Event Log Schema¶
This section describes the schema of the event log.
Sample Code¶
{
"userIdentity": {
"userId": "u15420087818641",
"userName": "db001",
"type": "userAccount",
"accessKey": null,
"sessionContext": {
"id": "IAM_S_e6huGLv6FMUW7KCNYZ28zuPML7Uwzg8d",
"creationDate": "2018-11-20 10:04:20",
"mfaAuthenticated": false
}
},
"organizationId": "yourOrgId",
"sourceIpAddress": "172.20.17.248",
"eventTime": "2018-11-20 10:04:20",
"eventId": "signInSelectOrganization15427082605511",
"eventName": "signInSelectOrganization",
"eventType": "consoleAction",
"eventVersion": "V1.0",
"resources": [
{
"resourceId": "u15420087818641",
"resourceName": "db001",
"resourceType": "user"
},
{
"resourceId": "o15420087814661",
"resourceName": "db001",
"resourceType": "organization"
}
],
"serviceName": "IAM-Service",
"requestId": null,
"requestParameters": "{\"sessionId\":\"IAM_S_e6huGLv6FMUW7KCNYZ28zuPML7Uwzg8d\",\"workingOrganizationId\":\"o15420087814661\",\"organizationId\":\"o15420087814661\"}",
"apiVersion": null,
"errorCode": null,
"errorMsg": null
}
Property Descriptions¶
- userIdentity: The information of the actor of this event.
- type: The account type of this user.
- userId: The unique identifier of the user.
- userName: The username of the user.
- sessionContext: The session information of this event. A session is created when the user starts to perform operations in EnOS Management Console. A session has the following information:
- id: The unique identifier of this session.
- creationDate: The date and time when the session is created.
- mfAuthentication: Indicates whether MFA is enabled when the user logged in to EnOS Management Console.
- organizationId: The organization ID.
- sourceIpAddress: The source IP address of the API request. If the API request is sent from EnOS Management Console, the source IP address is the IP address of the user’s browser.
- eventTime: The timestamp of the API request, in UTC format.
- eventId: The unique identifier of the event that is generated by the auditing service.
- eventName: The action of the event. For more information on events, see List of Events.
- eventType: The category of the event. For example, ConsoleSignIn, ConsoleSignOut, ApiCall, etc.
- eventVersion: The version of the event format.
- resource: The resource that the action is performed on.
- resourceId: The identifier of the resource.
- resourceName: The name of the resource.
- resourceType: The type of the resource. For example, Policy, User, UserGroup, etc.
- serviceName: The service that the API belongs to. For example, IAM.
- requestId: The identifier of the API request.
- requestParameters: The input parameters of the API request.
- apiVersion: The version of the invoked API.
- responseElements: The response message. For example, action succeeded or failed.
- errorCode: The error code of the API request.
- errorMessage: The error message that is returned for the API request.
List of Events¶
The values returned for eventName are listed as follows.
Event Name | Action |
---|---|
consoleSignIn | Log in to EnOS Management Console. |
consoleSignOut | Log out from EnOS Management Console. |
signInSelectOrganization | Select an organization when logged in to EnOS Management Console. |
createUser | Create a user. |
deleteUser | Delete a user. |
resetUserPassword | User password is reset by the OU administration. |
modifyUserPassword | Password is modified by the account owner. |
retrieveUserPassword | User password is retrieved by the account owner. |
setUserAccountStatus | Enable or disable the user account by the OU administration. |
addExternalUser | Import an external user. |
removeExternalUser | Remove an external user. |
createGroup | Create a user group. |
deleteGroup | Delete a user group. |
addUserToGroup | Add a user to a group. |
removeUserFromGroup | Remove a user from a group. |
createPolicy | Create a policy. |
deletePolicy | Delete a policy. |
appendResource | Attach services to a policy. |
revokeResource | Revoke services from a policy. |
grantPolicy | Associate a policy to a user or a group. |
removePolicy | Remove a policy from a user or a group. |
createFirmware | Upload a firmware. |
deleteFirmware | Delete a firmware |
updateFirmware | Update a firmware. |
createVerificationJob | Create a firmware verification job. |
deleteVerificationJob | Delete a firmware verification job. |
updateVerificationJob | Update a firmware verification job. |
updateUpgradeJob | Update a firmware upgrade job. |
createUpgradeJob | Create a firmware upgrade job. |
deleteUpgradeJob | Delete a firmware upgrade job. |
startVerificationJob | Start a firmware verification job. |
stopVerificationJob | Stop a firmware verification job. |
startUpgradeJob | Start a firmware upgrade job. |
stopUpgradeJob | Stop a firmware upgrade job. |
cancelOTATask | Cancel an OTA task. |
retryOTATask | Retry an OTA task. |