• Documentation
• Activity Log Auditing
• Event Log Schema

Event Log Schema

This section describes the schema of the event log.

Sample Code

{
  "userIdentity": {
    "userId": "u15420087818641",
    "userName": "db001",
    "type": "userAccount",
    "accessKey": null,
    "sessionContext": {
      "id": "IAM_S_e6huGLv6FMUW7KCNYZ28zuPML7Uwzg8d",
      "creationDate": "2018-11-20 10:04:20",
      "mfaAuthenticated": false
    }
  },
  "organizationId": "yourOrgId",
  "sourceIpAddress": "172.20.17.248",
  "eventTime": "2018-11-20 10:04:20",
  "eventId": "signInSelectOrganization15427082605511",
  "eventName": "signInSelectOrganization",
  "eventType": "consoleAction",
  "eventVersion": "V1.0",
  "resources": [
    {
      "resourceId": "u15420087818641",
      "resourceName": "db001",
      "resourceType": "user"
    },
    {
      "resourceId": "o15420087814661",
      "resourceName": "db001",
      "resourceType": "organization"
    }
  ],
  "serviceName": "IAM-Service",
  "requestId": null,
  "requestParameters": "{\"sessionId\":\"IAM_S_e6huGLv6FMUW7KCNYZ28zuPML7Uwzg8d\",\"workingOrganizationId\":\"o15420087814661\",\"organizationId\":\"o15420087814661\"}",
  "apiVersion": null,
  "errorCode": null,
  "errorMsg": null
}

Property Descriptions

• userIdentity: The information of the actor of this event.

  • type: The account type of this user.

  • userId: The unique identifier of the user.

  • userName: The username of the user.

  • sessionContext: The session information of this event. A session is created when the user starts to perform operations in the EnOS Management Console. A session has the following information:

    • id: The unique identifier of this session.

    • creationDate: The date and time when the session is created.

    • mfAuthentication: Indicates whether MFA is enabled when the user logged in to the EnOS Management Console.

• organizationId: The organization ID.

• sourceIpAddress: The source IP address of the API request. If the API request is sent from the EnOS Management Console, the source IP address is the IP address of the user’s browser.

• eventTime: The timestamp of the API request, in UTC format.

• eventId: The unique identifier of the event that is generated by the auditing service.

• eventName: The action of the event. For more information on events, see List of Events.

• eventType: The category of the event. For example, ConsoleSignIn, ConsoleSignOut, ApiCall, etc.

• eventVersion: The version of the event format.

• resource: The resource that the action is performed on.

  • resourceId: The identifier of the resource.

  • resourceName: The name of the resource.

  • resourceType: The type of the resource. For example, Policy, User, UserGroup, etc.

• serviceName: The service that the API belongs to. For example, IAM.

• requestId: The identifier of the API request.

• requestParameters: The input parameters of the API request.

• apiVersion: The version of the invoked API.

• responseElements: The response message. For example, action succeeded or failed.

• errorCode: The error code of the API request.

• errorMessage: The error message that is returned for the API request.

List of Events

The values returned for eventName are listed as follows.

Event Name	Action
consoleSignIn	Log in to the EnOS Management Console.
consoleSignOut	Log out from the EnOS Management Console.
signInSelectOrganization	Select an organization when logged in to the EnOS Management Console.
createUser	Create a user.
deleteUser	Delete a user.
resetUserPassword	User password is reset by the OU administration.
modifyUserPassword	Password is modified by the account owner.
retrieveUserPassword	User password is retrieved by the account owner.
setUserAccountStatus	Enable or disable the user account by the OU administration.
addExternalUser	Import an external user.
removeExternalUser	Remove an external user.
createGroup	Create a user group.
deleteGroup	Delete a user group.
addUserToGroup	Add a user to a group.
removeUserFromGroup	Remove a user from a group.
createPolicy	Create a policy.
deletePolicy	Delete a policy.
appendResource	Attach services to a policy.
revokeResource	Revoke services from a policy.
grantPolicy	Associate a policy to a user or a group.
removePolicy	Remove a policy from a user or a group.
createFirmware	Upload a firmware.
deleteFirmware	Delete a firmware
updateFirmware	Update a firmware.
createVerificationJob	Create a firmware verification job.
deleteVerificationJob	Delete a firmware verification job.
updateVerificationJob	Update a firmware verification job.
updateUpgradeJob	Update a firmware upgrade job.
createUpgradeJob	Create a firmware upgrade job.
deleteUpgradeJob	Delete a firmware upgrade job.
startVerificationJob	Start a firmware verification job.
stopVerificationJob	Stop a firmware verification job.
startUpgradeJob	Start a firmware upgrade job.
stopUpgradeJob	Stop a firmware upgrade job.
cancelOTATask	Cancel an OTA task.
retryOTATask	Retry an OTA task.