Stellt die Liste der Datensätze aus den Aktivitätsprotokollen bereit.
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter={$filter}
Mit optionalen Parametern:
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter={$filter}&$select={$select}
URI-Parameter
| Name |
In |
Erforderlich |
Typ |
Beschreibung |
|
subscriptionId
|
path |
True
|
string
|
Hierbei handelt es sich um die ID des Zielabonnements.
|
|
$filter
|
query |
True
|
string
|
Reduziert den gesammelten Datensatz.
Dieses Argument ist erforderlich und erfordert mindestens das Startdatum/die Startzeit.
Das argument $filter ist sehr eingeschränkt und lässt nur die folgenden Muster zu.
-
Auflisten von Ereignissen für eine Ressourcengruppe: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' und eventTimestamp le '2014-07-20T04:36:37.6407898Z' und resourceGroupName eq 'resourceGroupName'.
-
Listenereignisse für Ressource: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' und eventTimestamp le '2014-07-20T04:36:37.6407898Z' und resourceUri eq 'resourceURI'.
-
Auflisten von Ereignissen für ein Abonnement in einem Zeitbereich: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' und eventTimestamp le '2014-07-20T04:36:37.6407898Z'.
-
Auflisten von Ereignissen für einen Ressourcenanbieter: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' und eventTimestamp le '2014-07-20T04:36:37.6407898Z' und resourceProvider eq 'resourceProviderName'.
-
Auflisten von Ereignissen für eine Korrelations-ID: $filter=eventTimestamp ge '2014-07-16T04:36:37.6407898Z' und eventTimestamp le '2014-07-20T04:36:37.6407898Z' und correlationId eq 'correlationID'.
HINWEIS: Es ist keine andere Syntax zulässig.
|
|
api-version
|
query |
True
|
string
|
Hierbei handelt es sich um die für diesen Vorgang zu verwendende API-Version.
|
|
$select
|
query |
|
string
|
Wird verwendet, um Ereignisse nur mit den angegebenen Eigenschaften abzurufen.
Das $select-Argument ist eine durch Trennzeichen getrennte Liste von Eigenschaftennamen, die zurückgegeben werden sollen. Mögliche Werte sind: authorization, claims, correlationId, description, eventDataId, eventName, eventTimestamp, httpRequest, level, operationId, operationName, properties, resourceGroupName, resourceProviderName, resourceId, status, submissionTimestamp, subStatus, subscriptionId
|
Antworten
| Name |
Typ |
Beschreibung |
|
200 OK
|
EventDataCollection
|
Erfolgreiche Anforderung zum Abrufen einer Seite mit Ereignissen in den Aktivitätsprotokollen
|
|
Other Status Codes
|
ErrorResponse
|
Fehlerantwort mit Beschreibung des Grunds für den Fehler.
|
Sicherheit
azure_auth
Azure Active Directory-OAuth2-Flow
Typ:
oauth2
Ablauf:
implicit
Autorisierungs-URL:
https://login.microsoftonline.com/common/oauth2/authorize
Bereiche
| Name |
Beschreibung |
|
user_impersonation
|
Identitätswechsel Ihres Benutzerkontos
|
Beispiele
Get Activity Logs with filter
Beispielanforderung
GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'
/**
* Samples for ActivityLogs List.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
*/
/**
* Sample code: Get Activity Logs with filter.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getActivityLogsWithFilter(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getActivityLogs().list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
null, com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
func ExampleActivityLogsClient_NewListPager_getActivityLogsWithFilter() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewActivityLogsClient().NewListPager("eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'", &armmonitor.ActivityLogsClientListOptions{Select: nil})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// OperationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// Description: to.Ptr(""),
// Authorization: &armmonitor.SenderAuthorization{
// Action: to.Ptr("microsoft.support/supporttickets/write"),
// Role: to.Ptr("Subscription Admin"),
// Scope: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"),
// },
// Caller: to.Ptr("admin@contoso.com"),
// Claims: map[string]*string{
// "name": to.Ptr("John Smith"),
// "appid": to.Ptr("c44b4083-3bq0-49c1-b47d-974e53cbdf3c"),
// "appidacr": to.Ptr("2"),
// "aud": to.Ptr("https://management.core.windows.net/"),
// "exp": to.Ptr("1421880271"),
// "groups": to.Ptr("cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c"),
// "http://schemas.microsoft.com/claims/authnclassreference": to.Ptr("1"),
// "http://schemas.microsoft.com/claims/authnmethodsreferences": to.Ptr("pwd"),
// "http://schemas.microsoft.com/identity/claims/objectidentifier": to.Ptr("2468adf0-8211-44e3-95xq-85137af64708"),
// "http://schemas.microsoft.com/identity/claims/scope": to.Ptr("user_impersonation"),
// "http://schemas.microsoft.com/identity/claims/tenantid": to.Ptr("1e8d8218-c5e7-4578-9acc-9abbd5d23315"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": to.Ptr("John"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": to.Ptr("admin@contoso.com"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": to.Ptr("9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": to.Ptr("Smith"),
// "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": to.Ptr("admin@contoso.com"),
// "iat": to.Ptr("1421876371"),
// "iss": to.Ptr("https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/"),
// "nbf": to.Ptr("1421876371"),
// "puid": to.Ptr("20030000801A118C"),
// "ver": to.Ptr("1.0"),
// },
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventDataID: to.Ptr("44ade6b4-3813-45e6-ae27-7420a95fa2f8"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// HTTPRequest: &armmonitor.HTTPRequestInfo{
// Method: to.Ptr("PUT"),
// ClientIPAddress: to.Ptr("192.168.35.115"),
// ClientRequestID: to.Ptr("27003b25-91d3-418f-8eb1-29e537dcb249"),
// },
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// Properties: map[string]*string{
// "statusCode": to.Ptr("Created"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubStatus: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Created (HTTP Status Code: 201)"),
// Value: to.Ptr("Created"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// SubscriptionID: to.Ptr("089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Provides the list of records from the activity logs.
*
* @summary Provides the list of records from the activity logs.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
*/
async function getActivityLogsWithFilter() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.activityLogs.list(filter)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using System.Xml;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Monitor.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Monitor;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFiltered.json
// this example is just showing the usage of "ActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SubscriptionResource created on azure
// for more information of creating SubscriptionResource, please refer to the document of SubscriptionResource
string subscriptionId = "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
ResourceIdentifier subscriptionResourceId = SubscriptionResource.CreateResourceIdentifier(subscriptionId);
SubscriptionResource subscriptionResource = client.GetSubscriptionResource(subscriptionResourceId);
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
await foreach (EventDataInfo item in subscriptionResource.GetActivityLogsAsync(filter))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
az monitor activity-log list --start-time 2018-07-01 --offset 7d
Click here to learn more about the Azure CLI command.
Beispiel für eine Antwort
{
"value": [
{
"authorization": {
"action": "microsoft.support/supporttickets/write",
"role": "Subscription Admin",
"scope": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841"
},
"caller": "admin@contoso.com",
"claims": {
"aud": "https://management.core.windows.net/",
"iss": "https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/",
"iat": "1421876371",
"nbf": "1421876371",
"exp": "1421880271",
"ver": "1.0",
"http://schemas.microsoft.com/identity/claims/tenantid": "1e8d8218-c5e7-4578-9acc-9abbd5d23315",
"http://schemas.microsoft.com/claims/authnmethodsreferences": "pwd",
"http://schemas.microsoft.com/identity/claims/objectidentifier": "2468adf0-8211-44e3-95xq-85137af64708",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "admin@contoso.com",
"puid": "20030000801A118C",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "9vckmEGF7zDKk1YzIY8k0t1_EAPaXoeHyPRn6f413zM",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": "John",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": "Smith",
"name": "John Smith",
"groups": "cacfe77c-e058-4712-83qw-f9b08849fd60,7f71d11d-4c41-4b23-99d2-d32ce7aa621c,31522864-0578-4ea0-9gdc-e66cc564d18c",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "admin@contoso.com",
"appid": "c44b4083-3bq0-49c1-b47d-974e53cbdf3c",
"appidacr": "2",
"http://schemas.microsoft.com/identity/claims/scope": "user_impersonation",
"http://schemas.microsoft.com/claims/authnclassreference": "1"
},
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"description": "",
"eventDataId": "44ade6b4-3813-45e6-ae27-7420a95fa2f8",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"httpRequest": {
"clientRequestId": "27003b25-91d3-418f-8eb1-29e537dcb249",
"clientIpAddress": "192.168.35.115",
"method": "PUT"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"level": "Informational",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"properties": {
"statusCode": "Created"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"subStatus": {
"value": "Created",
"localizedValue": "Created (HTTP Status Code: 201)"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"subscriptionId": "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Get Activity Logs with filter and select
Beispielanforderung
GET https://management.azure.com/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/providers/Microsoft.Insights/eventtypes/management/values?api-version=2015-04-01&$filter=eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'&$select=eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level
/**
* Samples for ActivityLogs List.
*/
public final class Main {
/*
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/
* GetActivityLogsFilteredAndSelected.json
*/
/**
* Sample code: Get Activity Logs with filter and select.
*
* @param azure The entry point for accessing resource management APIs in Azure.
*/
public static void getActivityLogsWithFilterAndSelect(com.azure.resourcemanager.AzureResourceManager azure) {
azure.diagnosticSettings().manager().serviceClient().getActivityLogs().list(
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'",
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level",
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armmonitor_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/monitor/armmonitor"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/969fd0c2634fbcc1975d7abe3749330a5145a97c/specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
func ExampleActivityLogsClient_NewListPager_getActivityLogsWithFilterAndSelect() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armmonitor.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
pager := clientFactory.NewActivityLogsClient().NewListPager("eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'", &armmonitor.ActivityLogsClientListOptions{Select: to.Ptr("eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level")})
for pager.More() {
page, err := pager.NextPage(ctx)
if err != nil {
log.Fatalf("failed to advance page: %v", err)
}
for _, v := range page.Value {
// You could use page here. We use blank identifier for just demo purposes.
_ = v
}
// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// page.EventDataCollection = armmonitor.EventDataCollection{
// Value: []*armmonitor.EventData{
// {
// CorrelationID: to.Ptr("1e121103-0ba6-4300-ac9d-952bb5d0c80f"),
// EventName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("End request"),
// Value: to.Ptr("EndRequest"),
// },
// EventTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:26.979Z"); return t}()),
// ID: to.Ptr("/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776"),
// Level: to.Ptr(armmonitor.EventLevelInformational),
// OperationName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support/supporttickets/write"),
// Value: to.Ptr("microsoft.support/supporttickets/write"),
// },
// ResourceGroupName: to.Ptr("MSSupportGroup"),
// ResourceProviderName: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("microsoft.support"),
// Value: to.Ptr("microsoft.support"),
// },
// Status: &armmonitor.LocalizableString{
// LocalizedValue: to.Ptr("Succeeded"),
// Value: to.Ptr("Succeeded"),
// },
// SubmissionTimestamp: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2015-01-21T22:14:39.993Z"); return t}()),
// }},
// }
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { MonitorClient } = require("@azure/arm-monitor");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Provides the list of records from the activity logs.
*
* @summary Provides the list of records from the activity logs.
* x-ms-original-file: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
*/
async function getActivityLogsWithFilterAndSelect() {
const subscriptionId =
process.env["MONITOR_SUBSCRIPTION_ID"] || "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
const filter =
"eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
const select =
"eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
const options = { select };
const credential = new DefaultAzureCredential();
const client = new MonitorClient(credential, subscriptionId);
const resArray = new Array();
for await (let item of client.activityLogs.list(filter, options)) {
resArray.push(item);
}
console.log(resArray);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using Azure;
using Azure.ResourceManager;
using System;
using System.Threading.Tasks;
using System.Xml;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager.Monitor.Models;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.Monitor;
// Generated from example definition: specification/monitor/resource-manager/Microsoft.Insights/stable/2015-04-01/examples/GetActivityLogsFilteredAndSelected.json
// this example is just showing the usage of "ActivityLogs_List" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SubscriptionResource created on azure
// for more information of creating SubscriptionResource, please refer to the document of SubscriptionResource
string subscriptionId = "089bd33f-d4ec-47fe-8ba5-0753aa5c5b33";
ResourceIdentifier subscriptionResourceId = SubscriptionResource.CreateResourceIdentifier(subscriptionId);
SubscriptionResource subscriptionResource = client.GetSubscriptionResource(subscriptionResourceId);
// invoke the operation and iterate over the result
string filter = "eventTimestamp ge '2015-01-21T20:00:00Z' and eventTimestamp le '2015-01-23T20:00:00Z' and resourceGroupName eq 'MSSupportGroup'";
string select = "eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level";
await foreach (EventDataInfo item in subscriptionResource.GetActivityLogsAsync(filter, select: select))
{
Console.WriteLine($"Succeeded: {item}");
}
Console.WriteLine($"Succeeded");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
az monitor activity-log list --start-time 2018-07-01 --offset 7d
Click here to learn more about the Azure CLI command.
Beispiel für eine Antwort
{
"value": [
{
"correlationId": "1e121103-0ba6-4300-ac9d-952bb5d0c80f",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"id": "/subscriptions/089bd33f-d4ec-47fe-8ba5-0753aa5c5b33/resourceGroups/MSSupportGroup/providers/microsoft.support/supporttickets/115012112305841/events/44ade6b4-3813-45e6-ae27-7420a95fa2f8/ticks/635574752669792776",
"resourceGroupName": "MSSupportGroup",
"resourceProviderName": {
"value": "microsoft.support",
"localizedValue": "microsoft.support"
},
"operationName": {
"value": "microsoft.support/supporttickets/write",
"localizedValue": "microsoft.support/supporttickets/write"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"eventTimestamp": "2015-01-21T22:14:26.9792776Z",
"submissionTimestamp": "2015-01-21T22:14:39.9936304Z",
"level": "Informational"
}
],
"nextLink": "https://management.azure.com/########-####-####-####-############$skiptoken=######"
}
Definitionen
| Name |
Beschreibung |
|
ErrorResponse
|
Beschreibt das Format der Fehlerantwort.
|
|
EventData
|
Die Azure-Ereignisprotokolleinträge sind vom Typ EventData.
|
|
EventDataCollection
|
Stellt die Auflistung von Ereignissen dar.
|
|
EventLevel
|
die Ereignisebene
|
|
HttpRequestInfo
|
Die HTTP-Anforderungsinformationen.
|
|
LocalizableString
|
Die lokalisierbare Zeichenfolgenklasse.
|
|
SenderAuthorization
|
die Autorisierung, die vom Benutzer verwendet wird, der den Vorgang ausgeführt hat, der zu diesem Ereignis geführt hat. Dadurch werden die RBAC-Eigenschaften des Ereignisses erfasst. Dazu gehören in der Regel die "Aktion", "Rolle" und der "Bereich".
|
ErrorResponse
Beschreibt das Format der Fehlerantwort.
| Name |
Typ |
Beschreibung |
|
code
|
string
|
Fehlercode
|
|
message
|
string
|
Eine Fehlermeldung, die angibt, warum der Vorgang fehlgeschlagen ist.
|
EventData
Die Azure-Ereignisprotokolleinträge sind vom Typ EventData.
| Name |
Typ |
Beschreibung |
|
authorization
|
SenderAuthorization
|
Die Informationen zur Absenderautorisierung.
|
|
caller
|
string
|
die E-Mail-Adresse des Benutzers, der den Vorgang ausgeführt hat, der UPN-Anspruch oder der SPN-Anspruch basierend auf der Verfügbarkeit.
|
|
category
|
LocalizableString
|
die Ereigniskategorie.
|
|
claims
|
object
|
Schlüsselwertpaare zum Identifizieren von ARM-Berechtigungen.
|
|
correlationId
|
string
|
die Korrelations-ID, in der Regel eine GUID im Zeichenfolgenformat. Die Korrelations-ID wird für die Ereignisse freigegeben, die zum gleichen Uber-Vorgang gehören.
|
|
description
|
string
|
Die Beschreibung des Ereignisses.
|
|
eventDataId
|
string
|
die Ereignisdaten-ID. Dies ist ein eindeutiger Bezeichner für ein Ereignis.
|
|
eventName
|
LocalizableString
|
der Ereignisname. Dieser Wert sollte nicht mit OperationName verwechselt werden. Aus praktischen Gründen kann OperationName für Endbenutzer attraktiver sein.
|
|
eventTimestamp
|
string
|
der Zeitstempel des Zeitpunkts, zu dem das Ereignis vom Azure-Dienst generiert wurde, der die Anforderung verarbeitet, die dem Ereignis entspricht. Es im ISO 8601-Format.
|
|
httpRequest
|
HttpRequestInfo
|
die HTTP-Anforderungsinformationen. Umfasst in der Regel die "clientRequestId", "clientIpAddress" (IP-Adresse des Benutzers, der das Ereignis initiiert hat) und "method" (HTTP-Methode z. B. PUT).
|
|
id
|
string
|
die ID dieses Ereignisses, wie von ARM für RBAC erforderlich. Sie enthält die EventDataID und eine Zeitstempelinformation.
|
|
level
|
EventLevel
|
die Ereignisebene
|
|
operationId
|
string
|
Es handelt sich in der Regel um eine GUID, die für die Ereignisse freigegeben wird, die einem einzelnen Vorgang entsprechen. Dieser Wert sollte nicht mit EventName verwechselt werden.
|
|
operationName
|
LocalizableString
|
der Vorgangsname.
|
|
properties
|
object
|
die Gruppe der Schlüssel-Wert-Paare> (in der <Regel eine Wörterbuchzeichenfolge<, Zeichenfolge>), die Details zum Ereignis enthält.
|
|
resourceGroupName
|
string
|
der Ressourcengruppenname der betroffenen Ressource.
|
|
resourceId
|
string
|
der Ressourcen-URI, der die Ressource eindeutig identifiziert, die dieses Ereignis verursacht hat.
|
|
resourceProviderName
|
LocalizableString
|
der Ressourcenanbietername der betroffenen Ressource.
|
|
resourceType
|
LocalizableString
|
ressourcentyp
|
|
status
|
LocalizableString
|
eine Zeichenfolge, die die status des Vorgangs beschreibt. Einige typische Werte sind: Gestartet, In Bearbeitung, Erfolgreich, Fehler, Aufgelöst.
|
|
subStatus
|
LocalizableString
|
der Ereignisunterteil status. Die meiste Zeit erfasst dies den HTTP-status Code des REST-Aufrufs. Allgemeine Werte sind: OK (HTTP-Statuscode: 200), Erstellt (HTTP-Statuscode: 201), Akzeptiert (HTTP-Statuscode: 202), No Content (HTTP-Statuscode: 204), Bad Request(HTTP-Statuscode: 400)), Nicht gefunden (HTTP-Statuscode: 404), Konflikt (HTTP-Statuscode: 409), Interner Serverfehler (HTTP-Statuscode: 500), Dienst nicht verfügbar (HTTP-Statuscode:503), Gatewaytimeout (HTTP-Statuscode: 504)
|
|
submissionTimestamp
|
string
|
der Zeitstempel, zu dem das Ereignis für Abfragen über diese API verfügbar wurde. Es ist im ISO 8601-Format. Dieser Wert sollte nicht verwechselt werden eventTimestamp. Es kann zu einer Verzögerung zwischen dem Zeitpunkt des Auftretens des Ereignisses und dem Zeitpunkt der Übermittlung des Ereignisses an die Azure-Protokollierungsinfrastruktur kommen.
|
|
subscriptionId
|
string
|
Die Azure-Abonnement-ID ist in der Regel eine GUID.
|
|
tenantId
|
string
|
Die Azure-Mandanten-ID
|
EventDataCollection
Stellt die Auflistung von Ereignissen dar.
| Name |
Typ |
Beschreibung |
|
nextLink
|
string
|
Stellt den Link zum Abrufen der nächsten Ereignismenge bereit.
|
|
value
|
EventData[]
|
diese Liste, die die Azure-Überwachungsprotokolle enthält.
|
EventLevel
die Ereignisebene
| Name |
Typ |
Beschreibung |
|
Critical
|
string
|
|
|
Error
|
string
|
|
|
Informational
|
string
|
|
|
Verbose
|
string
|
|
|
Warning
|
string
|
|
HttpRequestInfo
Die HTTP-Anforderungsinformationen.
| Name |
Typ |
Beschreibung |
|
clientIpAddress
|
string
|
die Client-IP-Adresse
|
|
clientRequestId
|
string
|
die Clientanforderungs-ID.
|
|
method
|
string
|
die HTTP-Anforderungsmethode.
|
|
uri
|
string
|
der URI.
|
LocalizableString
Die lokalisierbare Zeichenfolgenklasse.
| Name |
Typ |
Beschreibung |
|
localizedValue
|
string
|
der gebietsschemaspezifische Wert.
|
|
value
|
string
|
der invariante Wert.
|
SenderAuthorization
die Autorisierung, die vom Benutzer verwendet wird, der den Vorgang ausgeführt hat, der zu diesem Ereignis geführt hat. Dadurch werden die RBAC-Eigenschaften des Ereignisses erfasst. Dazu gehören in der Regel die "Aktion", "Rolle" und der "Bereich".
| Name |
Typ |
Beschreibung |
|
action
|
string
|
die zulässigen Handlungen. Für instance: microsoft.support/supporttickets/write
|
|
role
|
string
|
die Rolle des Benutzers. Für instance: Abonnement-Admin
|
|
scope
|
string
|
der Bereich.
|