Biedt de lijst met records uit de activiteitenlogboeken.
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter={$filter}
Met optionele parameters:
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter={$filter}&$select={$select}
URI-parameters
| Name |
In |
Vereist |
Type |
Description |
|
subscriptionId
|
path |
True
|
string
|
De id van het doelabonnement.
|
|
$filter
|
query |
True
|
string
|
Vermindert de verzameling gegevens die worden verzameld.
Dit argument is vereist en vereist ook ten minste de begindatum/-tijd.
Het argument $filter is zeer beperkt en staat alleen de volgende patronen toe.
-
Lijst met gebeurtenissen voor een resourcegroep: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' en eventTimestamp le '2014-07-20T04:36:37.6407898Z' en resourceGroupName eq 'resourceGroupName'.
-
Lijst met gebeurtenissen voor resource: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' en eventTimestamp le '2014-07-20T04:36:37.6407898Z' en resourceUri eq 'resourceURI'.
-
Gebeurtenissen weergeven voor een abonnement in een tijdsbereik: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' en eventTimestamp le '2014-07-20T04:36:37.6407898Z'.
-
Lijst met gebeurtenissen voor een resourceprovider: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' en eventTimestamp le '2014-07-20T04:36:37.6407898Z' en resourceProvider eq 'resourceProviderName'.
-
Gebeurtenissen weergeven voor een correlatie-id: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' en eventTimestamp le '2014-07-20T04:36:37.6407898Z' en correlationId eq 'correlationID'.
OPMERKING: Er is geen andere syntaxis toegestaan.
|
|
api-version
|
query |
True
|
string
|
De API-versie die voor deze bewerking moet worden gebruikt.
|
|
$select
|
query |
|
string
|
Wordt gebruikt om gebeurtenissen op te halen met alleen de opgegeven eigenschappen.
Het argument $select is een door komma's gescheiden lijst met eigenschapsnamen die moeten worden geretourneerd. Mogelijke waarden zijn: autorisatie, claims, correlationId, description, eventDataId, eventName, eventTimestamp, httpRequest, level, operationId, operationName, properties, resourceGroupName, resourceProviderName, resourceId, status, submissionTimestamp, subStatus, subscriptionId
|
Antwoorden
| Name |
Type |
Description |
|
200 OK
|
EventDataCollection
|
Geslaagde aanvraag voor het ophalen van een pagina met gebeurtenissen in de activiteitenlogboeken
|
|
Other Status Codes
|
ErrorResponse
|
Foutreactie waarin wordt beschreven waarom de bewerking is mislukt.
|
Beveiliging
azure_auth
Azure Active Directory OAuth2-stroom
Type:
oauth2
Stroom:
implicit
Autorisatie-URL:
https://login.microsoftonline.com/common/oauth2/authorize
Bereiken
| Name |
Description |
|
user_impersonation
|
uw gebruikersaccount imiteren
|
Voorbeelden
Get Activity Logs with filter
Voorbeeldaanvraag
GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'
/**
* Samples for ActivityLogs List.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
*/
/**
* Sample code: Get Activity Logs with filter.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getActivityLogsWithFilter(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getActivityLogs().list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
null, com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.monitor import MonitorManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-monitor
# USAGE
python get_activity_logs_filtered.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = MonitorManagementClient(
credential=DefaultAzureCredential(),
subscription_id="089bd33f-d4ec-47fe-8ba5-0753aa5c5b33",
)
response = client.activity_logs.list(
filter="eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
)
for item in response:
print(item)
# x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
func ExampleActivityLogsClient_NewListPager_getActivityLogsWithFilter() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewActivityLogsClient().NewListPager("eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'", &armmonitor.ActivityLogsClientListOptions{Select: nil})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// OperationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// Description: to.Ptr(""),
// Authorization: &armmonitor.SenderAuthorization{
// Action: to.Ptr("microsoft.support/supporttickets/write"),
// Role: to.Ptr("Subscription Admin"),
// Scope: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"),
// },
// Caller: to.Ptr("admin@contoso.com"),
// Claims: map[string]*string{
// "name": to.Ptr("John Smith"),
// "appid": to.Ptr("c44b4083-3bq0-49c1-b47d-974e53cbdf3c"),
// "appidacr": to.Ptr("2"),
// "aud": to.Ptr("https://management.core.windows.net/"),
// "exp": to.Ptr("1421880271"),
// "groups": to.Ptr("cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c"),
// "http://schemas.microsoft.com/claims/authnclassreference": to.Ptr("1"),
// "http://schemas.microsoft.com/claims/authnmethodsreferences": to.Ptr("pwd"),
// "http://schemas.microsoft.com/identity/claims/objectidentifier": to.Ptr("2468adf0-8211-44e3-95xq-85137af64708"),
// "http://schemas.microsoft.com/identity/claims/scope": to.Ptr("user_impersonation"),
// "http://schemas.microsoft.com/identity/claims/tenantid": to.Ptr("1e8d8218-c5e7-4578-9acc-9abbd5d23315"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": to.Ptr("John"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": to.Ptr("admin@contoso.com"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": to.Ptr("9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": to.Ptr("Smith"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": to.Ptr("admin@contoso.com"),
// "iat": to.Ptr("1421876371"),
// "iss": to.Ptr("https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/"),
// "nbf": to.Ptr("1421876371"),
// "puid": to.Ptr("20030000801A118C"),
// "ver": to.Ptr("1.0"),
// },
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventDataID: to.Ptr("44ade6b4-3813-45e6-ae27-7420a95fa2f8"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// HTTPRequest: &armmonitor.HTTPRequestInfo{
// Method: to.Ptr("PUT"),
// ClientIPAddress: to.Ptr("192.168.35.115"),
// ClientRequestID: to.Ptr("27003b25-91d3-418f-8eb1-29e537dcb249"),
// },
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// Properties: map[string]*string{
// "statusCode": to.Ptr("Created"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubStatus: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Created (HTTP Status Code: 201)"),
// Value: to.Ptr("Created"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// SubscriptionID: to.Ptr("089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Provides the list of records from the activity logs.
*
* @summary Provides the list of records from the activity logs.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
*/
async function getActivityLogsWithFilter() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.activityLogs.list(filter)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using System.Xml;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Monitor.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Monitor;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
// this example is just showing the usage of "ActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SubscriptionResource created on azure
// for more information of creating SubscriptionResource, please refer to the document of SubscriptionResource
string subscriptionId = "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
ResourceIdentifier subscriptionResourceId = SubscriptionResource.CreateResourceIdentifier(subscriptionId);
SubscriptionResource subscriptionResource = client.GetSubscriptionResource(subscriptionResourceId);
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
await foreach (EventDataInfo item in subscriptionResource.GetActivityLogsAsync(filter))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine("Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
az monitor activity-log list --start-time 2018-07-01 --offset 7d
Click here to learn more about the Azure CLI command.
Voorbeeldrespons
{
"value": [
{
"authorization": {
"action": "microsoft.support/supporttickets/write",
"role": "Subscription Admin",
"scope": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"
},
"caller": "admin@contoso.com",
"claims": {
"aud": "https://management.core.windows.net/",
"iss": "https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/",
"iat": "1421876371",
"nbf": "1421876371",
"exp": "1421880271",
"ver": "1.0",
"http://schemas.microsoft.com/identity/claims/tenantid": "1e8d8218-c5e7-4578-9acc-9abbd5d23315",
"http://schemas.microsoft.com/claims/authnmethodsreferences": "pwd",
"http://schemas.microsoft.com/identity/claims/objectidentifier": "2468adf0-8211-44e3-95xq-85137af64708",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "admin@contoso.com",
"puid": "20030000801A118C",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": "John",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": "Smith",
"name": "John Smith",
"groups": "cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "admin@contoso.com",
"appid": "c44b4083-3bq0-49c1-b47d-974e53cbdf3c",
"appidacr": "2",
"http://schemas.microsoft.com/identity/claims/scope": "user_impersonation",
"http://schemas.microsoft.com/claims/authnclassreference": "1"
},
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"description": "",
"eventDataId": "44ade6b4-3813-45e6-ae27-7420a95fa2f8",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"httpRequest": {
"clientRequestId": "27003b25-91d3-418f-8eb1-29e537dcb249",
"clientIpAddress": "192.168.35.115",
"method": "PUT"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"level": "Informational",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"properties": {
"statusCode": "Created"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"subStatus": {
"value": "Created",
"localizedValue": "Created (HTTP Status Code: 201)"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"subscriptionId": "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Get Activity Logs with filter and select
Voorbeeldaanvraag
GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'&$select=eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level
/**
* Samples for ActivityLogs List.
*/
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetActivityLogsFilteredAndSelected.json
*/
/**
* Sample code: Get Activity Logs with filter and select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getActivityLogsWithFilterAndSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getActivityLogs().list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level",
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
from azure.identity import DefaultAzureCredential
from azure.mgmt.monitor import MonitorManagementClient
"""
# PREREQUISITES
pip install azure-identity
pip install azure-mgmt-monitor
# USAGE
python get_activity_logs_filtered_and_selected.py
Before run the sample, please set the values of the client ID, tenant ID and client secret
of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID,
AZURE_CLIENT_SECRET. For more info about how to get the value, please see:
https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal
"""
def main():
client = MonitorManagementClient(
credential=DefaultAzureCredential(),
subscription_id="089bd33f-d4ec-47fe-8ba5-0753aa5c5b33",
)
response = client.activity_logs.list(
filter="eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
)
for item in response:
print(item)
# x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
if __name__ == "__main__":
main()
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
func ExampleActivityLogsClient_NewListPager_getActivityLogsWithFilterAndSelect() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewActivityLogsClient().NewListPager("eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'", &armmonitor.ActivityLogsClientListOptions{Select: to.Ptr("eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level")})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Provides the list of records from the activity logs.
*
* @summary Provides the list of records from the activity logs.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
*/
async function getActivityLogsWithFilterAndSelect() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const select =
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
const options = { select };
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.activityLogs.list(filter, options)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using System.Xml;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Monitor.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Monitor;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
// this example is just showing the usage of "ActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SubscriptionResource created on azure
// for more information of creating SubscriptionResource, please refer to the document of SubscriptionResource
string subscriptionId = "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
ResourceIdentifier subscriptionResourceId = SubscriptionResource.CreateResourceIdentifier(subscriptionId);
SubscriptionResource subscriptionResource = client.GetSubscriptionResource(subscriptionResourceId);
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
string select = "eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
await foreach (EventDataInfo item in subscriptionResource.GetActivityLogsAsync(filter, select: select))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine("Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
az monitor activity-log list --start-time 2018-07-01 --offset 7d
Click here to learn more about the Azure CLI command.
Voorbeeldrespons
{
"value": [
{
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"level": "Informational"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Definities
| Name |
Description |
|
ErrorResponse
|
Beschrijft de indeling van foutantwoord.
|
|
EventData
|
De vermeldingen in het Azure-gebeurtenislogboek zijn van het type EventData
|
|
EventDataCollection
|
Vertegenwoordigt een verzameling gebeurtenissen.
|
|
EventLevel
|
het gebeurtenisniveau
|
|
HttpRequestInfo
|
De http-aanvraaggegevens.
|
|
LocalizableString
|
De lokaliseerbare tekenreeksklasse.
|
|
SenderAuthorization
|
de autorisatie die wordt gebruikt door de gebruiker die de bewerking heeft uitgevoerd die tot deze gebeurtenis heeft geleid. Hiermee worden de RBAC-eigenschappen van de gebeurtenis vastgelegd. Deze omvatten meestal de 'actie', 'rol' en het 'bereik'
|
ErrorResponse
Beschrijft de indeling van foutantwoord.
| Name |
Type |
Description |
|
code
|
string
|
Foutcode
|
|
message
|
string
|
Foutbericht waarin wordt aangegeven waarom de bewerking is mislukt.
|
EventData
De vermeldingen in het Azure-gebeurtenislogboek zijn van het type EventData
| Name |
Type |
Description |
|
authorization
|
SenderAuthorization
|
De autorisatiegegevens van de afzender.
|
|
caller
|
string
|
het e-mailadres van de gebruiker die de bewerking heeft uitgevoerd, de UPN-claim of SPN-claim op basis van beschikbaarheid.
|
|
category
|
LocalizableString
|
de gebeurteniscategorie.
|
|
claims
|
object
|
sleutelwaardeparen om ARM-machtigingen te identificeren.
|
|
correlationId
|
string
|
de correlatie-id, meestal een GUID in de tekenreeksindeling. De correlatie-id wordt gedeeld tussen de gebeurtenissen die deel uitmaken van dezelfde uber-bewerking.
|
|
description
|
string
|
de beschrijving van de gebeurtenis.
|
|
eventDataId
|
string
|
de gebeurtenisgegevens-id. Dit is een unieke id voor een gebeurtenis.
|
|
eventName
|
LocalizableString
|
de naam van de gebeurtenis. Deze waarde moet niet worden verward met OperationName. Voor praktische doeleinden is OperationName mogelijk aantrekkelijker voor eindgebruikers.
|
|
eventTimestamp
|
string
|
de tijdstempel van wanneer de gebeurtenis is gegenereerd door de Azure-service die de aanvraag verwerkt die overeenkomt met de gebeurtenis. Het in ISO 8601-indeling.
|
|
httpRequest
|
HttpRequestInfo
|
de http-aanvraaggegevens. Omvat meestal de 'clientRequestId', 'clientIpAddress' (IP-adres van de gebruiker die de gebeurtenis heeft geïnitieerd) en 'method' (HTTP-methode, bijvoorbeeld PUT).
|
|
id
|
string
|
de id van deze gebeurtenis zoals vereist door ARM voor RBAC. Het bevat de EventDataID en een tijdstempelinformatie.
|
|
level
|
EventLevel
|
het gebeurtenisniveau
|
|
operationId
|
string
|
Het is meestal een GUID die wordt gedeeld tussen de gebeurtenissen die overeenkomen met één bewerking. Deze waarde moet niet worden verward met EventName.
|
|
operationName
|
LocalizableString
|
de naam van de bewerking.
|
|
properties
|
object
|
de set <sleutel-, waardeparen> (meestal een woordenlijstreeks<, tekenreeks>) die details over de gebeurtenis bevat.
|
|
resourceGroupName
|
string
|
de naam van de resourcegroep van de betrokken resource.
|
|
resourceId
|
string
|
de resource-URI die de resource die deze gebeurtenis heeft veroorzaakt, uniek identificeert.
|
|
resourceProviderName
|
LocalizableString
|
de naam van de resourceprovider van de betrokken resource.
|
|
resourceType
|
LocalizableString
|
het resourcetype
|
|
status
|
LocalizableString
|
een tekenreeks die de status van de bewerking beschrijft. Enkele typische waarden zijn: Gestart, Wordt uitgevoerd, Geslaagd, Mislukt, Opgelost.
|
|
subStatus
|
LocalizableString
|
de substatus van de gebeurtenis. Meestal wordt hiermee, wanneer deze is opgenomen, de HTTP-statuscode van de REST-aanroep vastgelegd. Algemene waarden zijn: OK (HTTP-statuscode: 200), gemaakt (HTTP-statuscode: 201), geaccepteerd (HTTP-statuscode: 202), geen inhoud (HTTP-statuscode: 204), ongeldige aanvraag (HTTP-statuscode: 400 Niet gevonden (HTTP-statuscode: 404), conflict (HTTP-statuscode: 409), interne serverfout (HTTP-statuscode: 500), service niet beschikbaar (HTTP-statuscode:503), gatewaytime-out (HTTP-statuscode: 504)
|
|
submissionTimestamp
|
string
|
de tijdstempel van wanneer de gebeurtenis beschikbaar kwam voor het uitvoeren van query's via deze API. Het is in ISO 8601-indeling. Deze waarde mag niet worden verward met eventTimestamp. Omdat er mogelijk een vertraging is tussen het tijdstip van optreden van de gebeurtenis en het tijdstip waarop de gebeurtenis wordt verzonden naar de Azure-infrastructuur voor logboekregistratie.
|
|
subscriptionId
|
string
|
de Azure-abonnements-id is meestal een GUID.
|
|
tenantId
|
string
|
de Azure-tenant-id
|
EventDataCollection
Vertegenwoordigt een verzameling gebeurtenissen.
| Name |
Type |
Description |
|
nextLink
|
string
|
Biedt de koppeling om de volgende set gebeurtenissen op te halen.
|
|
value
|
EventData[]
|
deze lijst bevat de Azure-auditlogboeken.
|
EventLevel
het gebeurtenisniveau
| Name |
Type |
Description |
|
Critical
|
string
|
|
|
Error
|
string
|
|
|
Informational
|
string
|
|
|
Verbose
|
string
|
|
|
Warning
|
string
|
|
HttpRequestInfo
De http-aanvraaggegevens.
| Name |
Type |
Description |
|
clientIpAddress
|
string
|
het IP-adres van de client
|
|
clientRequestId
|
string
|
de clientaanvraag-id.
|
|
method
|
string
|
de http-aanvraagmethode.
|
|
uri
|
string
|
de URI.
|
LocalizableString
De lokaliseerbare tekenreeksklasse.
| Name |
Type |
Description |
|
localizedValue
|
string
|
de specifieke waarde voor de landinstelling.
|
|
value
|
string
|
de invariante waarde.
|
SenderAuthorization
de autorisatie die wordt gebruikt door de gebruiker die de bewerking heeft uitgevoerd die tot deze gebeurtenis heeft geleid. Hiermee worden de RBAC-eigenschappen van de gebeurtenis vastgelegd. Deze omvatten meestal de 'actie', 'rol' en het 'bereik'
| Name |
Type |
Description |
|
action
|
string
|
de toegestane acties. Bijvoorbeeld: microsoft.support/supporttickets/write
|
|
role
|
string
|
de rol van de gebruiker. Bijvoorbeeld: Abonnement Beheer
|
|
scope
|
string
|
het bereik.
|