1. Command Line Interface
  2. Verb Reference
  3. EM CLI Verbs
  4. get_compliance_rule_violation_event

get_compliance_rule_violation_event

Returns a list of unique identifiers for the root standard, runtime identifier, root target, target, event instance ID, and optionally context information for the specified rule and target across the different standards from which it is referred.

Format

emcli get_compliance_rule_violation_event  
      -rule_iname="<rule_internal_name>" 
      -target_type="<target_type>" 
      -target_name="<target_name>"
      [-attrs="<attribute_list>"] 
              root_cs_guid
              rqs_guid
              root_target_guid
              target_guid
              event_instance_id
      [-separator="<separator>"]
      [-show_context]
              column_name
              column_type=<N | S>
              column_value
 
[ ]  indicates that the parameter is optional.

Options

  • rule_iname

    Internal name of the compliance standard rule. Rule internal names are available in the MGMT$CS_RULE_ATTRS view.

  • target_type

    Target type associated with the compliance standard rule.

  • target_name

    Name of the target.

  • attrs

    List of attributes. If no attributes are specified, then all attributes are returned in the order listed below.

    • root_cs_guid: Unique identifier of the root standard with which the rule is associated.

    • rqs_guid: Unique runtime identifier of the rule referenced with the root standard.

    • root_target_guid: Unique identifier of the root target.

    • target_guid: Unique identifier of the target.

    • event_instance_id: Unique identifier of the event_instance.

  • separator

    Separator used between column entries. If no separator is specified, then a comma "," is used.

  • show_context

    If show_context is not specified, then the context will not be returned. If show_context is specified, then the following attributes are returned in the following order:

    • column_name: Violation event context attribute name.

    • column_value: Violation event context attribute value.

    • column_type: Violation event context attribute type, "N" if number, "S" if string.

Example

emcli get_compliance_rule_violation_event 
      -rule_iname="myrule" 
      -target_type="host" 
      -target_name="my_machine" 
      -attrs="root_cs_guid,root_target_guid" 
      -show_context

If myrule is associated to the specified target through M root_targets, the output appears as:std_guid,root_tgt1_guid,[column_name1,column_value11,column_type1],[column_name2,...],...[column_nameN,...]std_guid,root_tgt2_guid,[column_name1,column_value1M,column_type1],[column_name2,...],...[column_nameN,...]