This function returns a log of actions performed through the QUANTIL portal and API including logins and changes made to domains and other settings. Unlike our other APIs, this one simply returns the log as plain text, one event per line, instead of XML tags. Request parameters allow you to specify a time period. The time period must be within the past six months.
Header |
Description |
Required |
Authorization |
Authorization string for the request |
Yes |
Host |
URI for the QUANTIL SDK (i.e., api.quantil.com) |
Yes |
Date |
The date and time of the request. |
Yes |
Accept |
Indicates the accepted format (i.e., application/xml) |
Yes |
Parameter |
Description |
Required |
datefrom |
RFC3339 formatted date indicating the starting date. Example: 2013-01-01T22:30:00+08:00. If unspecified, all events in the past 6 months will be returned. |
No |
dateto |
RFC3339 formatted date indicating the ending date. Example: 2013-01-01T22:30:00+08:00. If unspecified, all events in the past 6 months will be returned. |
No |
This request does not include an XML document in the request body.
GET /api/securitylog HTTP/1.1
Authorization: <authorization string>
Host: api.quantil.com
Date: <date>
Accept: application/xml
Here is the structure of a request using the curl utility.
curl -i --url https://api.quantil.com/api/securitylog?datefrom = {date from} & dateto = {date to}
-X GET
-u {user}: {password}
-H 'Date: Fri, 26 Oct 2012 06:33:26 GMT'
-H 'Accept: application/xml'
curl -i --url 'https://api.quantil.com/api/securitylog?datefrom=2015-12-01T15:00:00%2D08:00&dateto=2015-12-05T23:5959%2D08:00' -X GET -u test:w+HpWTxTsNRqoLNg3KK74n1vctQ= -H 'Date: Tue, 08 Dec 2015 09:21:51 PST' -H 'Accept: applcation/xml'
HTTP/1.1 200 OK
Date: <date>
Content-Type: application/xml; charset = utf-8
x-cnc-request-id: {id string auto generated by the QUANTIL server}
No XML is returned. Plain text is returned with each line representing an event.
[date_added] Quantil [account_name] [event_id] :: [message] :: [variable_name]=[variable_value], [variable_name]=[variable_value],...
Field |
Description |
date_added |
day, time, and timezone |
account_name |
portal username if the event is associated with a portal user. |
event_id |
unique ID |
message |
brief explanation of the event that occurred. |
variable_name=variable_value |
One of more of these can appear in a comma separated list. The variable_name and variable_value depend on the event. Refer to the table below for examples of events. Some variables are associated with all events. Most are limited to particular events. |
The following variables may appear for all events.
Variable Name |
Description |
Example |
Type |
local_username |
username if a portal user triggered the event. This variable does not appear if the event is triggered by calling one of our APIs. |
local_username=maria |
Optional |
local_userId |
a unique ID representing the portal user |
local_userId=3991 |
Optional |
event_name |
Name of the event that occurred |
event_name=addDomain |
Required |
event_result |
Indicates if the operation was successful or not |
event_result=successful |
Required |
failure_reason |
If the operation failed (i.e., event_result=failed), the value will indicate the reason. |
failure_reason=The specified domain does not exist. |
Optional |
The following variables are associated with QUANTIL portal logins.
The following variables are associated with changes to domains, domain groups, or domain sets. Domain groups and domain sets are only available in the QUANTIL portal. Please refer to the portal's online help for more details.
Variable Name |
Description |
Example |
Applicable Events |
domain_id |
Unique ID of the domain |
domain_id=123 |
addDomain, deleteDomain, editDomain, enableDomain, disableDomain, cancelDomain, purge |
domain_name |
One or more domain names separated by semicolons. These are the domains affected by the event. |
domain_name=mydomain.com |
addDomain, deleteDomain, editDomain, enableDomain, disableDomain, cancelDomain, purge, prefetch |
group_name |
Name of the group associated with group related events. Groups are only supported within the QUANTIL portal. They allow you to limit access to specific domains. |
group_name=mygroup |
addGroup, editGroup, deleteGroup, changeDomainsInGroup |
dst_privilege_user |
A semicolon separated list of users with access to the group along with their privileges. The format is: <username>-<user id>-<privilege> |
read-55-joeuser;write-99-janeDoe |
editGroup,addGroup |
dst_group_name |
Indicates the new name of a group when the group name has changed |
dst_group_name=webDevelopers |
editGroup |
group_domains |
semicolon separated list of domains if the group's domains has changed |
group_domains=domain1.com;domain2.com |
changeDomainsInGroup |
group_domainSets |
semicolon separated list of domain sets in a group. Domain sets are only available in the QUANTIL portal. |
group_domainSets=domainSet1.com;domainSet2.com |
changeDomainsInGroup |
Variable Name |
Description |
Example |
Applicable Events |
certificate_id |
Unique ID of an SSL certificate |
certificate_id=123456 |
addCertificate, editCertificate, deleteCertificate |
certificate_name |
Name of the certificate. |
certificate_name=my certificate |
addCertificate, editCertificate, deleteCertificate |
HTTP/1.1 200 OK
Content-Disposition: attachment; filename=security.log
Date: Tue, 08 Dec 2015 18:53:55 GMT
Accept-Ranges: bytes
Server: WS-web-server
x-cnc-request-id: 22037890
Content-Type: application/xml;charset=UTF-8
Transfer-Encoding: chunked
2015-12-08T10:01-0800 Quantil carlos 19015::User carlos attempted log in successful::local_username=carlos,local_userId=666,event_name=passwordAuthentication,event_result= successful,src_ip=118.230.152.233
2015-12-08T10:14-0800 Quantil maria 19016::User maria attempted log in successful::local_username=maria,local_userId=3991,event_name=passwordAuthentication,event_result= successful,src_ip=0:0:0:0:0:0:0:1
2015-12-08T10:15-0800 Quantil maria 19017::User maria add Domain {domain-name} failed::local_username=maria,local_userId=3991,event_name=addDomain,event_result= failed,domain_name={domain-name},failure_reason=Invalid domain:{domain-name},src_ip=0:0:0:0:0:0:0:1
2015-12-08T10:37-0800 Quantil harold 19018::User harold logged out successful::local_username=harold,local_userId=6,event_name=logoff,event_result= successful,src_ip=83.108.119.82
2015-12-08T10:52-0800 Quantil harold 19019::User harold attempted log in successful::local_username=harold,local_userId=6,event_name=passwordAuthentication,event_result= successful,src_ip=83.108.119.82
2015-12-08T10:53-0800 Quantil maria 19020::User maria attempted log in successful::local_username=maria,local_userId=3991,event_name=passwordAuthentication,event_result= successful,src_ip=0:0:0:0:0:0:0:1
2015-12-08T10:53-0800 Quantil carlos 19021::User carlos attempted log in successful::local_username=carlos,local_userId=666,event_name=passwordAuthentication,event_result= successful,src_ip=83.108.119.82
2015-12-08T10:53-0800 Quantil harold 19022::User harold edit Domain :haroldstagetest.com successful::local_username=harold,local_userId=6,event_name=editDomain,event_result= successful,domain_id=67086,domain_name=haroldstagetest.com
Error |
Description |
HTTP status code |
InvalidDatePeriod |
The date specified is invalid. |
400 |