Event Log Schema¶
This section describes the schema of the event log.
Sample Code¶
{
"userIdentity": {
"userId": "u15420087818641",
"userName": "db001",
"type": "userAccount",
"accessKey": null,
"sessionContext": {
"id": "IAM_S_e6huGLv6FMUW7KCNYZ28zuPML7Uwzg8d",
"creationDate": "2018-11-20 10:04:20",
"mfaAuthenticated": false
}
},
"organizationId": "yourOrgId",
"sourceIpAddress": "172.20.17.248",
"eventTime": "2018-11-20 10:04:20",
"eventId": "signInSelectOrganization15427082605511",
"eventName": "signInSelectOrganization",
"eventType": "consoleAction",
"eventVersion": "V1.0",
"resources": [
{
"resourceId": "u15420087818641",
"resourceName": "db001",
"resourceType": "user"
},
{
"resourceId": "o15420087814661",
"resourceName": "db001",
"resourceType": "organization"
}
],
"serviceName": "IAM-Service",
"requestId": null,
"requestParameters": "{\"sessionId\":\"IAM_S_e6huGLv6FMUW7KCNYZ28zuPML7Uwzg8d\",\"workingOrganizationId\":\"o15420087814661\",\"organizationId\":\"o15420087814661\"}",
"apiVersion": null,
"errorCode": null,
"errorMsg": null
}
Property Descriptions¶
userIdentity: The information of the actor of this event.
type: The account type of this user.
userId: The unique identifier of the user.
userName: The username of the user.
sessionContext: The session information of this event. A session is created when the user starts to perform operations in the EnOS Management Console. A session has the following information:
id: The unique identifier of this session.
creationDate: The date and time when the session is created.
mfAuthentication: Indicates whether MFA is enabled when the user logged in to the EnOS Management Console.
organizationId: The organization ID.
sourceIpAddress: The source IP address of the API request. If the API request is sent from the EnOS Management Console, the source IP address is the IP address of the user’s browser.
eventTime: The timestamp of the API request, in UTC format.
eventId: The unique identifier of the event that is generated by the auditing service.
eventName: The action of the event. For more information on events, see List of Events.
eventType: The category of the event. For example, ConsoleSignIn, ConsoleSignOut, ApiCall, etc.
eventVersion: The version of the event format.
resource: The resource that the action is performed on.
resourceId: The identifier of the resource.
resourceName: The name of the resource.
resourceType: The type of the resource. For example, Policy, User, UserGroup, etc.
serviceName: The service that the API belongs to. For example, IAM.
requestId: The identifier of the API request.
requestParameters: The input parameters of the API request.
apiVersion: The version of the invoked API.
responseElements: The response message. For example, action succeeded or failed.
errorCode: The error code of the API request.
errorMessage: The error message that is returned for the API request.
List of Events¶
The values returned for eventName are listed as follows.
Event Name |
Action |
---|---|
consoleSignIn |
Log in to the EnOS Management Console. |
consoleSignOut |
Log out from the EnOS Management Console. |
signInSelectOrganization |
Select an organization when logged in to the EnOS Management Console. |
createUser |
Create a user. |
deleteUser |
Delete a user. |
resetUserPassword |
User password is reset by the OU administration. |
modifyUserPassword |
Password is modified by the account owner. |
retrieveUserPassword |
User password is retrieved by the account owner. |
setUserAccountStatus |
Enable or disable the user account by the OU administration. |
addExternalUser |
Import an external user. |
removeExternalUser |
Remove an external user. |
createGroup |
Create a user group. |
deleteGroup |
Delete a user group. |
addUserToGroup |
Add a user to a group. |
removeUserFromGroup |
Remove a user from a group. |
createPolicy |
Create a policy. |
deletePolicy |
Delete a policy. |
appendResource |
Attach services to a policy. |
revokeResource |
Revoke services from a policy. |
grantPolicy |
Associate a policy to a user or a group. |
removePolicy |
Remove a policy from a user or a group. |
createFirmware |
Upload a firmware. |
deleteFirmware |
Delete a firmware |
updateFirmware |
Update a firmware. |
createVerificationJob |
Create a firmware verification job. |
deleteVerificationJob |
Delete a firmware verification job. |
updateVerificationJob |
Update a firmware verification job. |
updateUpgradeJob |
Update a firmware upgrade job. |
createUpgradeJob |
Create a firmware upgrade job. |
deleteUpgradeJob |
Delete a firmware upgrade job. |
startVerificationJob |
Start a firmware verification job. |
stopVerificationJob |
Stop a firmware verification job. |
startUpgradeJob |
Start a firmware upgrade job. |
stopUpgradeJob |
Stop a firmware upgrade job. |
cancelOTATask |
Cancel an OTA task. |
retryOTATask |
Retry an OTA task. |