Diagnostic Manager Fetch Audit Records
Retrieve audit records from their storage on the specified host.
Audit records are stored on the host in a (large) FIFO. The FIFO is continuously being written to due to system activities. It is the responsibility of the caller to issue reads fast enough to keep ahead of the write traffic.
Since: vSphere API Release 7.0.3.0
Required privileges: Global.Diagnostics
The unique identifier for the managed object to which the method attaches; the serialized managed object reference for a request has the form moType/moId
, in this case DiagnosticManager/{moId}
.
The vSphere release schema. The current specification covers vSphere 8.0.3.0 APIs.
{
"token": "string"
}
The token to be used for the operation. The first call must be made without a token. All subsequent calls use the token returned in AuditRecordStatus.
OK
{
"_typeName": "string",
"records": [
"string"
],
"nextToken": "string"
}
Zero or more audit records returned.
Each audit record is a UTF-8 string in RFC 5424 format. See RFC 5424, page 8, for the ABNF grammar.
The HOSTNAME and MSGID fields are set to "-", the structured data contains the audit record parameters, no unstructured data will be present, and each record is terminated with an ASCII LF (newline).
The token to be used for subsequent read operations.
The string is "opaque"; the format of this data changes over time.
InvalidState: The reader has failed to keep up with the write data rate. Data has been lost. It is up to the caller to decide how to react to this. One possibility is to "start again from the beginning" with a call with no token.
SystemError: One more more errors (on the host) have occurred. One or more error strings are available to detail the issues.
{
"_typeName": "string",
"faultCause": "MethodFault Object",
"faultMessage": [
{
"_typeName": "string",
"key": "string",
"arg": [
{
"_typeName": "string",
"key": "string",
"value": {
"_typeName": "string"
}
}
],
"message": "string"
}
]
}
The base data object type for all the object model faults that an application might handle.
Message which has details about the error Message can also contain a key to message catalog which can be used to generate better localized messages.