Get-OCIDatasafeAuditEventsList

SYNOPSIS

Invokes DataSafe service - ListAuditEvents operation.

SYNTAX

Limit

Get-OCIDatasafeAuditEventsList -CompartmentId <String> [-OpcRequestId <String>] [-CompartmentIdInSubtree <Boolean>] [-AccessLevel <AccessLevelEnum>] [-Limit <Int32>] [-Page <String>] [-ScimQuery <String>] [-SortOrder <SortOrderEnum>] [-SortBy <SortByEnum>] [-ConfigFile <String>] [-Endpoint <String>] [-NoRetry] [-Profile <String>] [-Region <String>] [-FullResponse] [-TimeOutInMillis <Int32>] [-AuthType <AuthenticationType>] [<CommonParameters>]

AllPages

Get-OCIDatasafeAuditEventsList -CompartmentId <String> [-OpcRequestId <String>] [-CompartmentIdInSubtree <Boolean>] [-AccessLevel <AccessLevelEnum>] [-Page <String>] [-ScimQuery <String>] [-SortOrder <SortOrderEnum>] [-SortBy <SortByEnum>] [-All] [-ConfigFile <String>] [-Endpoint <String>] [-NoRetry] [-Profile <String>] [-Region <String>] [-FullResponse] [-TimeOutInMillis <Int32>] [-AuthType <AuthenticationType>] [<CommonParameters>]

DESCRIPTION

The ListAuditEvents operation returns specified compartmentId audit Events only. The list does not include any audit Events associated with the subcompartments of the specified compartmentId. The parameter accessLevel specifies whether to return only those compartments for which the requestor has INSPECT permissions on at least one resource directly or indirectly (ACCESSIBLE) (the resource can be in a subcompartment) or to return Not Authorized if Principal doesn't have access to even one of the child compartments. This is valid only when compartmentIdInSubtree is set to true. The parameter compartmentIdInSubtree applies when you perform ListAuditEvents on the compartmentId passed and when it is set to true, the entire hierarchy of compartments can be returned. To get a full list of all compartments and subcompartments in the tenancy (root compartment), set the parameter compartmentIdInSubtree to true and accessLevel to ACCESSIBLE.

PARAMETERS

-AccessLevel

Valid values are RESTRICTED and ACCESSIBLE. Default is RESTRICTED. Setting this to ACCESSIBLE returns only those compartments for which the user has INSPECT permissions directly or indirectly (permissions can be on a resource in a subcompartment). When set to RESTRICTED permissions are checked and no partial results are displayed.

Type: AccessLevelEnum
Parameter Sets: (All)
Aliases: None
Accepted values: Restricted, Accessible

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-All

Fetches all pages of results.

Type: SwitchParameter
Parameter Sets: AllPages
Aliases: None

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-AuthType

Type of authentication to use for making API requests. Default is Key based Authentication.

Type: AuthenticationType
Parameter Sets: (All)
Aliases: None
Accepted values: ApiKey, InstancePrincipal, SessionToken

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-CompartmentId

A filter to return only resources that match the specified compartment OCID.

Type: String
Parameter Sets: (All)
Aliases: None

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-CompartmentIdInSubtree

Default is false. When set to true, the hierarchy of compartments is traversed and all compartments and subcompartments in the tenancy are returned. Depends on the 'accessLevel' setting.

Type: Boolean
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-ConfigFile

The path to the config file.

Type: String
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Endpoint

The value to use as the service endpoint, including any required API version path.

Type: String
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-FullResponse

Output the complete response returned by the API Operation. Using this switch will make this Cmdlet output an object containing response headers in-addition to an optional response body.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-Limit

For details about how pagination works, see List Pagination.

Type: Int32
Parameter Sets: Limit
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-NoRetry

Disable retry logic for calls to services.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-OpcRequestId

Unique identifier for the request.

Type: String
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-Page

It is usually retrieved from a previous "List" call. For details about how pagination works, see List Pagination.

Type: String
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-Profile

The profile in the config file to load.

Type: String
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Region

Region-id of the region to make calls against. eg) us-phoenix-1, ap-singapore-1

Type: String
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-ScimQuery

The scimQuery query parameter accepts filter expressions that use the syntax described in Section 3.2.2.2 of the System for Cross-Domain Identity Management (SCIM) specification, which is available at RFC3339. In SCIM filtering expressions, text, date, and time values must be enclosed in quotation marks, with date and time values using ISO-8601 format. (Numeric and boolean values should not be quoted.)

Example: (auditEventTime ge "2021-06-04T01:00:26.000Z") and (eventName eq "LOGON") The attrExp or the field (for example, operationTime and eventName in above example) which is used to filter can be any of the fields returned by AuditEventSummary. adminUser, commonUser, sensitiveActivity, dsActivity can only have eq operation and value 1. These define admin user activity, common user activity, sensitive data activity and data safe activity Example: (adminUser eq 1)

Type: String
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-SortBy

If this query parameter is specified, the result is sorted by this query parameter value.

Type: SortByEnum
Parameter Sets: (All)
Aliases: None
Accepted values: DbUserName, TargetName, DatabaseType, TargetClass, AuditEventTime, TimeCollected, OsUserName, Operation, OperationStatus, EventName, ErrorCode, ErrorMessage, ObjectType, ObjectName, ObjectOwner, ClientHostname, ClientIp, IsAlerted, ActionTaken, ClientProgram, CommandText, CommandParam, ExtendedEventAttributes, AuditLocation, OsTerminal, ClientId, AuditPolicies, AuditType, ExternalUserId

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-SortOrder

The sort order to use, either ascending (ASC) or descending (DESC).

Type: SortOrderEnum
Parameter Sets: (All)
Aliases: None
Accepted values: Asc, Desc

Required: False
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-TimeOutInMillis

Max wait time in milliseconds for the API request to complete. Default is 100000 millis(100 secs).

Type: Int32
Parameter Sets: (All)
Aliases: None

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

OUTPUTS

• Oci.DatasafeService.Models.AuditEventCollection
• Oci.DatasafeService.Responses.ListAuditEventsResponse

RELATED LINKS

• APIReference
• DotnetSDKAPI
• OCIModulesDocs
• OCIServiceConcepts
• Examples