Poskytuje seznam záznamů z protokolů aktivit.
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter={$filter}
With optional parameters:
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter={$filter}&$select={$select}
Parametry identifikátoru URI
| Name |
V |
Vyžadováno |
Typ |
Description |
|
subscriptionId
|
path |
True
|
string
|
ID cílového předplatného.
|
|
$filter
|
query |
True
|
string
|
Snižuje množství shromážděných dat.
Tento argument je povinný a také vyžaduje alespoň počáteční datum a čas.
Argument $filter je velmi omezený a umožňuje pouze následující vzory.
- Výpis událostí pro skupinu prostředků: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' and eventTimestamp le '2014-07-20T04:36:37.6407898Z' and resourceGroupName eq 'resourceGroupName'.
- Seznam událostí pro prostředek: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' and eventTimestamp le '2014-07-20T04:36:37.6407898Z' and resourceUri eq 'resourceURI'.
- Vypište události pro odběr v časovém rozsahu: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' a eventTimestamp le '2014-07-20T04:36:37.6407898Z'.
- Výpis událostí pro poskytovatele prostředků: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' and eventTimestamp le '2014-07-20T04:36:37.6407898Z' and resourceProvider eq 'resourceProviderName'.
- Výpis událostí pro ID korelace: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' and eventTimestamp le '2014-07-20T04:36:37.6407898Z' and correlationId eq 'correlationID'.
POZNÁMKA: Není povolena žádná jiná syntaxe.
|
|
api-version
|
query |
True
|
string
|
Verze rozhraní API, která se má použít pro tuto operaci.
|
|
$select
|
query |
|
string
|
Slouží k načtení událostí pouze s danými vlastnostmi.
Argument $select je seznam názvů vlastností oddělených čárkami, které se mají vrátit. Možné hodnoty jsou: authorization, claims, correlationId, description, eventDataId, eventName, eventTimestamp, httpRequest, level, operationId, operationName, properties, resourceGroupName, resourceProviderName, resourceId, status, submissionTimestamp, subStatus, subscriptionId.
|
Odpovědi
| Name |
Typ |
Description |
|
200 OK
|
EventDataCollection
|
Úspěšný požadavek na získání stránky událostí v protokolech aktivit
|
|
Other Status Codes
|
ErrorResponse
|
Chybová odpověď popisující, proč operace selhala.
|
Zabezpečení
azure_auth
Tok Azure Active Directory OAuth2
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name |
Description |
|
user_impersonation
|
zosobnění uživatelského účtu
|
Příklady
Get Activity Logs with filter
Sample Request
GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'
/**
* Samples for ActivityLogs List.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
*/
/**
* Sample code: Get Activity Logs with filter.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getActivityLogsWithFilter(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getActivityLogs().list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
null, com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
func ExampleActivityLogsClient_NewListPager_getActivityLogsWithFilter() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewActivityLogsClient().NewListPager("eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'", &armmonitor.ActivityLogsClientListOptions{Select: nil})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// OperationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// Description: to.Ptr(""),
// Authorization: &armmonitor.SenderAuthorization{
// Action: to.Ptr("microsoft.support/supporttickets/write"),
// Role: to.Ptr("Subscription Admin"),
// Scope: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"),
// },
// Caller: to.Ptr("admin@contoso.com"),
// Claims: map[string]*string{
// "name": to.Ptr("John Smith"),
// "appid": to.Ptr("c44b4083-3bq0-49c1-b47d-974e53cbdf3c"),
// "appidacr": to.Ptr("2"),
// "aud": to.Ptr("https://management.core.windows.net/"),
// "exp": to.Ptr("1421880271"),
// "groups": to.Ptr("cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c"),
// "http://schemas.microsoft.com/claims/authnclassreference": to.Ptr("1"),
// "http://schemas.microsoft.com/claims/authnmethodsreferences": to.Ptr("pwd"),
// "http://schemas.microsoft.com/identity/claims/objectidentifier": to.Ptr("2468adf0-8211-44e3-95xq-85137af64708"),
// "http://schemas.microsoft.com/identity/claims/scope": to.Ptr("user_impersonation"),
// "http://schemas.microsoft.com/identity/claims/tenantid": to.Ptr("1e8d8218-c5e7-4578-9acc-9abbd5d23315"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": to.Ptr("John"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": to.Ptr("admin@contoso.com"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": to.Ptr("9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": to.Ptr("Smith"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": to.Ptr("admin@contoso.com"),
// "iat": to.Ptr("1421876371"),
// "iss": to.Ptr("https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/"),
// "nbf": to.Ptr("1421876371"),
// "puid": to.Ptr("20030000801A118C"),
// "ver": to.Ptr("1.0"),
// },
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventDataID: to.Ptr("44ade6b4-3813-45e6-ae27-7420a95fa2f8"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// HTTPRequest: &armmonitor.HTTPRequestInfo{
// Method: to.Ptr("PUT"),
// ClientIPAddress: to.Ptr("192.168.35.115"),
// ClientRequestID: to.Ptr("27003b25-91d3-418f-8eb1-29e537dcb249"),
// },
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// Properties: map[string]*string{
// "statusCode": to.Ptr("Created"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubStatus: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Created (HTTP Status Code: 201)"),
// Value: to.Ptr("Created"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// SubscriptionID: to.Ptr("089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Provides the list of records from the activity logs.
*
* @summary Provides the list of records from the activity logs.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
*/
async function getActivityLogsWithFilter() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.activityLogs.list(filter)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using System.Xml;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
using Azure.ResourceManager.Resources;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
// this example is just showing the usage of "ActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SubscriptionResource created on azure
// for more information of creating SubscriptionResource, please refer to the document of SubscriptionResource
string subscriptionId = "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
ResourceIdentifier subscriptionResourceId = SubscriptionResource.CreateResourceIdentifier(subscriptionId);
SubscriptionResource subscriptionResource = client.GetSubscriptionResource(subscriptionResourceId);
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
await foreach (EventDataInfo item in subscriptionResource.GetActivityLogsAsync(filter))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
az monitor activity-log list --start-time 2018-07-01 --offset 7d
Click here to learn more about the Azure CLI command.
Sample Response
{
"value": [
{
"authorization": {
"action": "microsoft.support/supporttickets/write",
"role": "Subscription Admin",
"scope": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"
},
"caller": "admin@contoso.com",
"claims": {
"aud": "https://management.core.windows.net/",
"iss": "https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/",
"iat": "1421876371",
"nbf": "1421876371",
"exp": "1421880271",
"ver": "1.0",
"http://schemas.microsoft.com/identity/claims/tenantid": "1e8d8218-c5e7-4578-9acc-9abbd5d23315",
"http://schemas.microsoft.com/claims/authnmethodsreferences": "pwd",
"http://schemas.microsoft.com/identity/claims/objectidentifier": "2468adf0-8211-44e3-95xq-85137af64708",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "admin@contoso.com",
"puid": "20030000801A118C",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": "John",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": "Smith",
"name": "John Smith",
"groups": "cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "admin@contoso.com",
"appid": "c44b4083-3bq0-49c1-b47d-974e53cbdf3c",
"appidacr": "2",
"http://schemas.microsoft.com/identity/claims/scope": "user_impersonation",
"http://schemas.microsoft.com/claims/authnclassreference": "1"
},
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"description": "",
"eventDataId": "44ade6b4-3813-45e6-ae27-7420a95fa2f8",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"httpRequest": {
"clientRequestId": "27003b25-91d3-418f-8eb1-29e537dcb249",
"clientIpAddress": "192.168.35.115",
"method": "PUT"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"level": "Informational",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"properties": {
"statusCode": "Created"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"subStatus": {
"value": "Created",
"localizedValue": "Created (HTTP Status Code: 201)"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"subscriptionId": "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Get Activity Logs with filter and select
Sample Request
GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'&$select=eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level
/**
* Samples for ActivityLogs List.
*/
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetActivityLogsFilteredAndSelected.json
*/
/**
* Sample code: Get Activity Logs with filter and select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getActivityLogsWithFilterAndSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getActivityLogs().list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level",
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
func ExampleActivityLogsClient_NewListPager_getActivityLogsWithFilterAndSelect() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewActivityLogsClient().NewListPager("eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'", &armmonitor.ActivityLogsClientListOptions{Select: to.Ptr("eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level")})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Provides the list of records from the activity logs.
*
* @summary Provides the list of records from the activity logs.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
*/
async function getActivityLogsWithFilterAndSelect() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const select =
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
const options = { select };
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.activityLogs.list(filter, options)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using System.Xml;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
using Azure.ResourceManager.Resources;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
// this example is just showing the usage of "ActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SubscriptionResource created on azure
// for more information of creating SubscriptionResource, please refer to the document of SubscriptionResource
string subscriptionId = "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
ResourceIdentifier subscriptionResourceId = SubscriptionResource.CreateResourceIdentifier(subscriptionId);
SubscriptionResource subscriptionResource = client.GetSubscriptionResource(subscriptionResourceId);
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
string select = "eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
await foreach (EventDataInfo item in subscriptionResource.GetActivityLogsAsync(filter, select: select))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
az monitor activity-log list --start-time 2018-07-01 --offset 7d
Click here to learn more about the Azure CLI command.
Sample Response
{
"value": [
{
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"level": "Informational"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Definice
ErrorResponse
Popisuje formát chybové odpovědi.
| Name |
Typ |
Description |
|
code
|
string
|
Kód chyby
|
|
message
|
string
|
Chybová zpráva s informacemi o tom, proč operace selhala.
|
EventData
Položky protokolu událostí Azure jsou typu EventData.
| Name |
Typ |
Description |
|
authorization
|
SenderAuthorization
|
Autorizační informace odesílatele.
|
|
caller
|
string
|
e-mailovou adresu uživatele, který operaci provedl, deklaraci hlavního názvu uživatele (UPN) nebo deklaraci identity hlavního názvu služby (SPN) na základě dostupnosti.
|
|
category
|
LocalizableString
|
kategorie události.
|
|
claims
|
object
|
páry hodnot klíčů k identifikaci oprávnění ARM.
|
|
correlationId
|
string
|
ID korelace, obvykle identifikátor GUID ve formátu řetězce. ID korelace se sdílí mezi událostmi, které patří ke stejné operaci uberu.
|
|
description
|
string
|
popis události.
|
|
eventDataId
|
string
|
ID dat události. Jedná se o jedinečný identifikátor události.
|
|
eventName
|
LocalizableString
|
název události. Tato hodnota by se neměla zaměňovat s názvem OperationName. Z praktických důvodů může být OperationName pro koncové uživatele přitažlivější.
|
|
eventTimestamp
|
string
|
časové razítko, kdy událost vygenerovala služba Azure zpracovávající požadavek odpovídající události. Je ve formátu ISO 8601.
|
|
httpRequest
|
HttpRequestInfo
|
informace o požadavku HTTP. Obvykle zahrnuje clientRequestId, clientIpAddress (IP adresu uživatele, který událost inicioval) a metodu (metoda HTTP, například PUT).
|
|
id
|
string
|
ID této události podle požadavků ARM pro RBAC. Obsahuje ID eventdata a informace o časovém razítku.
|
|
level
|
EventLevel
|
úroveň události
|
|
operationId
|
string
|
Obvykle se jedná o identifikátor GUID sdílený mezi událostmi odpovídajícími jedné operaci. Tato hodnota by se neměla zaměňovat s EventName.
|
|
operationName
|
LocalizableString
|
název operace.
|
|
properties
|
object
|
sada párů <Klíč, Hodnota> (obvykle řetězec slovníku<, řetězec>), která obsahuje podrobnosti o události.
|
|
resourceGroupName
|
string
|
název skupiny prostředků ovlivněného prostředku.
|
|
resourceId
|
string
|
identifikátor URI prostředku, který jednoznačně identifikuje prostředek, který způsobil tuto událost.
|
|
resourceProviderName
|
LocalizableString
|
název poskytovatele prostředků ovlivněného prostředku.
|
|
resourceType
|
LocalizableString
|
typ prostředku
|
|
status
|
LocalizableString
|
Řetězec popisující stav operace. Mezi typické hodnoty patří: Spuštěno, Probíhá, Úspěšné, Neúspěšné, Vyřešeno.
|
|
subStatus
|
LocalizableString
|
dílčí stav události. Většinou se při zahrnutí zachytí stavový kód HTTP volání REST. Běžné hodnoty jsou: OK (stavový kód HTTP: 200), Vytvořeno (stavový kód HTTP: 201), Přijato (Stavový kód HTTP: 202), Žádný obsah (Stavový kód HTTP: 204), Chybný požadavek(Stavový kód HTTP: 400 ), Nenalezena (stavový kód HTTP: 404), konflikt (stavový kód HTTP: 409), vnitřní chyba serveru (stavový kód HTTP: 500), nedostupná služba (stavový kód HTTP: 503), vypršení časového limitu brány (stavový kód HTTP: 504)
|
|
submissionTimestamp
|
string
|
časové razítko, kdy byla událost dostupná pro dotazování prostřednictvím tohoto rozhraní API. Je ve formátu ISO 8601. Tato hodnota by neměla být zaměňována eventTimestamp. Protože mezi časem výskytu události a časem odeslání události do infrastruktury protokolování Azure může dojít ke zpoždění.
|
|
subscriptionId
|
string
|
ID předplatného Azure obvykle identifikátor GUID.
|
|
tenantId
|
string
|
ID tenanta Azure
|
EventDataCollection
Představuje kolekci událostí.
| Name |
Typ |
Description |
|
nextLink
|
string
|
Poskytuje odkaz pro načtení další sady událostí.
|
|
value
|
EventData[]
|
tento seznam obsahuje protokoly auditu Azure.
|
EventLevel
úroveň události
| Name |
Typ |
Description |
|
Critical
|
string
|
|
|
Error
|
string
|
|
|
Informational
|
string
|
|
|
Verbose
|
string
|
|
|
Warning
|
string
|
|
HttpRequestInfo
Informace o požadavku HTTP.
| Name |
Typ |
Description |
|
clientIpAddress
|
string
|
IP adresa klienta
|
|
clientRequestId
|
string
|
ID požadavku klienta.
|
|
method
|
string
|
metodu požadavku HTTP.
|
|
uri
|
string
|
identifikátor URI.
|
LocalizableString
Lokalizovatelný řetězec třídy.
| Name |
Typ |
Description |
|
localizedValue
|
string
|
hodnota specifická pro národní prostředí.
|
|
value
|
string
|
invariantní hodnota.
|
SenderAuthorization
autorizaci použitou uživatelem, který provedl operaci, která vedla k této události. Tím se zachytí vlastnosti RBAC události. Mezi ně obvykle patří akce, role a rozsah.
| Name |
Typ |
Description |
|
action
|
string
|
přípustné akce. Například: microsoft.support/supporttickets/write
|
|
role
|
string
|
roli uživatele. Příklad: Správa předplatného
|
|
scope
|
string
|
rozsah.
|