JSON RPC
Module description
AAA Events - a subsystem that manages and stores AAA events.
Operations
Delete AAA events params
Context model: Params
Request data
Add AAA Events params
Context model: Params
Request data
{
"context": {
"op": "param_add"
},
"data": {
"ttl_days": "<ttl_days>",
"events_params": "<events_params>"
}
}
Description
ttl_days [ int ] - TTL in days for events (must be in [92, 1096] range)
events_params [ jsonstr ] - Events parameters (group, level, prop)
Show AAA Events params
Context model: Params
Request data
Update AAA Events params
Context model: Params
Request data
{
"context": {
"op": "param_update"
},
"data": {
"ttl_days": "<ttl_days>",
"events_params": "<events_params>"
}
}
Description
ttl_days [ int ] - TTL in days for events (must be in [92, 1096] range)
events_params [ jsonstr ] - Events parameters (group, level, prop)
Show user event
Context model: Events
Request data
Description
login [ ] - User/login name
uuid [ required ] - Event UUID
Show event defaults
Context model: Events
Request data
Show avaliable events
Request data
Description
filter [ ] - Plugin filter
Show available event types
Request data
Set minimal level of events to be logged. Running without params returns current level (default - INFO)
Request data
Description
setlevel [ ] - Minimal level of events to be saved ['INFO', 'WARN', 'CRITICAL']
Make aaaevents archive file manually (all events to be deleted from aaaevents log)
Request data
Description
up_to_date [ date required ] - all the events in the log up to the desired date to be archived format yyyy-mm-dd (ex. 2023-10-13) for date UTC timezone or negative integer (ex. -10) to provide offset from current date
Set notif route used if case there is not enough space for storing security events. Running without params returns current route used
Request data
Description
setroute [ str ] - Notif route used for lack of free space notification. Use None to switch it off
List user events
Request data
{
"context": {
"op": "event_list"
},
"data": {
"operation": "<operation>",
"group": "<group>",
"level": "<level>",
"login": "<login>",
"limit": "<limit>",
"begin": "<begin>",
"end": "<end>",
"full": "<full>",
"obj_uuid": "<obj_uuid>"
}
}
Description
operation [ str ] - Operation name
group [ str ] - Event group name
level [ str ] - Event level name
login [ str ] - User/login name
limit [ int ] - Number of events
begin [ str ] - Start date (d/m/Y, H:M:S)
end [ str ] - End date (d/m/Y, H:M:S)
full [ str ] - Show full events message ['yes', 'no']
obj_uuid [ str ] - Target obj_uuid of the event
Add new syslog connection configuration
Request data
{
"context": {
"op": "syslog_add"
},
"data": {
"protocol": "<protocol>",
"address": "<address>",
"port": "<port>",
"use_tls": "<use_tls>",
"ca_data": "<ca_data>",
"ca_file": "<ca_file>",
"log_enabled": "<log_enabled>"
}
}
Description
protocol [ str required ] - protocol to use when logging to syslog
address [ str required ] - syslog server address
port [ int ] - syslog server connection port
use_tls [ str ] - use secure connection to syslog server
ca_data [ str ] - CA file content
ca_file [ str ] - path to CA file
log_enabled [ str ] - enable logging to syslog server
Delete syslog connection configuration
Request data
Update syslog connection configuration
Request data
{
"context": {
"op": "syslog_update"
},
"data": {
"protocol": "<protocol>",
"address": "<address>",
"port": "<port>",
"use_tls": "<use_tls>",
"ca_data": "<ca_data>",
"ca_file": "<ca_file>",
"log_enabled": "<log_enabled>"
}
}
Description
protocol [ str ] - protocol to use when logging to syslog
address [ str ] - syslog server address
port [ int ] - port
use_tls [ str ] - use secure connection to syslog server
ca_data [ str ] - CA file content
ca_file [ str ] - path to CA file
log_enabled [ str ] - enable logging to syslog server
Show syslog connection configuration
Request data
Models
Events
operation [ ] - Operation name
group [ ] - Event group name
level [ ] - Event level name
login [ ] - User/login name
limit [ int ] - Number of events
begin [ ] - Start date (d/m/Y, H:M:S)
end [ ] - End date (d/m/Y, H:M:S)
full [ ] - Show full events message ['yes', 'no']
Params
events_params [ jsonstr ] - Events parameters (group, level, prop)
ttl_days [ int ] - TTL in days for events (must be in [92, 1096] range)