Diagnostic Manager Fetch Audit Records

Diagnostic Manager Fetch Audit Records

Retrieve audit records from their storage on the specified host.

Audit records are stored on the host in a (large) FIFO. The FIFO is continuously being written to due to system activities. It is the responsibility of the caller to issue reads fast enough to keep ahead of the write traffic.

Since: vSphere API Release 7.0.3.0

Required privileges: Global.Diagnostics

Request
URI
POST
https://{vcenter-host}/sdk/vim25/{release}/DiagnosticManager/{moId}/FetchAuditRecords
COPY
Path Parameters
string
moId
Required

The unique identifier for the managed object to which the method attaches; the serialized managed object reference for a request has the form moType/moId, in this case DiagnosticManager/{moId}.

string
release
Required

The vSphere release schema. The current specification covers vSphere 8.0.3.0 APIs.


Request Body
FetchAuditRecordsRequestType of type(s) application/json
Required
{
    "token": "string"
}
string
token
Optional

The token to be used for the operation. The first call must be made without a token. All subsequent calls use the token returned in AuditRecordStatus.

Authentication
This operation uses the following authentication methods.
Responses
200

OK

Returns DiagnosticManagerAuditRecordResult of type(s) application/json
This response body class contains all of the following: DataObject
{
    "_typeName": "string",
    "records": [
        "string"
    ],
    "nextToken": "string"
}
array of string
records
Optional

Zero or more audit records returned.

Each audit record is a UTF-8 string in RFC 5424 format. See RFC 5424, page 8, for the ABNF grammar.

The HOSTNAME and MSGID fields are set to "-", the structured data contains the audit record parameters, no unstructured data will be present, and each record is terminated with an ASCII LF (newline).

string
nextToken
Required

The token to be used for subsequent read operations.

The string is "opaque"; the format of this data changes over time.


500

InvalidState: The reader has failed to keep up with the write data rate. Data has been lost. It is up to the caller to decide how to react to this. One possibility is to "start again from the beginning" with a call with no token.

SystemError: One more more errors (on the host) have occurred. One or more error strings are available to detail the issues.

Returns MethodFault of type(s) application/json
This response body class contains all of the following: Any
{
    "_typeName": "string",
    "faultCause": "MethodFault Object",
    "faultMessage": [
        {
            "_typeName": "string",
            "key": "string",
            "arg": [
                {
                    "_typeName": "string",
                    "key": "string",
                    "value": {
                        "_typeName": "string"
                    }
                }
            ],
            "message": "string"
        }
    ]
}
faultCause
Optional

The base data object type for all the object model faults that an application might handle.

faultMessage
Optional

Message which has details about the error Message can also contain a key to message catalog which can be used to generate better localized messages.