Endpoint Activity Summary


This API is for listing all the activities performed on the endpoints.

 

  • Functionality
  • To retrieve the activities performed on the endpoints.
  • HTTP Method 
  • GET
  • API URI
  • api/1.4/reports/dlp/endpointactivityreport
  • Filters
  • actionFilter={number}
    This is to filter endpoint activity report records based on Leak Prevention action performed.
    0 - Allowed
    1 - Blocked
    2 - Self Override
    3 - Reported False Positive
  • Paging
  • page={Numeric}
    This is for navigating to specific pages. This field denotes the current page.

    pagelimit={Numeric}
    This is to specify the number of records to be displayed per page.
  • Response Parameters
  • resfileaudit.boundary_type
    This denotes the boundary type.
    1 - Storage devices
    5 - Network printers
    6 - USB printers
    8 - Web domains
    16 - Email domains
    64 - Enterprise Apps

    resfileaudit.event_type
    This denotes the Leak Prevention action performed.
    0 - Allowed
    1 - Blocked
    2 - Self Override
    3 - Reported False Positive

    classification_type
    This denotes the source that marked the file as sensitive, aside from data rules.
    64 - Password protected files
    128 - Trusted application
    256 - Trusted email domain
    1024 - Trusted web domain

    All times are in epoch long format.

Response Data

 { 	"message_type": "dlp", 	"message_response": { 		"total": 42, 		"limit": 25, 		"dlp": [ 			{ 				"resfileaudit.user": "Test", 				"classification_source": "--", 				"file_path": "C:\\USERS\\TEST\\DESKTOP\\LICENSE DLP DEMO NEW.XML", 				"resfileaudit.event_type": 2, 				"resfileaudit.boundary_value": "localhost", 				"override_comment": "--", 				"resfileaudit.event_time": 1714999955026, 				"classification_category": "Source code", 				"resfileaudit.boundary_type": 8, 				"classification_type": 16, 				"justication_value": "Approved by the manager", 				"resource_name": "ues-w10-cloud1", 				"classification_rule": "XML" 			}, 			{ 				"resfileaudit.user": "Test", 				"classification_source": "--", 				"file_path": "new dlp notepad.txt", 				"resfileaudit.event_type": 3, 				"resfileaudit.boundary_value": "Microsoft Print To PDF", 				"override_comment": "--", 				"resfileaudit.event_time": 1714998974725, 				"classification_category": "Custom rules", 				"resfileaudit.boundary_type": 5, 				"classification_type": "--", 				"justication_value": "--", 				"resource_name": "ues-w10-cloud1", 				"classification_rule": "Keyword" 			} 		], 		"page": 1 	}, 	"message_version": "1.4", 	"status": "success", 	"response_code": 200 }