Configuring Event Reports
Last updated
Last updated
Configuring Event Reports is available through the Agent’s REST API (accessible from http://localhost:5000/swagger).
To view the current Event Reports configuration, send a GET request to /settings/reports/file-event-report:
By default, Event Reports use the following settings:
enabled: false
Time zone: UTC
Reporting time: 08:00 AM
To get the list of available time zones, send a GET request to /settings/timezones:
Listed time zones include offset, which accounts for daylight saving time.
You can enable Event Reports and set the time zone using a PUT request to /settings/reports/file-event-report:
To view the current list of included paths for Event Reports, send a GET request to /settings/reports/file-event-report/included-paths:
This endpoint returns a list of paths that are currently included in the Event Reports. Each path in this list is checked against the excluded paths to determine if it should be included in the report.
To add a new path to the list of included paths, send a POST request to /settings/reports/file-event-report/included-paths:
To remove a path from the list of included paths, send a DELETE request to /settings/reports/file-event-report/included-paths/{id}:
Replace {id} with the identifier of the path you want to remove. You can obtain this identifier from the response of the GET request to view included paths.
Attention! Be specific with your paths to avoid unintentional exclusions. For example, including /var/foo and excluding /var/foo/bar will include /var/foo/baz.txt but exclude /var/foo/bar/other1/test.bin.
To add new Event Reports reporting time, send a POST request to /settings/reports/file-event-report/hours with the time in HH:MM:SS format.
You can remove reporting hours using a DELETE request to /settings/reports/file-event-report/hours with the time you want to remove in HH:MM:SS format.
Success
Success
No content
Path to include
Username for which the path should be included in file event reports