Obtient les journaux d’activité du locataire.
Tout ce qui est applicable à l’API pour obtenir les journaux d’activité de l’abonnement s’applique à cette API (paramètres, $filter, etc.).
Une chose à signaler ici est que cette API ne récupère pas les journaux au niveau de l’abonnement individuel du locataire, mais ne fait apparaître que les journaux qui ont été générés au niveau du locataire.
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01
With optional parameters:
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter={$filter}&$select={$select}
Paramètres URI
| Nom |
Dans |
Obligatoire |
Type |
Description |
|
api-version
|
query |
True
|
string
|
Version de l’API à utiliser pour cette opération.
|
|
$filter
|
query |
|
string
|
Réduit le jeu de données collectées.
La $filter est très restreinte et autorise uniquement les modèles suivants.
- Répertorier les événements d’un groupe de ressources : $filter=eventTimestamp ge '' et eventTimestamp le '' et eventChannels eq 'Administration, Operation' et resourceGroupName eq ''.
- Répertorier les événements pour la ressource : $filter=eventTimestamp ge '' et eventTimestamp le '' et eventChannels eq 'Administration, Operation' and resourceUri eq ''.
- Répertorier les événements d’un abonnement : $filter=eventTimestamp ge '' et eventTimestamp le '' et eventChannels eq 'Administration, Operation'.
- Répertorier les événements d’un fournisseur de ressources : $filter=eventTimestamp ge '' et eventTimestamp le '' et eventChannels eq 'Administration, Operation' and resourceProvider eq ''.
- Répertorier les événements d’un ID de corrélation : api-version=2014-04-01&$filter=eventTimestamp ge '2014-07-16T04 :36 :37.640789 8Z' et eventTimestamp le '2014-07-20T04 :36 :37.6407898Z' et eventChannels eq 'Administration, Operation' and correlationId eq ''.
REMARQUE : Aucune autre syntaxe n’est autorisée.
|
|
$select
|
query |
|
string
|
Permet d’extraire des événements avec uniquement les propriétés spécifiées.
L’argument $select est une liste de noms de propriétés séparés par des virgules à retourner. Les valeurs possibles sont : authorization, claims, correlationId, description, eventDataId, eventName, eventTimestamp, httpRequest, level, operationId, operationName, properties, resourceGroupName, resourceProviderName, resourceId, status, submissionTimestamp, subStatus, subscriptionId
|
Réponses
| Nom |
Type |
Description |
|
200 OK
|
EventDataCollection
|
Demande d’obtention d’une page d’événements dans les journaux d’activité du locataire
|
|
Other Status Codes
|
ErrorResponse
|
Réponse d’erreur décrivant la raison de l’échec de l’opération.
|
Sécurité
azure_auth
Flux OAuth2 Azure Active Directory
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Nom |
Description |
|
user_impersonation
|
Emprunter l’identité de votre compte d’utilisateur
|
Exemples
Get Tenant Activity Logs with filter
Sample Request
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'
/**
* Samples for TenantActivityLogs List.
*/
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetTenantActivityLogsFiltered.json
*/
/**
* Sample code: Get Tenant Activity Logs with filter.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getTenantActivityLogsWithFilter(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getTenantActivityLogs().list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
null, com.azure.core.util.Context.NONE);
}
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetTenantActivityLogsNoParams.json
*/
/**
* Sample code: Get Tenant Activity Logs without filter or select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
getTenantActivityLogsWithoutFilterOrSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getTenantActivityLogs().list(null, null,
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFiltered.json
func ExampleTenantActivityLogsClient_NewListPager_getTenantActivityLogsWithFilter() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewTenantActivityLogsClient().NewListPager(&armmonitor.TenantActivityLogsClientListOptions{Filter: to.Ptr("eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'"),
Select: nil,
})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// OperationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// Description: to.Ptr(""),
// Authorization: &armmonitor.SenderAuthorization{
// Action: to.Ptr("microsoft.support/supporttickets/write"),
// Role: to.Ptr("Subscription Admin"),
// Scope: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"),
// },
// Caller: to.Ptr("admin@contoso.com"),
// Claims: map[string]*string{
// "name": to.Ptr("John Smith"),
// "appid": to.Ptr("c44b4083-3bq0-49c1-b47d-974e53cbdf3c"),
// "appidacr": to.Ptr("2"),
// "aud": to.Ptr("https://management.core.windows.net/"),
// "exp": to.Ptr("1421880271"),
// "groups": to.Ptr("cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c"),
// "http://schemas.microsoft.com/claims/authnclassreference": to.Ptr("1"),
// "http://schemas.microsoft.com/claims/authnmethodsreferences": to.Ptr("pwd"),
// "http://schemas.microsoft.com/identity/claims/objectidentifier": to.Ptr("2468adf0-8211-44e3-95xq-85137af64708"),
// "http://schemas.microsoft.com/identity/claims/scope": to.Ptr("user_impersonation"),
// "http://schemas.microsoft.com/identity/claims/tenantid": to.Ptr("1e8d8218-c5e7-4578-9acc-9abbd5d23315"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": to.Ptr("John"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": to.Ptr("admin@contoso.com"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": to.Ptr("9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": to.Ptr("Smith"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": to.Ptr("admin@contoso.com"),
// "iat": to.Ptr("1421876371"),
// "iss": to.Ptr("https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/"),
// "nbf": to.Ptr("1421876371"),
// "puid": to.Ptr("20030000801A118C"),
// "ver": to.Ptr("1.0"),
// },
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventDataID: to.Ptr("44ade6b4-3813-45e6-ae27-7420a95fa2f8"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// HTTPRequest: &armmonitor.HTTPRequestInfo{
// Method: to.Ptr("PUT"),
// ClientIPAddress: to.Ptr("192.168.35.115"),
// ClientRequestID: to.Ptr("27003b25-91d3-418f-8eb1-29e537dcb249"),
// },
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// Properties: map[string]*string{
// "statusCode": to.Ptr("Created"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubStatus: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Created (HTTP Status Code: 201)"),
// Value: to.Ptr("Created"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// SubscriptionID: to.Ptr("089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
*
* @summary Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFiltered.json
*/
async function getTenantActivityLogsWithFilter() {
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const options = { filter };
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential);
const resArray = new Array();
for await (let item of client.tenantActivityLogs.list(options)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFiltered.json
// this example is just showing the usage of "TenantActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this TenantResource created on azure
// for more information of creating TenantResource, please refer to the document of TenantResource
var tenantResource = client.GetTenants().GetAllAsync().GetAsyncEnumerator().Current;
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
await foreach (EventDataInfo item in tenantResource.GetTenantActivityLogsAsync(filter: filter))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"value": [
{
"authorization": {
"action": "microsoft.support/supporttickets/write",
"role": "Subscription Admin",
"scope": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"
},
"caller": "admin@contoso.com",
"claims": {
"aud": "https://management.core.windows.net/",
"iss": "https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/",
"iat": "1421876371",
"nbf": "1421876371",
"exp": "1421880271",
"ver": "1.0",
"http://schemas.microsoft.com/identity/claims/tenantid": "1e8d8218-c5e7-4578-9acc-9abbd5d23315",
"http://schemas.microsoft.com/claims/authnmethodsreferences": "pwd",
"http://schemas.microsoft.com/identity/claims/objectidentifier": "2468adf0-8211-44e3-95xq-85137af64708",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "admin@contoso.com",
"puid": "20030000801A118C",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": "John",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": "Smith",
"name": "John Smith",
"groups": "cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "admin@contoso.com",
"appid": "c44b4083-3bq0-49c1-b47d-974e53cbdf3c",
"appidacr": "2",
"http://schemas.microsoft.com/identity/claims/scope": "user_impersonation",
"http://schemas.microsoft.com/claims/authnclassreference": "1"
},
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"description": "",
"eventDataId": "44ade6b4-3813-45e6-ae27-7420a95fa2f8",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"httpRequest": {
"clientRequestId": "27003b25-91d3-418f-8eb1-29e537dcb249",
"clientIpAddress": "192.168.35.115",
"method": "PUT"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"level": "Informational",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"properties": {
"statusCode": "Created"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"subStatus": {
"value": "Created",
"localizedValue": "Created (HTTP Status Code: 201)"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"subscriptionId": "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Get Tenant Activity Logs with filter and select
Sample Request
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'&$select=eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level
/**
* Samples for TenantActivityLogs List.
*/
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetTenantActivityLogsFilteredAndSelected.json
*/
/**
* Sample code: Get Tenant Activity Logs with filter and select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getTenantActivityLogsWithFilterAndSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getTenantActivityLogs().list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level",
com.azure.core.util.Context.NONE);
}
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetTenantActivityLogsNoParams.json
*/
/**
* Sample code: Get Tenant Activity Logs without filter or select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
getTenantActivityLogsWithoutFilterOrSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getTenantActivityLogs().list(null, null,
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFilteredAndSelected.json
func ExampleTenantActivityLogsClient_NewListPager_getTenantActivityLogsWithFilterAndSelect() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewTenantActivityLogsClient().NewListPager(&armmonitor.TenantActivityLogsClientListOptions{Filter: to.Ptr("eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'"),
Select: to.Ptr("eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level"),
})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
*
* @summary Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFilteredAndSelected.json
*/
async function getTenantActivityLogsWithFilterAndSelect() {
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const select =
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
const options = { filter, select };
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential);
const resArray = new Array();
for await (let item of client.tenantActivityLogs.list(options)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsFilteredAndSelected.json
// this example is just showing the usage of "TenantActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this TenantResource created on azure
// for more information of creating TenantResource, please refer to the document of TenantResource
var tenantResource = client.GetTenants().GetAllAsync().GetAsyncEnumerator().Current;
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
string select = "eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
await foreach (EventDataInfo item in tenantResource.GetTenantActivityLogsAsync(filter: filter, select: select))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"value": [
{
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"level": "Informational"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Get Tenant Activity Logs with select
Sample Request
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$select=eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level
/**
* Samples for TenantActivityLogs List.
*/
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetTenantActivityLogsSelected.json
*/
/**
* Sample code: Get Tenant Activity Logs with select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getTenantActivityLogsWithSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getTenantActivityLogs().list(null,
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level",
com.azure.core.util.Context.NONE);
}
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetTenantActivityLogsNoParams.json
*/
/**
* Sample code: Get Tenant Activity Logs without filter or select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
getTenantActivityLogsWithoutFilterOrSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getTenantActivityLogs().list(null, null,
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsSelected.json
func ExampleTenantActivityLogsClient_NewListPager_getTenantActivityLogsWithSelect() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewTenantActivityLogsClient().NewListPager(&armmonitor.TenantActivityLogsClientListOptions{Filter: nil,
Select: to.Ptr("eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level"),
})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
*
* @summary Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsSelected.json
*/
async function getTenantActivityLogsWithSelect() {
const select =
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
const options = { select };
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential);
const resArray = new Array();
for await (let item of client.tenantActivityLogs.list(options)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsSelected.json
// this example is just showing the usage of "TenantActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this TenantResource created on azure
// for more information of creating TenantResource, please refer to the document of TenantResource
var tenantResource = client.GetTenants().GetAllAsync().GetAsyncEnumerator().Current;
// invoke the operation and iterate over the result
string select = "eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
await foreach (EventDataInfo item in tenantResource.GetTenantActivityLogsAsync(select: select))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"value": [
{
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"level": "Informational"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Get Tenant Activity Logs without filter or select
Sample Request
GET https://management.azure.com/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01
import com.azure.core.util.Context;
/** Samples for TenantActivityLogs List. */
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetTenantActivityLogsNoParams.json
*/
/**
* Sample code: Get Tenant Activity Logs without filter or select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void
getTenantActivityLogsWithoutFilterOrSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getTenantActivityLogs().list(null, null, Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsNoParams.json
func ExampleTenantActivityLogsClient_NewListPager_getTenantActivityLogsWithoutFilterOrSelect() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewTenantActivityLogsClient().NewListPager(&armmonitor.TenantActivityLogsClientListOptions{Filter: nil,
Select: nil,
})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// OperationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// Description: to.Ptr(""),
// Authorization: &armmonitor.SenderAuthorization{
// Action: to.Ptr("microsoft.support/supporttickets/write"),
// Role: to.Ptr("Subscription Admin"),
// Scope: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"),
// },
// Caller: to.Ptr("admin@contoso.com"),
// Claims: map[string]*string{
// "name": to.Ptr("John Smith"),
// "appid": to.Ptr("c44b4083-3bq0-49c1-b47d-974e53cbdf3c"),
// "appidacr": to.Ptr("2"),
// "aud": to.Ptr("https://management.core.windows.net/"),
// "exp": to.Ptr("1421880271"),
// "groups": to.Ptr("cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c"),
// "http://schemas.microsoft.com/claims/authnclassreference": to.Ptr("1"),
// "http://schemas.microsoft.com/claims/authnmethodsreferences": to.Ptr("pwd"),
// "http://schemas.microsoft.com/identity/claims/objectidentifier": to.Ptr("2468adf0-8211-44e3-95xq-85137af64708"),
// "http://schemas.microsoft.com/identity/claims/scope": to.Ptr("user_impersonation"),
// "http://schemas.microsoft.com/identity/claims/tenantid": to.Ptr("1e8d8218-c5e7-4578-9acc-9abbd5d23315"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": to.Ptr("John"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": to.Ptr("admin@contoso.com"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": to.Ptr("9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": to.Ptr("Smith"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": to.Ptr("admin@contoso.com"),
// "iat": to.Ptr("1421876371"),
// "iss": to.Ptr("https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/"),
// "nbf": to.Ptr("1421876371"),
// "puid": to.Ptr("20030000801A118C"),
// "ver": to.Ptr("1.0"),
// },
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventDataID: to.Ptr("44ade6b4-3813-45e6-ae27-7420a95fa2f8"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// HTTPRequest: &armmonitor.HTTPRequestInfo{
// Method: to.Ptr("PUT"),
// ClientIPAddress: to.Ptr("192.168.35.115"),
// ClientRequestID: to.Ptr("27003b25-91d3-418f-8eb1-29e537dcb249"),
// },
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// Properties: map[string]*string{
// "statusCode": to.Ptr("Created"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubStatus: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Created (HTTP Status Code: 201)"),
// Value: to.Ptr("Created"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// SubscriptionID: to.Ptr("089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
*
* @summary Gets the Activity Logs for the Tenant.<br>Everything that is applicable to the API to get the Activity Logs for the subscription is applicable to this API (the parameters, $filter, etc.).<br>One thing to point out here is that this API does *not* retrieve the logs at the individual subscription of the tenant but only surfaces the logs that were generated at the tenant level.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsNoParams.json
*/
async function getTenantActivityLogsWithoutFilterOrSelect() {
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential);
const resArray = new Array();
for await (let item of client.tenantActivityLogs.list()) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Monitor;
using Azure.ResourceManager.Monitor.Models;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetTenantActivityLogsNoParams.json
// this example is just showing the usage of "TenantActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this TenantResource created on azure
// for more information of creating TenantResource, please refer to the document of TenantResource
var tenantResource = client.GetTenants().GetAllAsync().GetAsyncEnumerator().Current;
// invoke the operation and iterate over the result
await foreach (EventDataInfo item in tenantResource.GetTenantActivityLogsAsync())
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample Response
{
"value": [
{
"authorization": {
"action": "microsoft.support/supporttickets/write",
"role": "Subscription Admin",
"scope": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"
},
"caller": "admin@contoso.com",
"claims": {
"aud": "https://management.core.windows.net/",
"iss": "https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/",
"iat": "1421876371",
"nbf": "1421876371",
"exp": "1421880271",
"ver": "1.0",
"http://schemas.microsoft.com/identity/claims/tenantid": "1e8d8218-c5e7-4578-9acc-9abbd5d23315",
"http://schemas.microsoft.com/claims/authnmethodsreferences": "pwd",
"http://schemas.microsoft.com/identity/claims/objectidentifier": "2468adf0-8211-44e3-95xq-85137af64708",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "admin@contoso.com",
"puid": "20030000801A118C",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": "John",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": "Smith",
"name": "John Smith",
"groups": "cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "admin@contoso.com",
"appid": "c44b4083-3bq0-49c1-b47d-974e53cbdf3c",
"appidacr": "2",
"http://schemas.microsoft.com/identity/claims/scope": "user_impersonation",
"http://schemas.microsoft.com/claims/authnclassreference": "1"
},
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"description": "",
"eventDataId": "44ade6b4-3813-45e6-ae27-7420a95fa2f8",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"httpRequest": {
"clientRequestId": "27003b25-91d3-418f-8eb1-29e537dcb249",
"clientIpAddress": "192.168.35.115",
"method": "PUT"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"level": "Informational",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"properties": {
"statusCode": "Created"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"subStatus": {
"value": "Created",
"localizedValue": "Created (HTTP Status Code: 201)"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"subscriptionId": "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Définitions
| Nom |
Description |
|
ErrorResponse
|
Décrit le format de la réponse d’erreur.
|
|
EventData
|
Les entrées du journal des événements Azure sont de type EventData
|
|
EventDataCollection
|
Représente la collection d’événements.
|
|
EventLevel
|
le niveau de l’événement
|
|
HttpRequestInfo
|
Informations sur la requête HTTP.
|
|
LocalizableString
|
Classe de chaîne localisable.
|
|
SenderAuthorization
|
autorisation utilisée par l’utilisateur qui a effectué l’opération qui a conduit à cet événement. Cela capture les propriétés RBAC de l’événement. Il s’agit généralement de l’action, du rôle et de l’étendue.
|
ErrorResponse
Décrit le format de la réponse d’erreur.
| Nom |
Type |
Description |
|
code
|
string
|
Code d'erreur
|
|
message
|
string
|
Message d’erreur indiquant la raison de l’échec de l’opération.
|
EventData
Les entrées du journal des événements Azure sont de type EventData
| Nom |
Type |
Description |
|
authorization
|
SenderAuthorization
|
Informations d’autorisation de l’expéditeur.
|
|
caller
|
string
|
l’adresse e-mail de l’utilisateur qui a effectué l’opération, la revendication UPN ou la revendication SPN en fonction de la disponibilité.
|
|
category
|
LocalizableString
|
catégorie d’événement.
|
|
claims
|
object
|
paires clé-valeur pour identifier les autorisations ARM.
|
|
correlationId
|
string
|
l’ID de corrélation, généralement un GUID au format de chaîne. L’ID de corrélation est partagé entre les événements qui appartiennent à la même opération uber.
|
|
description
|
string
|
description de l’événement.
|
|
eventDataId
|
string
|
ID des données d’événement. Il s’agit d’un identificateur unique pour un événement.
|
|
eventName
|
LocalizableString
|
nom de l’événement. Cette valeur ne doit pas être confondue avec OperationName. À des fins pratiques, OperationName peut être plus attrayant pour les utilisateurs finaux.
|
|
eventTimestamp
|
string
|
horodatage de la génération de l’événement par le service Azure qui traite la requête correspondant à l’événement. Il est au format ISO 8601.
|
|
httpRequest
|
HttpRequestInfo
|
les informations de requête HTTP. Inclut généralement « clientRequestId », « clientIpAddress » (adresse IP de l’utilisateur qui a lancé l’événement) et « method » (méthode HTTP, par exemple PUT).
|
|
id
|
string
|
ID de cet événement requis par ARM pour RBAC. Il contient l’EventDataID et des informations d’horodatage.
|
|
level
|
EventLevel
|
le niveau de l’événement
|
|
operationId
|
string
|
Il s’agit généralement d’un GUID partagé entre les événements correspondant à une seule opération. Cette valeur ne doit pas être confondue avec EventName.
|
|
operationName
|
LocalizableString
|
nom de l’opération.
|
|
properties
|
object
|
l’ensemble de <paires Clé/Valeur> (généralement une chaîne de dictionnaire<, une chaîne>) qui inclut des détails sur l’événement.
|
|
resourceGroupName
|
string
|
nom du groupe de ressources de la ressource affectée.
|
|
resourceId
|
string
|
URI de ressource qui identifie de manière unique la ressource à l’origine de cet événement.
|
|
resourceProviderName
|
LocalizableString
|
nom du fournisseur de ressources de la ressource concernée.
|
|
resourceType
|
LocalizableString
|
type de ressource
|
|
status
|
LocalizableString
|
chaîne décrivant la status de l’opération. Certaines valeurs classiques sont les suivantes : Started, In progress, Succeeded, Failed, Resolved.
|
|
subStatus
|
LocalizableString
|
sous-status de l’événement. La plupart du temps, lorsqu’elle est incluse, cela capture le code http status de l’appel REST. Les valeurs courantes sont : OK (Code d’état HTTP : 200), Créé (Code d’état HTTP : 201), Accepté (Code d’état HTTP : 202), Aucun contenu (Code d’état HTTP : 204), Requête incorrecte (Code d’état HTTP : 400), Introuvable (code d’état HTTP : 404), conflit (code d’état HTTP : 409), erreur interne du serveur (code d’état HTTP : 500), service non disponible (code d’état HTTP : 503), délai d’expiration de la passerelle (code d’état HTTP : 504)
|
|
submissionTimestamp
|
string
|
timestamp de la date à laquelle l’événement est devenu disponible pour l’interrogation via cette API. Il est au format ISO 8601. Cette valeur ne doit pas être confondue eventTimestamp. Car il peut y avoir un délai entre l’heure d’occurrence de l’événement et l’heure à laquelle l’événement est soumis à l’infrastructure de journalisation Azure.
|
|
subscriptionId
|
string
|
l’ID d’abonnement Azure est généralement un GUID.
|
|
tenantId
|
string
|
ID de locataire Azure
|
EventDataCollection
Représente la collection d’événements.
| Nom |
Type |
Description |
|
nextLink
|
string
|
Fournit le lien pour récupérer l’ensemble d’événements suivant.
|
|
value
|
EventData[]
|
cette liste qui inclut les journaux d’audit Azure.
|
EventLevel
le niveau de l’événement
| Nom |
Type |
Description |
|
Critical
|
string
|
|
|
Error
|
string
|
|
|
Informational
|
string
|
|
|
Verbose
|
string
|
|
|
Warning
|
string
|
|
HttpRequestInfo
Informations sur la requête HTTP.
| Nom |
Type |
Description |
|
clientIpAddress
|
string
|
adresse IP du client
|
|
clientRequestId
|
string
|
l’ID de demande client.
|
|
method
|
string
|
méthode de requête Http.
|
|
uri
|
string
|
URI.
|
LocalizableString
Classe de chaîne localisable.
| Nom |
Type |
Description |
|
localizedValue
|
string
|
valeur spécifique aux paramètres régionaux.
|
|
value
|
string
|
valeur invariante.
|
SenderAuthorization
autorisation utilisée par l’utilisateur qui a effectué l’opération qui a conduit à cet événement. Cela capture les propriétés RBAC de l’événement. Il s’agit généralement de l’action, du rôle et de l’étendue.
| Nom |
Type |
Description |
|
action
|
string
|
actions autorisées. Pour instance : microsoft.support/supporttickets/write
|
|
role
|
string
|
rôle de l’utilisateur. Pour instance : Administration d’abonnement
|
|
scope
|
string
|
étendue.
|