post https://{tenant_url}/v1.0/reports/
This endpoint is used to run most of the reports. Provide the report name and request payload in the body section.
Entitlements required: readReports, or manageReports.
Some example report names to retrieve are authentication activity, application usage, admin activity and user activity.
For example: POST /reporting/v1.0/reports/auth_audit_trail API is used to the get first batch of authentication events.
Use POST /reporting/v1.0/reports/auth_audit_trail_search_after API to get the ramaining events.
Report Name | Example Payload Request |
---|---|
auth_audit_trail | { "FROM":"now-24h", "TO":"now", "SIZE":"10", "SORT_BY":"time", "SORT_ORDER":"asc" } |
auth_audit_trail_search_after | { "FROM":"now-24h", "TO":"now", "SIZE":"10", "SORT_BY":"time", "SORT_ORDER":"asc", "SEARCH_AFTER":""1554479231870","30f5a726-0e11-4066-a49f-e1e1d03a62b4"" } The SEARCH_AFTER value is an array of the timestamp and ID of the last response entry from the auth_audit_trail report |