Package com.sas.lsaf.query.audit
Interface AuditQueryService
-
public interface AuditQueryService
The service to extract audit information to a file. The methods in the service require the current user to have the View Audit History privilege.- Since:
- 2.3
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description java.lang.String
executeAuditEntryDetailQuery(AuditEntryDetailQuery query, ExtractFileCreateInfo file)
Extracts audit entries with details to a file based on the specified query.java.lang.String
executeAuditEntryQuery(AuditEntryQuery query, ExtractFileCreateInfo file)
Extracts audit entries to a file based on the specified query.
-
-
-
Method Detail
-
executeAuditEntryQuery
java.lang.String executeAuditEntryQuery(AuditEntryQuery query, ExtractFileCreateInfo file) throws QueryException
Extracts audit entries to a file based on the specified query. This method requires the current user have the View Audit History privilege. If the query results exceed the row limit (default is 10 million), aQueryLimitException
will be thrown.Here is a simple example that queries audit entries, which includes all available columns, for a specific user sorted by date.
AuditEntryQuery query = new AuditEntryQuery(); query.select(AuditEntryQuery.ALL); query.constrain(Comparison.equal(AUDIT_ENTRY_USERID, "userxyz")); query.order(Order.descending(AUDIT_ENTRY_TIMESTAMP)); service.executeAuditEntryQuery(query, fileInfo);
Here is an example of a more complex query of audit entries for logins, successful or unsuccessful, within the last month, sorted first by userid and then by date.
AuditEntryQuery query = new AuditEntryQuery(); query.select(AUDIT_ENTRY_USERID, AUDIT_ENTRY_ACTION, AUDIT_ENTRY_TIMESTAMP); Date oneMonthAgo = DateUtils.addMonths(new Date(), -1); query.constrain( Condition.and( Condition.or( Comparison.equal(AUDIT_ENTRY_ACTION, AuditConstants.ACTION_SESSION_LOGON_SUCCESSFUL), Comparison.equal(AUDIT_ENTRY_ACTION, AuditConstants.ACTION_SESSION_LOGON_FAILED)), Comparison.greaterThan(AUDIT_ENTRY_TIMESTAMP, oneMonthAgo.getTime()))); query.order(Order.descending(AUDIT_ENTRY_USERID), Order.ascending(AUDIT_ENTRY_TIMESTAMP)); service.executeAuditEntryQuery(query, fileInfo);
- Parameters:
query
- The audit criteria with which to query.file
- The method to add the query output file.- Returns:
- The path to the query output file.
- Throws:
QueryException
- Thrown when there is an issue generating the query.
-
executeAuditEntryDetailQuery
java.lang.String executeAuditEntryDetailQuery(AuditEntryDetailQuery query, ExtractFileCreateInfo file) throws QueryException
Extracts audit entries with details to a file based on the specified query. Each detail is in a separate row that includes the parent audit entry information. This method requires the current user have the View Audit History privilege. If the query results exceed the row limit (default is 10 million), aQueryLimitException
will be thrown.Here is a simple example that queries audit entries with details, which includes all available columns, for a specific user sorted by date.
AuditEntryDetailQuery query = new AuditEntryDetailQuery(); query.select(AuditEntryDetailQuery.ALL); query.constrain(Comparison.equal(AUDIT_ENTRY_USERID, "userxyz")); query.order(Order.descending(AUDIT_ENTRY_TIMESTAMP)); service.executeAuditEntryDetailQuery(query, fileInfo);
- Parameters:
query
- The audit criteria with which to query.file
- The method to add the query output file.- Returns:
- The path to the query output file.
- Throws:
QueryException
- Thrown when there is an issue generating the query.
-
-