All URIs are relative to https://localhost/api/v54
Method | HTTP request | Description |
---|---|---|
read_audits | GET /audits | Fetch audit events from Cloudera Manager (CM) and CM managed services like HDFS, HBase, Impala, Hive, and Sentry. |
stream_audits | GET /audits/stream |
ApiAuditList read_audits(end_time=end_time, max_results=max_results, query=query, result_offset=result_offset, start_time=start_time)
Fetch audit events from Cloudera Manager (CM) and CM managed services like HDFS, HBase, Impala, Hive, and Sentry.
Fetch audit events from Cloudera Manager (CM) and CM managed services like HDFS, HBase, Impala, Hive, and Sentry.
By default, this call will fetch the first 100 audit events (sorted from most recent to oldest) corresponding to a 1 day window based on provided end time (which defaults to the current CM server time). The startTime and endTime parameters can be used to control the window being queried.
Audit events for CM managed services are only retrieved if Cloudera Navigator server is running.
from __future__ import print_function
import time
import cm_client
from cm_client.rest import ApiException
from pprint import pprint
# Configure HTTP basic authorization: basic
configuration = cm_client.Configuration()
configuration.username = 'YOUR_USERNAME'
configuration.password = 'YOUR_PASSWORD'
# create an instance of the API class
api_instance = cm_client.AuditsResourceApi(cm_client.ApiClient(configuration))
end_time = 'now' # str | End of the period to query in ISO 8601 format (defaults to current time). (optional) (default to now)
max_results = 100 # int | Maximum number of audits to return (optional) (default to 100)
query = 'query_example' # str | The query to filter out audits in the system. It accepts querying the intersection of a list of constraints, joined together with semicolons (without spaces). For example: </p> <dl> <dt>command==listStatus</dt> <dd>looks for audits with listStatus command.</dd> <dt>command==listStatus;username!=foo</dt> <dd>looks for audits with listStatus command but excludes audits generated by foo username</dd> <dt>command==listStatus;source==*oozie*</dt> <dd>looks for audits with listStatus command and source that contains the string 'oozie'. </dd> </dl> Following are valid selectors for the query (if applicable to the audit): <table> <tr> <th> Selector </th> <th> Description </th> <th> SCM </th> <th> HDFS </th> <th> HBase </th> <th> Hive </th> <th> Impala </th> <th> Sentry </th> </tr> <tr> <td> service </td> <td> Cloudera Manager Service </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> </tr> <tr> <td> operation </td> <td> Operation name </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> </tr> <tr> <td> username </td> <td> User name </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> </tr> <tr> <td> impersonator</td> <td> Impersonator </td> <td> </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> </tr> <tr> <td> ip_address </td> <td> IP Address </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> </tr> <tr> <td> allowed </td> <td> Whether the request was allowed or denied </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> </tr> <tr> <td> qualifier</td> <td> Column qualifier </td> <td> </td> <td> </td> <td> x </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> source </td> <td> Source resource of the operation </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> </td> </tr> <tr> <td> destination </td> <td> Destination resource of the operation </td> <td> </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> <td> </td> </tr> <tr> <td> hostIpAddress </td> <td> Host IP Address </td> <td> x </td> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> role </td> <td> Cloudera Manager Role </td> <td> x </td> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> family </td> <td> Column family </td> <td> </td> <td> </td> <td> x </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> database_name </td> <td> Database name </td> <td> </td> <td> </td> <td> </td> <td> x </td> <td> x </td> <td> x </td> </tr> <tr> <td> table_name </td> <td> Table name </td> <td> </td> <td> </td> <td> x </td> <td> x </td> <td> x </td> <td> x </td> </tr> <tr> <td> object_type </td> <td> Type of object being handled </td> <td> </td> <td> </td> <td> </td> <td> x </td> <td> x </td> <td> x </td> </tr> <tr> <td> operation_text </td> <td> Command/query text </td> <td> </td> <td> </td> <td> </td> <td> x </td> <td> x </td> <td> x </td> </tr> </table> <p> The only supported operator is <em>\";\"</em> (Boolean AND). Boolean OR is not supported. <p> The supported comparators are <em>==</em> and <em>!=</em> Note that \"LIKE\" comparison is supported using the wild card syntax, for example <em>foo==*value*</em>. Asterisk is interpreted as a wild card character and must not be part of the value. (LIKE comparison queries are converted to standard SQL LIKE syntax, so any % (%25) character in a value that also contains a wild card will be interpreted as a wild card.) <p/> Available since API v8. A subset of these features is available since v4. (optional)
result_offset = 0 # int | Offset of audits to return (optional) (default to 0)
start_time = 'start_time_example' # str | Start of the period to query in ISO 8601 format (defaults to 1 day ago relative to endTime). (optional)
try:
# Fetch audit events from Cloudera Manager (CM) and CM managed services like HDFS, HBase, Impala, Hive, and Sentry.
api_response = api_instance.read_audits(end_time=end_time, max_results=max_results, query=query, result_offset=result_offset, start_time=start_time)
pprint(api_response)
except ApiException as e:
print("Exception when calling AuditsResourceApi->read_audits: %s\n" % e)
Name | Type | Description | Notes | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
end_time | str | End of the period to query in ISO 8601 format (defaults to current time). | [optional] [default to now] | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
max_results | int | Maximum number of audits to return | [optional] [default to 100] | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
query | str | The query to filter out audits in the system. It accepts querying the intersection of a list of constraints, joined together with semicolons (without spaces). For example:
The only supported operator is ";" (Boolean AND). Boolean OR is not supported. The supported comparators are == and != Note that "LIKE" comparison is supported using the wild card syntax, for example foo==value. Asterisk is interpreted as a wild card character and must not be part of the value. (LIKE comparison queries are converted to standard SQL LIKE syntax, so any % (%25) character in a value that also contains a wild card will be interpreted as a wild card.) Available since API v8. A subset of these features is available since v4. | [optional] | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
result_offset | int | Offset of audits to return | [optional] [default to 0] | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
start_time | str | Start of the period to query in ISO 8601 format (defaults to 1 day ago relative to endTime). | [optional] |
[Back to top] [Back to API list] [Back to Model list] [Back to README]
file stream_audits(end_time=end_time, max_results=max_results, query=query, result_offset=result_offset, start_time=start_time)
from __future__ import print_function
import time
import cm_client
from cm_client.rest import ApiException
from pprint import pprint
# Configure HTTP basic authorization: basic
configuration = cm_client.Configuration()
configuration.username = 'YOUR_USERNAME'
configuration.password = 'YOUR_PASSWORD'
# create an instance of the API class
api_instance = cm_client.AuditsResourceApi(cm_client.ApiClient(configuration))
end_time = 'now' # str | (optional) (default to now)
max_results = 100 # int | (optional) (default to 100)
query = 'query_example' # str | (optional)
result_offset = 0 # int | (optional) (default to 0)
start_time = 'start_time_example' # str | (optional)
try:
api_response = api_instance.stream_audits(end_time=end_time, max_results=max_results, query=query, result_offset=result_offset, start_time=start_time)
pprint(api_response)
except ApiException as e:
print("Exception when calling AuditsResourceApi->stream_audits: %s\n" % e)
Name | Type | Description | Notes |
---|---|---|---|
end_time | str | [optional] [default to now] | |
max_results | int | [optional] [default to 100] | |
query | str | [optional] | |
result_offset | int | [optional] [default to 0] | |
start_time | str | [optional] |
[Back to top] [Back to API list] [Back to Model list] [Back to README]