This API resource is only usable in Tenable.sc Director.
/mgmt/system/logFiles
Methods
GET
Gets the list of log filesĀ on a linked Tenable.sc Instance that are available to the user
Request Parameters
Expand
{
"sciID": <number>
}
Example Response for Admins
Expand
{
"type": "regular",
"response": [
{
"organization": {
"id": 0,
"name": "Application",
"description": ""
},
"basenames": [
"202106"
]
},
{
"organization": {
"id": "1",
"name": "Child Org",
"description": ""
},
"basenames": [
"202106"
]
}
],
"error_code": 0,
"error_msg": "",
"warnings": [],
"timestamp": 1624370508
}
Example Response for Security Managers
Expand
{
"type": "regular",
"response": [
{
"basenames": [
"202106"
]
}
],
"error_code": 0,
"error_msg": "",
"warnings": [],
"timestamp": 1624371093
}
/mgmt/system/logs
Methods
POST
Returns the available log messages on a linked Tenable.sc Instance, based on user permissions and the query filters
Request Parameters
Expand
{
"sciID": <number>,
"date" : scLog basename (eg. "201412") | "all",
"query": {
"startOffset" : <number>,
"endOffset" : <number>,
"filters" : [
{
"filterName" : "keywords",
"operator" : "=",
"value" : <string>
},
{
"filterName" : "severity",
"value" : {
"id" : <number> [0-2],
"operator" : "=",
"name":"INFO|WARNING|CRITICAL"
}
},
{
"filterName" : "module",
"operator" : "=",
"value" : <string> (eg. "auth")
},
{
"filterName" : "organization",
"value" : {
"id" : <number>
}
}
]
}
}
Example Response
Expand
{
"type": "regular",
"response": {
"skip": [],
"totalRecords": 56,
"endOffset": 3,
"results": [
{
"rawLog": "Tue, 22 Jun 2021 10:20:28 -0400|qahead|auth|INFO|Successful logout for 'qahead'.\n",
"organization": {
"id": "1",
"name": "Child Org",
"description": ""
},
"message": "Successful logout for 'qahead'.",
"severity": {
"id": "0",
"name": "INFO",
"description": "Information"
},
"module": "auth",
"source": "qahead",
"date": "Tue, 22 Jun 2021 10:20:28 -0400"
},
{
"rawLog": "Tue, 22 Jun 2021 09:20:01 -0400|qahead|policy|INFO|' [qahead]' deleted organization policy 'Basic Policy' (id #1000002).\n",
"organization": {
"id": "1",
"name": "Child Org",
"description": ""
},
"message": "' [qahead]' deleted organization policy 'Basic Policy' (id #1000002).",
"severity": {
"id": "0",
"name": "INFO",
"description": "Information"
},
"module": "policy",
"source": "qahead",
"date": "Tue, 22 Jun 2021 09:20:01 -0400"
},
{
"rawLog": "Tue, 22 Jun 2021 09:18:08 -0400|qahead|policy|INFO|' [qahead]' created organization policy 'Basic Policy' (id #1000002).\n",
"organization": {
"id": "1",
"name": "Child Org",
"description": ""
},
"message": "' [qahead]' created organization policy 'Basic Policy' (id #1000002).",
"severity": {
"id": "0",
"name": "INFO",
"description": "Information"
},
"module": "policy",
"source": "qahead",
"date": "Tue, 22 Jun 2021 09:18:08 -0400"
}
]
},
"error_code": 0,
"error_msg": "",
"warnings": [],
"timestamp": 1624372254
}