Ruft die Aktivitätsprotokolle für den Mandanten ab. Alles, was für die API zum Abrufen der Aktivitätsprotokolle für das Abonnement gilt, gilt für diese API (parameter, $filter usw.). Hier ist zu beachten, dass diese API nicht die Protokolle im einzelnen Abonnement des Mandanten abruft, sondern nur die Protokolle, die auf Mandantenebene generiert wurden.
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01
With optional parameters:
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter={$filter}&$select={$select}
URI-Parameter
Name
In
Erforderlich
Typ
Beschreibung
api-version
query
True
string
Hierbei handelt es sich um die für diesen Vorgang zu verwendende API-Version.
$filter
query
string
Reduziert den gesammelten Datensatz. Die $filter ist sehr eingeschränkt und lässt nur die folgenden Muster zu. - Auflisten von Ereignissen für eine Ressourcengruppe: $filter=eventTimestamp ge '' und eventTimestamp le '' und eventChannels eq 'Admin, Operation' und resourceGroupName eq ''. - Auflisten von Ereignissen für Ressource: $filter=eventTimestamp ge '' und eventTimestamp le '' und eventChannels eq 'Admin, Operation' und resourceUri eq ''. - Auflisten von Ereignissen für ein Abonnement: $filter=eventTimestamp ge '' und eventTimestamp le '' und eventChannels eq 'Admin, Operation'. - Auflisten von Ereignissen für einen Ressourcenanbieter: $filter=eventTimestamp ge '' und eventTimestamp le '' und eventChannels eq 'Admin, Operation' und resourceProvider eq ''. - Listenereignisse für eine Korrelations-ID: api-version=2014-04-01&$filter=eventTimestamp ge '2014-07-16T04:36:37.64078 98Z' und eventTimestamp le '2014-07-20T04:36:37.6407898Z' und eventChannels eq 'Admin, Operation' und correlationId eq ''. HINWEIS: Es ist keine andere Syntax zulässig.
$select
query
string
Wird verwendet, um Ereignisse nur mit den angegebenen Eigenschaften abzurufen. Das $select-Argument ist eine durch Trennzeichen getrennte Liste von Eigenschaftennamen, die zurückgegeben werden sollen. Mögliche Werte sind: authorization, claims, correlationId, description, eventDataId, eventName, eventTimestamp, httpRequest, level, operationId, operationName, properties, resourceGroupName, resourceProviderName, resourceId, status, submissionTimestamp, subStatus, subscriptionId
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'
import com.azure.core.util.Context;
/** Samples for TenantActivityLogs List. */
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFiltered.json
*/
/**
* Sample code: Get Tenant Activity Logs with filter.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getTenantActivityLogsWithFilter(com.azure.resourcemanager.AzureResourceManager azure) {
azure
.diagnosticSettings()
.manager()
.serviceClient()
.getTenantActivityLogs()
.list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and"
+ " resourceGroupName eq 'MSSupportGroup'",
null,
Context.NONE);
}
}
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
*
* @summary Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFiltered.json
*/
async function getTenantActivityLogsWithFilter() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const options = { filter };
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.tenantActivityLogs.list(options)) {
resArray.push(item);
}
console.log(resArray);
}
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFiltered.json
// this example is just showing the usage of "TenantActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this TenantResource created on azure
// for more information of creating TenantResource, please refer to the document of TenantResource
var tenantResource = client.GetTenants().GetAllAsync().GetAsyncEnumerator().Current;
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
await foreach (EventDataInfo item in tenantResource.GetTenantActivityLogsAsync(filter: filter))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'&$select=eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level
import com.azure.core.util.Context;
/** Samples for TenantActivityLogs List. */
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFilteredAndSelected.json
*/
/**
* Sample code: Get Tenant Activity Logs with filter and select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getTenantActivityLogsWithFilterAndSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure
.diagnosticSettings()
.manager()
.serviceClient()
.getTenantActivityLogs()
.list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and"
+ " resourceGroupName eq 'MSSupportGroup'",
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level",
Context.NONE);
}
}
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
*
* @summary Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFilteredAndSelected.json
*/
async function getTenantActivityLogsWithFilterAndSelect() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const select =
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
const options = { filter, select };
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.tenantActivityLogs.list(options)) {
resArray.push(item);
}
console.log(resArray);
}
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFilteredAndSelected.json
// this example is just showing the usage of "TenantActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this TenantResource created on azure
// for more information of creating TenantResource, please refer to the document of TenantResource
var tenantResource = client.GetTenants().GetAllAsync().GetAsyncEnumerator().Current;
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
string select = "eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
await foreach (EventDataInfo item in tenantResource.GetTenantActivityLogsAsync(filter: filter, select: select))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$select=eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level
import com.azure.core.util.Context;
/** Samples for TenantActivityLogs List. */
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsSelected.json
*/
/**
* Sample code: Get Tenant Activity Logs with select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getTenantActivityLogsWithSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure
.diagnosticSettings()
.manager()
.serviceClient()
.getTenantActivityLogs()
.list(
null,
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level",
Context.NONE);
}
}
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
*
* @summary Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsSelected.json
*/
async function getTenantActivityLogsWithSelect() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const select =
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
const options = { select };
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.tenantActivityLogs.list(options)) {
resArray.push(item);
}
console.log(resArray);
}
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsSelected.json
// this example is just showing the usage of "TenantActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this TenantResource created on azure
// for more information of creating TenantResource, please refer to the document of TenantResource
var tenantResource = client.GetTenants().GetAllAsync().GetAsyncEnumerator().Current;
// invoke the operation and iterate over the result
string select = "eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
await foreach (EventDataInfo item in tenantResource.GetTenantActivityLogsAsync(select: select))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01
import com.azure.core.util.Context;
/** Samples for TenantActivityLogs List. */
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsNoParams.json
*/
/**
* Sample code: Get Tenant Activity Logs without filter or select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getTenantActivityLogsWithoutFilterOrSelect(
com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getTenantActivityLogs().list(null, null, Context.NONE);
}
}
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
*
* @summary Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsNoParams.json
*/
async function getTenantActivityLogsWithoutFilterOrSelect() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "00000000-0000-0000-0000-000000000000";
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.tenantActivityLogs.list()) {
resArray.push(item);
}
console.log(resArray);
}
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsNoParams.json
// this example is just showing the usage of "TenantActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this TenantResource created on azure
// for more information of creating TenantResource, please refer to the document of TenantResource
var tenantResource = client.GetTenants().GetAllAsync().GetAsyncEnumerator().Current;
// invoke the operation and iterate over the result
await foreach (EventDataInfo item in tenantResource.GetTenantActivityLogsAsync())
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
die Autorisierung, die vom Benutzer verwendet wird, der den Vorgang ausgeführt hat, der zu diesem Ereignis geführt hat. Dadurch werden die RBAC-Eigenschaften des Ereignisses erfasst. Dazu gehören in der Regel die "Aktion", "Rolle" und der "Bereich".
ErrorResponse
Beschreibt das Format der Fehlerantwort.
Name
Typ
Beschreibung
code
string
Fehlercode
message
string
Eine Fehlermeldung, die angibt, warum der Vorgang fehlgeschlagen ist.
EventData
Die Azure-Ereignisprotokolleinträge sind vom Typ EventData.
Schlüsselwertpaare zum Identifizieren von ARM-Berechtigungen.
correlationId
string
die Korrelations-ID, in der Regel eine GUID im Zeichenfolgenformat. Die Korrelations-ID wird für die Ereignisse freigegeben, die zum gleichen Uber-Vorgang gehören.
description
string
Die Beschreibung des Ereignisses.
eventDataId
string
die Ereignisdaten-ID. Dies ist ein eindeutiger Bezeichner für ein Ereignis.
der Ereignisname. Dieser Wert sollte nicht mit OperationName verwechselt werden. Aus praktischen Gründen kann OperationName für Endbenutzer attraktiver sein.
eventTimestamp
string
der Zeitstempel des Zeitpunkts, zu dem das Ereignis vom Azure-Dienst generiert wurde, der die Anforderung verarbeitet, die dem Ereignis entspricht. Es im ISO 8601-Format.
die HTTP-Anforderungsinformationen. Umfasst in der Regel die "clientRequestId", "clientIpAddress" (IP-Adresse des Benutzers, der das Ereignis initiiert hat) und "method" (HTTP-Methode z. B. PUT).
id
string
die ID dieses Ereignisses, wie von ARM für RBAC erforderlich. Sie enthält die EventDataID und eine Zeitstempelinformation.
Es handelt sich in der Regel um eine GUID, die für die Ereignisse freigegeben wird, die einem einzelnen Vorgang entsprechen. Dieser Wert sollte nicht mit EventName verwechselt werden.
der Ereignisunterteil status. Die meiste Zeit erfasst dies den HTTP-status Code des REST-Aufrufs. Allgemeine Werte sind: OK (HTTP-Statuscode: 200), Erstellt (HTTP-Statuscode: 201), Akzeptiert (HTTP-Statuscode: 202), No Content (HTTP-Statuscode: 204), Bad Request(HTTP-Statuscode: 400)), Nicht gefunden (HTTP-Statuscode: 404), Konflikt (HTTP-Statuscode: 409), Interner Serverfehler (HTTP-Statuscode: 500), Dienst nicht verfügbar (HTTP-Statuscode:503), Gatewaytimeout (HTTP-Statuscode: 504)
submissionTimestamp
string
der Zeitstempel, zu dem das Ereignis für Abfragen über diese API verfügbar wurde. Es ist im ISO 8601-Format. Dieser Wert sollte nicht verwechselt werden eventTimestamp. Es kann zu einer Verzögerung zwischen dem Zeitpunkt des Auftretens des Ereignisses und dem Zeitpunkt der Übermittlung des Ereignisses an die Azure-Protokollierungsinfrastruktur kommen.
subscriptionId
string
Die Azure-Abonnement-ID ist in der Regel eine GUID.
tenantId
string
Die Azure-Mandanten-ID
EventDataCollection
Stellt die Auflistung von Ereignissen dar.
Name
Typ
Beschreibung
nextLink
string
Stellt den Link zum Abrufen der nächsten Ereignismenge bereit.
diese Liste, die die Azure-Überwachungsprotokolle enthält.
EventLevel
die Ereignisebene
Name
Typ
Beschreibung
Critical
string
Error
string
Informational
string
Verbose
string
Warning
string
HttpRequestInfo
Die HTTP-Anforderungsinformationen.
Name
Typ
Beschreibung
clientIpAddress
string
die Client-IP-Adresse
clientRequestId
string
die Clientanforderungs-ID.
method
string
die HTTP-Anforderungsmethode.
uri
string
der URI.
LocalizableString
Die lokalisierbare Zeichenfolgenklasse.
Name
Typ
Beschreibung
localizedValue
string
der gebietsschemaspezifische Wert.
value
string
der invariante Wert.
SenderAuthorization
die Autorisierung, die vom Benutzer verwendet wird, der den Vorgang ausgeführt hat, der zu diesem Ereignis geführt hat. Dadurch werden die RBAC-Eigenschaften des Ereignisses erfasst. Dazu gehören in der Regel die "Aktion", "Rolle" und der "Bereich".
Name
Typ
Beschreibung
action
string
die zulässigen Handlungen. Für instance: microsoft.support/supporttickets/write
role
string
die Rolle des Benutzers. Für instance: Abonnement-Admin