API Guide - Event
- Updated on Apr 27, 2022
- Get Events
- Usecase: To filters events by service account name
- Usecase: To filters events by multiple service account names
- Get Events Count
- Usecase: To get events count filters by service account name
- Usecase: To get events count filters by multiple service account names
- Get Events Feed
Get Events
Fetches a list of events from your Banyan organization system log.
Review the Event Spec Syntax for more information on the Event data structures.
HTTP Request
GET /v1/events
URL Parameters
N/A
Query Parameters
Parameter | Format | Description |
---|---|---|
order | String | Sets the order for returned events based on created_at timestamp. Supported values ASC, DESC. Default is DESC |
before | Int | Filters events that occurred before a specific [ epoch timestamp ] ( https://www.epochconverter.com/ ) (in milliseconds) |
after | Int | Filters events that occurred after a specific [ epoch timestamp ] ( https://www.epochconverter.com/ ) (in milliseconds) |
type | String | Filters events based on event types. Multiple types could be passed separated by a pipe |
sub_type | String | Filters events of one subtype (conditionally depends on type , such as Access (type) and Connection (sub_type) |
user_email | String | Filters events associated with users. Multiple email addresses could be passed separated by a pipe |
device_id | String | Filters events associated with a single device, based on its device ID |
serialnumber | String | Filters events associated with devices. Multiple serialnumber could be passed separated by a pipe |
workload_container_id | String | Filters events associated with services. Multiple service_name could be passed separated by a pipe |
service_name | String | Filters events associated with services. Multiple service_name could be passed separated by a pipe |
skip | Int | Used in Pagination. Specifies the number of records to skip. Default is 0 |
limit | Int | Used in Pagination. Specifies the maximum number of records to return. Default is 10 |
action | String | Filters events by one of the possible event action values |
id | String | Filters events based on its event ID |
external_id | String | Filters events based on its external_id |
severity | String | Filters events based on its severity value. The order of severity is DEBUG -> INFO -> WARN -> ERROR. So a severity of INFO will return all events of severity INFO and above |
service_account_name | String | Filters events associated with service accounts. Multiple service account names could be passed separated by a pipe |
start_time | Int | Filters events that occurred after a specific [ epoch timestamp ] (in nanoseconds, but event timestamps are stored at millisecond granularity) |
end_time | Int | Filters events that occurred before a specific [ epoch timestamp ] (in nanoseconds, but event timestamps are stored at millisecond granularity) |
Request Headers
Authorization: Bearer $AUTHTOKEN
Request Body
N/A
Status Codes and Errors
Value | Description | |
---|---|---|
200 | OK | |
401 | Unauthorized | |
403 | Forbidden | |
500 | InternalServerError |
Response Headers
N/A
HTTP Response Body
Example Event Response
{
"data": [{
"id": "8f4a3c39-7fdd-469a-9a23-7857194387c9",
"org_id": "88adaa4d-00b4-49a3-a8db-546dd41b6689",
"org_name": "exampleorg",
"severity": "INFO",
"action": "Register",
"type": "Registration",
"sub_type": "Device",
"message": "Device registered successfully",
"result": "INFO",
"created_at": 1589469516170,
"created_at_ns": 1589469516170000000,
"user_principal":
{
"device":
{
"id": "a1c5dc86-5077-4476-9665-0d01e00e6fb7",
"friendly_name": "computer-name",
"mac_address": "",
"serial_number": "ABCDEFGHIJKL",
"registration_status": "FALSE",
"compromised_status": "FALSE",
"compliance_status": "",
"oem_info": "",
"model": "MacBook Pro",
"platform": "Darwin",
"ownership": "Corporate Dedicated",
"architecture": "amd64",
"udid": "",
"source": "BNN",
"last_mdm_data_synced_at": 1589469323245456400
},
"user":
{
"email": "user@email.com",
"groups":
[
"Engineering",
"Everyone"
],
"roles":
[
"Engineering"
]
}
}
}]
}
Usecase: To filters events by service account name
Request URL GET /v1/events?service_account_name=dsrini-web-service
Usecase: To filters events by multiple service account names
Request URL GET /v1/events?service_account_name=dsrini-web-service | dsrini-demo-service
Get Events Count
Fetches a count of events from your Banyan organization system log.
HTTP Request
GET /v1/events/count
URL Parameters
N/A
Query Parameters
Parameter | Format | Description |
---|---|---|
before | Int | Filters events that occurred before a specific [ epoch timestamp ] ( https://www.epochconverter.com/ ) (in milliseconds) |
after | Int | Filters events that occurred after a specific [ epoch timestamp ] ( https://www.epochconverter.com/ ) (in milliseconds) |
type | String | Filters events based on event types. Multiple types could be passed separated by a pipe |
sub_type | String | Filters events of one subtype (conditionally depends on type , such as Access (type) and Connection (sub_type) |
user_email | String | Filters events associated with users. Multiple email addresses could be passed separated by a pipe |
device_id | String | Filters events associated with a single device, based on its device ID |
serialnumber | String | Filters events associated with devices. Multiple serialnumber could be passed separated by a pipe |
workload_container_id | String | Filters events associated with services. Multiple service_name could be passed separated by a pipe |
service_name | String | Filters events associated with services. Multiple service_name could be passed separated by a pipe |
action | String | Filters events by one of the possible event action values |
id | String | Filters events based on its event ID |
external_id | String | Filters events based on its external_id |
severity | String | Filters events based on its severity value. The order of severity is DEBUG -> INFO -> WARN -> ERROR. So a severity of INFO will return all events of severity INFO and above |
service_account_name | String | Filters events associated with service accounts. Multiple service account names could be passed separated by a pipe |
start_time | Int | Filters events that occurred after a specific [ epoch timestamp ] (in nanoseconds, but event timestamps are stored at millisecond granularity) |
end_time | Int | Filters events that occurred before a specific [ epoch timestamp ] (in nanoseconds, but event timestamps are stored at millisecond granularity) |
Request Headers
Authorization: Bearer $AUTHTOKEN
Request Body
N/A
Status Codes and Errors
Value | Description | |
---|---|---|
200 | OK | |
401 | Unauthorized | |
403 | Forbidden | |
500 | InternalServerError |
Response Headers
N/A
HTTP Response Body
Example Event Response
{
"data": 571
}
Usecase: To get events count filters by service account name
Request URL GET /v1/events/count?service_account_name=dsrini-web-service
Usecase: To get events count filters by multiple service account names
Request URL GET /v1/events/count?service_account_name=dsrini-web-service | dsrini-demo-service
Get Events Feed
HTTP Request
GET /v1/events/feed
URL Parameters
N/A
Query Parameters
Parameter | Format | Description |
order | String | set order for returned dataset based on timestamp |
before | Int | Filter - epoch timestamp in ms setting the inclusive upper time range limit |
after | Int | Filter - epoch timestamp in ms setting the inclusive lower time range limit |
skip | Int | Pagination - the number of records to skip |
limit | Int | Pagination - the maximum number of records to return |
Request Headers
Authorization: Bearer $AUTHTOKEN
Request Body
N/A
Status Codes and Errors
Value | Description |
---|---|
200 | OK |
Response Headers
N/A
HTTP Response Body
{
"data": [{
"action": "Register",
"created_at": 1589469516170,
"group_id": "05746a72-6a19-49fd-9660-96f01cee25cf",
"id": "8f4a3c39-7fdd-469a-9a23-7857194387c9",
"messages": "Device registered successfully",
"org_id": "88adaa4d-00b4-49a3-a8db-546dd41b6689",
"org_name": "eventsv2",
"result": "INFO",
"severity": "INFO",
"sub_type": "Device",
"type": "Registration",
"user_principal":
{
"device":
{
"architecture": "amd64",
"compliance_status": "",
"compromised_status": "FALSE",
"friendly_name": "computer-name",
"id": "a1c5dc86-5077-4476-9665-0d01e00e6fb7",
"last_mdm_data_synced_at": 1589469323245456400,
"mac_address": "",
"model": "MacBook Pro",
"oem_info": "",
"ownership": "Corporate Dedicated",
"platform": "Darwin",
"registration_status": "FALSE",
"serial_number": "ABCDEFGHIJKL",
"source": "BNN",
"udid": ""
},
"user":
{
"email": "user@email.com",
"groups":
[
"Engineering",
"Everyone"
],
"roles":
[
"Engineering"
]
}
}
}]
}