unique ID</ID> `````` <Name>Name</Name> `````` </MonitoringPlan> `````` <DataSource>Data source</DataSource> `````` <Item> `````` <Name>Item name (Item type)</Name> `````` </Item> `````` <DetailList> `````` <Detail> `````` <Before>Before Value</Before> `````` <After>After Value</After> `````` <PropertyName>Property</PropertyName> `````` <Message>Text</Message> `````` </Detail> `````` </DetailList> `````` </ActivityRecord> `````` <ActivityRecord>...</ActivityRecord> `````` </ActivityRecordList>` |
16-
| JSON | `[ `````` { `````` "Action": "Action", `````` "MonitoringPlan": { `````` "ID": "Unique ID", `````` "Name": "Name" `````` }, `````` "DataSource": "Data source", `````` "Item": {"Name": "Item name (Item type)"}, `````` "DetailList": [ `````` { `````` "Before": "Before Value", `````` "After": "After Value", `````` "PropertyName": "Property", `````` "Message": "Text" `````` } `````` ], `````` "ObjectType": "Object Type", `````` "What": "What", `````` "When": "When", `````` "Where": "Where", `````` "Who": "Who" `````` }, `````` {...} `````` ]` |
13+
**XML:**
14+
```xml
15+
<?xml version="1.0" encoding="UTF-8" ?>
16+
<ActivityRecordList xmlns="http://schemas.netwrix.com/api/v1/activity_records/">
17+
<ActivityRecord>
18+
<Who>Who</Who>
19+
<ObjectType>Object Type</ObjectType>
20+
<Action>Action</Action>
21+
<What>What</What>
22+
<When>When</When>
23+
<Where>Where</Where>
24+
<MonitoringPlan>
25+
<ID>Unique ID</ID>
26+
<Name>Name</Name>
27+
</MonitoringPlan>
28+
<DataSource>Data source</DataSource>
29+
<Item>
30+
<Name>Item name (Item type)</Name>
31+
</Item>
32+
<DetailList>
33+
<Detail>
34+
<Before>Before Value</Before>
35+
<After>After Value</After>
36+
<PropertyName>Property</PropertyName>
37+
<Message>Text</Message>
38+
</Detail>
39+
</DetailList>
40+
</ActivityRecord>
41+
<ActivityRecord>...</ActivityRecord>
42+
</ActivityRecordList>
43+
```
44+
45+
**JSON:**
46+
```json
47+
[
48+
{
49+
"Action": "Action",
50+
"MonitoringPlan": {
51+
"ID": "Unique ID",
52+
"Name": "Name"
53+
},
54+
"DataSource": "Data source",
55+
"Item": {
56+
"Name": "Item name (Item type)"
57+
},
58+
"DetailList": [
59+
{
60+
"Before": "Before Value",
61+
"After": "After Value",
62+
"PropertyName": "Property",
63+
"Message": "Text"
64+
}
65+
],
66+
"ObjectType": "Object Type",
67+
"What": "What",
68+
"When": "When",
69+
"Where": "Where",
70+
"Who": "Who"
71+
},
72+
{...}
73+
]
74+
```
1775

1876
To feed data from a custom audit source to Netwrix Auditor, send a POST request containing Activity
1977
Records. [Write Activity Records](/docs/auditor/10.7/api/writeactivityrecords.md)
@@ -33,9 +91,61 @@ by Netwrix Auditor before further data parsing.
3391

3492
The examples below show an output Activity Record.
3593

36-
| |
37-
| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
38-
| XML |
39-
| `<?xml version="1.0" encoding="UTF-8" ?> `````` <ActivityRecordList xmlns="http://schemas.netwrix.com/api/v1/activity_records/"> `````` <ActivityRecord> `````` <Action>Modified</Action> `````` <MonitoringPlan> `````` <ID>{42F64379-163E-4A43-A9C5-4514C5A23798}</ID> `````` <Name>Compliance</Name> `````` </MonitoringPlan> `````` <DataSource>Exchange Online</DataSource> `````` <Item> `````` <Name>[email protected] (Office 365 tenant)</Name> `````` </Item> `````` <ObjectType>Mailbox</ObjectType> `````` <What>Shared Mailbox</What> `````` <When>2017-03-17T09:37:11Z</When> `````` <Where>BLUPR05MB1940</Where> `````` <Who>[email protected]</Who> `````` <DetailList> `````` <Detail> `````` <Before>1</Before> `````` <After>2</After> `````` <PropertyName>Custom_attribute</PropertyName> `````` </Detail> `````` </DetailList> `````` </ActivityRecord> `````` </ActivityRecordList>` |
40-
| JSON |
41-
| `[ `````` { `````` "Action": "Modified", `````` "MonitoringPlan": { `````` "ID": "{42F64379-163E-4A43-A9C5-4514C5A23798}", `````` "Name": "Compliance" `````` }, `````` "DataSource": "Exchange Online", `````` "Item": {"Name": "[email protected] (Office 365 tenant)"}, `````` "ObjectType": "Mailbox", `````` "What": "Shared Mailbox", `````` "When": "2017-03-17T09:37:11Z", `````` "Where": "BLUPR05MB1940", `````` "Who": "[email protected]", `````` "DetailList": [ `````` { `````` "PropertyName": "Custom_Attribute", `````` "Before": "1", `````` "After": "2" `````` } `````` ] `````` } `````` ]` |
94+
**XML:**
95+
```xml
96+
<?xml version="1.0" encoding="UTF-8" ?>
97+
<ActivityRecordList xmlns="http://schemas.netwrix.com/api/v1/activity_records/">
98+
<ActivityRecord>
99+
<Action>Modified</Action>
100+
<MonitoringPlan>
101+
<ID>{42F64379-163E-4A43-A9C5-4514C5A23798}</ID>
102+
<Name>Compliance</Name>
103+
</MonitoringPlan>
104+
<DataSource>Exchange Online</DataSource>
105+
<Item>
106+
<Name>[email protected] (Office 365 tenant)</Name>
107+
</Item>
108+
<ObjectType>Mailbox</ObjectType>
109+
<What>Shared Mailbox</What>
110+
<When>2017-03-17T09:37:11Z</When>
111+
<Where>BLUPR05MB1940</Where>
112+
<Who>[email protected]</Who>
113+
<DetailList>
114+
<Detail>
115+
<Before>1</Before>
116+
<After>2</After>
117+
<PropertyName>Custom_attribute</PropertyName>
118+
</Detail>
119+
</DetailList>
120+
</ActivityRecord>
121+
</ActivityRecordList>
122+
```
123+
124+
**JSON:**
125+
```json
126+
[
127+
{
128+
"Action": "Modified",
129+
"MonitoringPlan": {
130+
"ID": "{42F64379-163E-4A43-A9C5-4514C5A23798}",
131+
"Name": "Compliance"
132+
},
133+
"DataSource": "Exchange Online",
134+
"Item": {
135+
"Name": "[email protected] (Office 365 tenant)"
136+
},
137+
"ObjectType": "Mailbox",
138+
"What": "Shared Mailbox",
139+
"When": "2017-03-17T09:37:11Z",
140+
"Where": "BLUPR05MB1940",
141+
"Who": "[email protected]",
142+
"DetailList": [
143+
{
144+
"PropertyName": "Custom_Attribute",
145+
"Before": "1",
146+
"After": "2"
147+
}
148+
]
149+
}
150+
]
151+
```

0 commit comments

Comments
 (0)