Configuring Event Reports
Configuring Event Reports is available through the Agent’s REST API (accessible from http://localhost:5000/swagger).
Viewing Event Reports configuration
To view the current Event Reports configuration, send a GET request to /settings/reports/file-event-report:
GET /settings/reports/file-event-report HTTP/1.1
Host:
Authorization: Basic username:password
api-version: text
Accept: */*
Success
{
"enabled": true,
"scheduledHours": [
"04:02:50"
]
}By default, Event Reports use the following settings:
enabled:falseTime zone: UTC
Reporting time: 08:00 AM
Listing time zones
To get the list of available time zones, send a GET request to /settings/timezones:
GET /settings/timezone HTTP/1.1
Host:
Authorization: Basic username:password
api-version: text
Accept: */*
Current timezone configuration
{
"timeZone": {
"id": "text",
"offset": "text"
}
}Listed time zones include offset, which accounts for daylight saving time.
Modifying Event Reports configuration
You can enable Event Reports and set the time zone using a PUT request to /settings/reports/file-event-report:
PUT /settings/reports/file-event-report HTTP/1.1
Host:
Authorization: Basic username:password
api-version: text
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 16
{
"enabled": true
}{
"enabled": true,
"scheduledHours": [
"04:02:50"
]
}Managing Included Paths for Event Reports
To view the current list of included paths for Event Reports, send a GET request to /settings/reports/file-event-report/included-paths:
GET /settings/reports/file-event-report/included-paths HTTP/1.1
Host:
Authorization: Basic username:password
api-version: text
Accept: */*
Success
[
{
"id": "123e4567-e89b-12d3-a456-426614174000",
"path": "text",
"user": "text"
}
]This endpoint returns a list of paths that are currently included in the Event Reports. Each path in this list is checked against the excluded paths to determine if it should be included in the report.
Adding Included Paths
To add a new path to the list of included paths, send a POST request to /settings/reports/file-event-report/included-paths:
Path to include
Username for which the path should be included in file event reports
POST /settings/reports/file-event-report/included-paths HTTP/1.1
Host:
Authorization: Basic username:password
api-version: text
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 29
{
"path": "text",
"user": "text"
}{
"id": "123e4567-e89b-12d3-a456-426614174000",
"path": "text",
"user": "text"
}Deleting Included Paths
To remove a path from the list of included paths, send a DELETE request to /settings/reports/file-event-report/included-paths/{id}:
DELETE /settings/reports/file-event-report/included-paths/{id} HTTP/1.1
Host:
Authorization: Basic username:password
api-version: text
Accept: */*
No content
Replace {id} with the identifier of the path you want to remove. You can obtain this identifier from the response of the GET request to view included paths.
Attention! Be specific with your paths to avoid unintentional exclusions. For example, including /var/foo and excluding /var/foo/bar will include /var/foo/baz.txt but exclude /var/foo/bar/other1/test.bin.
Adding Event Reports reporting hours
To add new Event Reports reporting time, send a POST request to /settings/reports/file-event-report/hours with the time in HH:MM:SS format.
POST /settings/reports/file-event-report/hours HTTP/1.1
Host:
Authorization: Basic username:password
api-version: text
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 19
{
"hour": "04:02:50"
}{
"enabled": true,
"scheduledHours": [
"04:02:50"
]
}Deleting Event Reports reporting hours
You can remove reporting hours using a DELETE request to /settings/reports/file-event-report/hours with the time you want to remove in HH:MM:SS format.
DELETE /settings/reports/file-event-report/hours HTTP/1.1
Host:
Authorization: Basic username:password
api-version: text
Accept: */*
{
"enabled": true,
"scheduledHours": [
"04:02:50"
]
}Last updated