Security Event Log from System Monitor

This log contains records about events related to the addition, deletion, and other changes made to user permissions. The logging of security events is disabled by default. This feature can only be enabled by the system administrator directly in a FlexiCapture database. For detailed information about various events recorded in the log and how to enable it, please see the Security event log article in the Administration and Monitoring Console help.

Important !Only users with System Administrator permissions can download security event logs from System Monitor. A System Administrator is the Administrator of a default tenant.

To download this log, use a POST request.

POST https://<server address>/FlexiCapture12/Monitoring/Tenant/GetSecurityEventsCSV

Request parameters

Remarque :

  1. All parameters are required. Make sure that they are specified correctly.
  2. The search in Oracle Database is case sensitive. Please, take it into account if you are using Oracle Database.
Name Type Description
filter string

Sets the filter parameters. As a result, only logs that satisfy the filter conditions will be recorded. Only the AND and OR operators can be used to combine the conditions. Operators are specified in GeneralOperator parameter. Sample filter parameters:

filter={
    "GeneralOperator": "AND",
    "FilterItems": [
        {
            "PropertyKey": "Date",
            "PropertyOperator": "BETWEEN",
            "PropertyValues": [
                "2021-08-28",
                "00:00:00",
                "2023-09-28",
                "23:59:59"
            ]
        }
    ]
}

You can find necessary values for PropertyKey and PropertyOperator parameters by creating desired filter in Administration and Monitoring Console. To do this:

  1. In browser menu click More tools -> Developer tools and go to the Network tab.
  2. Launch the Administration and Monitoring Console, go to System Monitor → Security event log, and click the button.
  3. Specify filtering criteria and click Apply.
  4. Click on GetFilteredSecurityEvent request. Filtering parameters will be listed on Payload tab.
columnsOrder string

List of columns that should be added to the report. Possible values are:

  • ID
  • Date
  • EventType
  • Details
  • RemoteHost
  • Principal
  • TenantName
  • Writer
  • WriterTenantName
sortColumnindex int Specifies the column that will be used to sort the records in the log.
sortOrder bool

Specifies the order in which the records will be sorted:

  • true will sort the records in descending order,
  • false will sort the records in ascending order.
tenantId int

Specifies the tenants for which records should be included into the event log. Possible values are:

  • -1 – records for all available tenants will be included into the log.
  • 0 – records for the default tenant will be included into the log.
  • 1 and greater – records for the tenant with the specified ID only will be included into the log.

You can find the example of using this API in the script. Download the script here or use the script code provided below.

Remarque : The parameters in this script should be replaced with your server address and your own credentials.

PowerShell script

4/12/2024 6:16:03 PM

Please leave your feedback about this article

Usage of Cookies. In order to optimize the website functionality and improve your online experience ABBYY uses cookies. You agree to the usage of cookies when you continue using this site. Further details can be found in our Privacy Notice.