auditGetMessage (Command)

Mis à jour le 20 Dec 2024
4 Minutes à lire

Partager
Sombre
Lumière
PDF

The content is currently unavailable in French. You are viewing the default English version.

Résumé de l’article

Avez-vous trouvé ce résumé utile ?

Merci pour vos commentaires

The auditGetMessage command queries a single audit record from the audit log.

Parameters

Table: auditGetMessage input parameters (SOAP administration)
Parameter name	Data type	Description
sessionID	String	Required. The session identifier of the current administrative session. The logon command returns this identifier after a successful logon (see logon (Command)).
timestamp	String	Required. The date and time (1/300 second precision) when the audit message was recorded. Format: YYYY-MM-DDThh:mm:ss.SSSZ
AMID	String	Required. The audit message identifier.

Table: auditGetMessage output parameters (SOAP administration)
Parameter name	Data type	Description
errorStack	ErrorStack	Optional. The error stack, indicating that the command has not completed successfully.
resultCodes	ResultCodes	Required. The result and status codes returned by the command.
auditMessage	AuditMessage	Optional. The respective audit message details (see Table: AuditMessage (Data type)).

AuditMessage (Data type)

Table: AuditMessage (Data type)
Element name	Data type	Description
timestamp	String	The date and time (1/300 second precision) when the audit message was recorded.
AMID	String	The audit message identifier. Cannot be null (NotNullStringType).
source	String	The string representation of the source of the audit message. Example: Identikey Server Cannot be null (NotNullStringType).
type	String	The audit message type (code).
code	String	The audit message code. Cannot be null (NotNullStringType).
description	String	The description of the audit message. Cannot be null (NotNullStringType).
category	String	The category of the audit message. Cannot be null (NotNullStringType).
auditLocation	String	The location of the source of the audit message. Typically an IP address or host name.
clientLocation	String	The location of the client (only if the client is not the source of the audit message).
clientType	String	The client component type.
serialNumber	String	The serial number of the authenticator.
policyID	String	The identifier of the policy that handled the request.
reason	String	A short description of the reason for a failure.
action	String	The intended action to take for a received request. Examples: Ignore, Process
applicationName	String	The authenticator application name.
area	String	The functional area where the audit message was recorded. Example: Active Directory search
auditVersion	Unsigned Integer	The revision of the auditing format.
backendAuthentication	String	The back-end authentication protocol ID or None if back-end authentication was not used.
characteristics	String	A space-separated list of keywords indicating characteristics of interest. Example (in case of a connection attempt): SSL TCP IPv6
command	String	The name of the AAL3 command.
configurationDetails	String	A breakdown of the configuration settings.
credentials	String	The credentials that were presented for the connection/authentication attempt. Examples: Password, None
dataSourceLocation	String	The location of the data source, for instance the path and file name when the data source type is File.
dataSourceType	String	The type of the data source. Examples: File, Registry
deliveryDestination	String	The destination of a message delivered via MDC.
deliveryMethod	String	The method used to deliver a message via MDC.
domain	String	The domain name. In case of an administrative command, this is usually the domain of the administrator. The domain of the targeted user is stored in targetDomain.
downtime	Unsigned Integer	The duration (in minutes) of the downtime.
dpType	String	The authenticator type, e.g. Digipass 300.
epochCertificate	String	The epoch certificate.
epochID	String	The identifier of the current epoch.
epochSequenceNumber	Unsigned Integer	The sequence number of the audit message within the current epoch.
epochVersion	String	The revision of the secure auditing format.
errorCode	Integer	The error code for the audit message.
errorMessage	String	The string representation of the error code.
errorDetails	String	The full dump of the error stack.
expirationDate	Date Time	The expiration date related to the audit message subject. Example: Grace period expiration date
fieldsDetails	String	Either All Fields or a list of fields returned by the query.
fromLocation	String	The source location for a particular process, e.g. when an object is moved.
infoMessage	String	The message returned by an external component. Example: MDC
inputDetails	String	A breakdown of the request parameters and/or attributes.
ipAddress	String	The IP address of the client related to this audit message (only if the client is not the source of the audit message). This field is usually set only if clientLocation is specified.
localAuthentication	Boolean	Indicates whether local authentication was performed or not.
mobileNumber	String	The mobile phone number to which a message is sent via MDC.
object	String	The name of an AAL3 object related to a query or command.
offlineDataDetails	String	The offline data details.
offlineStateData	String	The offline state data.
operation	String	The operation being attempted/processed when the audit message was recorded.
outcome	String	The outcome of an attempted action. Examples: Success, Failure, Challenge
outputDetails	String	A breakdown of the response parameters and/or attributes.
requestType	String	The type of packet. Examples (in case of RADIUS protocol): Access-Request, Access-Accept
passwordProtocol	String	The password encoding. Examples: PAP, CHAP, EAP-MD5, MS-CHAP1, MS-CHAP2
protocol	String	The identifier of the communication protocol used.
quota	Integer	The value of a quota related to the audit message subject, e.g. remaining BVDP uses.
radiusInputOctets	Unsigned Long Integer	The Acct-Input-Octets from the RADIUS accounting packet.
radiusOutputOctets	Unsigned Long Integer	The Acct-Output-Octets from the RADIUS accounting packet.
radiusProfile	String	The RADIUS profile used.
radiusStatusType	String	The Acct-Status-Type field from the RADIUS accounting packet. Typically indicates begin or end of an accounting session.
requestID	Integer	The request identifier, e.g. the RADIUS packet ID.
serverLocation	String	The location of the server. Typically an IP address or host name.
sessionID	String	The session identifier.
sessionTime	Unsigned Integer	The duration (in seconds) of the session.
signature	String	The cryptographic signature of the audit message.
startTime	DateTime	The authenticator start time set by various commands, e.g. DIGIPASSCMD_ASSIGN.
targetDomain	String	The domain of the user targeted by an administrative command.
targetUserID	String	The user ID of the user targeted by an administrative command.
taskDescription	String	The description of the task.
taskExecutionTime	String	The (human-readable) string representation of the time it took to complete the task.
taskID	String	The task identifier.
taskResult	String	The result of a task.
toLocation	String	The destination location for a particular process, e.g. if an object is moved.
userLink	String	The user ID of the user account linked to this user account (user linking).
userLocation	String	The location (IP address) of the user's client device, e.g. the RADIUS calling-station-ID or the HTTP browser/client address.
userID	String	The user's identifier. When it refers to a user account, the exact user ID. In case of an administrative command, this is usually an administrator. The targeted user is stored in targetUserID.
version	String	The string representation of the OneSpan Authentication Server version.

Example

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xop="http://www.w3.org/2004/08/xop/include" xmlns:AUDIT-TYPES="http://www.vasco.com/IdentikeyServer/IdentikeyTypes/AuditTypes.xsd" xmlns:ADMIN-SCENARIO="http://www.vasco.com/IdentikeyServer/Scenarios/Administration" xmlns:ADMIN-TYPES="http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Administration" ...>
  <soapenv:Header/>
  <soapenv:Body>
    <ADMIN-TYPES:auditGetMessageResponse xsi:type="AUDIT-TYPES:AuditGetMessageResponse">
      <resultCodes xsi:type="BASIC-TYPES:ResultCodes">
        <returnCodeEnum>RET_SUCCESS</returnCodeEnum>
        <statusCodeEnum>STAT_SUCCESS</statusCodeEnum>
        <returnCode>0</returnCode>
        <statusCode>0</statusCode>
      </resultCodes>
      <errorStack xsi:type="BASIC-TYPES:ErrorStack"/>
      <auditMessage xsi:type="AUDIT-TYPES:AuditMessage">
        <timestamp>2015-03-15dT12:47:21.123Z</timestamp>
        <AMID>fakeamid</AMID>
        <source>File</source>
        <type>Type</type>
        <code>1001</code>
        <description>Test Description</description>
        <category>Database</category>
      </auditMessage>
    </ADMIN-TYPES:auditGetMessageResponse>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Requirements

Required administrative privileges:

View Audit Information

Additional references

For more information about audit messages and auditing in general, refer to the OneSpan Authentication Server Product Guide, Section "Auditing and Tracing".

Cet article vous a-t-il été utile ?

What's Next

digipassActivityQuery (Command)

Table des matières

Parameters
Example
Requirements
Additional references