Hi,
I am looking for retrieving user information from the REST API azure file share event's JSON object.
The required user details can be found using the Requestor/UPN value.
Reference link: documentation for Azure Files monitoring data reference
But while getting the REST API azure file share event's JSON object , I am not getting the Requestor/UPN value. So, What is the way to get Requestor/UPN parameter value in my event details? How to do that?
I have given the sample event details which I got for create file share event:
Create REST API event:
{
"time": "2023-01-19T06:43:07.2821147Z",
"resourceId": "XXXXX",
"category": "StorageWrite",
"operationName": "CreateFile",
"operationVersion": "2015-02-21",
"schemaVersion": "1.0",
"statusCode": 201,
"statusText": "Success",
"durationMs": 76,
"callerIpAddress": "XXXXX",
"correlationId": "XXXXX",
"identity": {
"type": "SAS",
"tokenHash": "key1(XXXXX),SasSignature(XXXXX)"
},
"location": "East US",
"properties": {
"accountName": "testaccount",
"userAgentHeader": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36",
"referrerHeader": "XXXXX",
"clientRequestId": "XXXXX",
"etag": "XXXXX",
"serviceType": "file",
"objectKey": "/testaccount",
"lastModifiedTime": "1/19/2023 6:43:07 AM",
"metricResponseType": "Success",
"serverLatencyMs": 66,
"requestHeaderSize": 932,
"responseHeaderSize": 330,
"tlsVersion": "TLS 1.2",
"accessTier": "TransactionOptimized"
},
"uri": "XXXXX",
"protocol": "HTTPS",
"resourceType": "Microsoft.Storage/storageAccounts/fileServices"
}