cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

API query for User Login Attempts

ry__panov__
Brass Contributor

‎Aug 04 2022 06:15 AM - edited ‎Aug 04 2022 07:31 AM

‎Aug 04 2022 06:15 AM - edited ‎Aug 04 2022 07:31 AM

API query for User Login Attempts

Has anybody been able to pull "User Login Attempt" events from the sensor, or manager, via API? 

 

After reading the API docs, and testing all the possible fields, it does not appear that User Operations events are available to extract through the API endpoints. Even just returning all events; no login events can be found.

 

/api/v1/events?type=USER_LOGIN_ATTEMPT
/api/v1/events?title="User Login Attempt"
/api/v1/events?content="login"
/api/v1/events?minutesTimeFrame=20

 

 

I would like to use the API to periodically record all User Authentications for audit purposes. I know it can be done through the GUI, but that is very time consuming at scale. It would also be nice if the On-Premise Manager aggregated all User Audit Logs from the sensors it manages as well #FeatureRequest.

729 Views
0 Likes
0 Replies
Reply
0 Replies