REST API¶
Authentication¶
To get the ability of sending requests to REST API you should enable the option API access is enabled in the menu Admin -> Server settings.
Authentication of requests to API is carried out by transferring the key stated in the parameter API Key.
API key is transferred in the GET parameter of the secret request, for example:
https://demo_server/analytics/model/?secret=3a7e...418418e
Cube model¶
Handler: /analytics/model/
Sample request:
https://localhost/analytics/model/?secret=3a7e...418418e
The returns the data model of OLAP cube. The format is described here
Cube model is described here Data model
Filters and policies¶
Возвращает все сохраненные фильтры и политики в виде иерархии объектов. Returnes all saved filters and policies as objects hierarchy.
Handler: /analytics/filter/list/
Sample requests:
https://localhost/analytics/filter/list/?secret=3a7e...418418e
Sample return:
[
{
"id": 1,
"content_type": "filter",
"name": "Filter name",
"facts_count": 0,
"measure": "record_count",
"dimension": "agent_time@ymdh:hour",
"category": "neutral",
"listType": "table",
"do_scan": false,
"reporting_schedule_type": "",
"drilldown": [ "agent_agent@computer_name:computer_name", ... ],
"notify": false,
"emails": "",
"orderDim": "agent_account@office:office",
"url": "/analytics/report/aggregate/index/",
"report_if_filter_data_exists": false,
"tab": "filter",
"mode": "explore",
"order": "record_count",
"orderDir": "desc",
"filters": [
{
"predicates": [],
"dimension": "agent_account@office:office",
"value": "",
"label": ""
},
...
],
"children": [...]
},
...
]
Parameters of request to OLAP cube¶
Handlers described below can take filtration parameters. All the parameters are not obligatory.
Name |
Description |
|---|---|
backend |
Preferrable data source (postgresql, clickhouse, hybrid) |
limit |
Page size (number of returned strings) |
page |
Page number |
time_from |
Period starting time |
time_to |
Period ending time |
order |
Sorting attribute |
dir |
Sorting atribute (asc, desc) |
dim |
Filtering dimension. This parameter can be found several times. |
filter |
Dimensions for filtration. Order and amount must correspond to the parameters of dim |
Facts¶
Handler: /analytics/facts/agent_event/
Sample request:
https://local.host/analytics/facts/agent_event/?backend=postgresql&dim=agent_eventtype@default:agent_eventtype&dir=desc&filter=1&limit=50&order=local_time&page=0&time_from=2018-09-04T00:00:00.000&time_to=2018-09-04T23:59:59.999&secret=3a7e...418418e
Sample return:
{
"object_list": [
{
"agent_device.description": null,
"analytics_filter.id": null,
"agent_attachedfile.file_ext": null,
"agent_dialog.sender": null,
"agent_agent.last_report": "Active yesterday",
"agent_agent.os": "6.2.9200",
"agent_eventtype.name": "Screenshot",
"agent_web.url": null,
"time_registered": "2018-09-02T12:00:09.286822+00:00",
"agent_account.guid": "S-1-5-21-1174184718-2834874228-2720016071-1001",
"agent_web.id": null,
"agent_feedbacktype.description": null,
"agent_agent.last_activity_time": "2018-09-02T11:59:04.523638+00:00",
"parent_id": null,
"agent_attachedfile.mime": "image/jpeg",
"agent_appinstallation.publisher": null,
"agent_networkconnection.id": null,
"agent_account.office": "",
"agent_networkconnection.remote_address": null,
"agent_attachedfile.id": 1755,
"agent_attachedfile.extracted": false,
"agent_appinstallation.version": null,
"agent_agent.label": "",
"agent_device.drive_type": null,
"agent_web.domain": null,
"agent_application.id": 271,
"agent_time.weekday": 6,
"agent_web.protocol": null,
"agent_web.site": null,
"agent_account.id": 322,
"agent_agent.guid": "HWIDVB94bea50c-4604cbd0",
"agent_web.mime": null,
"agent_attachedfile.file_name": null,
"agent_dialog.dialog_type": null,
"agent_account.user_domain": "WORKGROUP",
"agent_time.day": 2,
"agent_time.id": 564,
"text_data": "",
"agent_application.app_icon_id": 1723,
"agent_account.last_report_time": "2018-09-02T12:00:09.255085+00:00",
"agent_account.comment": "",
"agent_application.window_title": "{E:\\opt\\tor-browser_en-US\\Browser\\Downloads\\MS Office 2013 Portable (2017) 7z SFX} - Far 3.0.5225 x64",
"agent_agent.last_report_time": "2018-09-02T12:00:09.255085+00:00",
"agent_device.hwid": null,
"agent_account.mail": "",
"agent_account.company": "",
"agent_eventtype.description": "Screenshot",
"agent_eventtype.id": 4,
"agent_dialog.direction": null,
"agent_attachedfile.file_exist": true,
"agent_attachedfile.file_path": null,
"agent_time.month": 9,
"agent_account.user_name": "ermakus",
"agent_time.year": 2018,
"agent_agent.last_ip": "192.168.0.111",
"window_title": "{E:\\opt\\tor-browser_en-US\\Browser\\Downloads\\MS Office 2013 Portable (2017) 7z SFX} - Far 3.0.5225 x64",
"%(140392777775632 id)s": 19354,
"agent_appinstallation.product_name": null,
"analytics_filter.syscat": null,
"agent_attachedfile.guid": "0fec5042-9665-edbd-d490-657eb442d401",
"agent_time.hour": 15,
"agent_feedbacktype.id": null,
"children_count": 0,
"agent_dialog.contact": null,
"agent_attachedfile.data": "filedata/by_date/2018_09_02/ac5df7124c4bad5d0e07a277ad4563af0abca928.jpe",
"agent_account.post": "",
"agent_feedbacktype.name": null,
"agent_dialog.recipients": null,
"agent_networkconnection.remote_port": null,
"agent_dialog.domain": null,
"agent_dialog.message_format": null,
"agent_device.manufacturer": null,
"agent_agent.agent_version": "2465",
"agent_time.minute": 0,
"idle_time": 0,
"agent_agent.computer_name": "DESKTOP-E308NV5",
"agent_application.app_description": "File and archive manager",
"agent_account.last_activity_time": "2018-09-02T11:59:04.523638+00:00",
"id": 19354,
"agent_account.full_name": "",
"agent_agent.id": 2526,
"activity_time": 0,
"agent_device.device_class": null,
"agent_time.quarter": 60,
"filters_data": null,
"agent_account.phone": "",
"agent_dialog.sender_domain": null,
"agent_attachedfile.sha1": "ac5df7124c4bad5d0e07a277ad4563af0abca928",
"agent_attachedfile.file_operation": null,
"analytics_filter.name": null,
"logon_event": "",
"agent_time.time_zone": "UTC+3",
"agent_dialog.members": null,
"call_duration": null,
"analytics_filter.category": null,
"agent_application.exe_path": "C:\\PROGRAM FILES\\FAR MANAGER\\FAR.EXE",
"agent_application.app_name": "far.exe",
"local_time": "2018-09-02T19:00:08+07:00",
"agent_attachedfile.drive_type": null,
"agent_appinstallation.install_event": null
},
...
]}
Aggregation¶
Handler: /analytics/aggregate/agent_event/
Name |
Description |
|---|---|
drill |
Dimensions for drilldown, can be found several times |
Sample request:
https://localhost/analytics/aggregate/agent_event/?backend=postgresql&drill=agent_agent@computer_name:computer_name&time_from=2018-09-04T00:00:00.000&time_to=2018-09-04T23:59:59.999&secret=3a7e...418418e
Return sample:
{
"cells": [
{
"record_count": 292,
"call_duration_sum": 0,
"agent_agent.computer_name": "DESKTOP-E308NV5",
"agent_agent.last_activity_time": "2018-09-02T11:59:04.523638+00:00",
"activity_time_sum": 27158538723,
"agent_agent.guid": "HWIDVB94bea50c-4604cbd0",
"agent_agent.id": 2526,
"local_time_max": "2018-09-02T12:00:08+00:00",
"idle_time_sum": 16101090000,
"local_time_min": "2018-09-02T10:43:52+00:00",
"agent_agent.last_report_time": "2018-09-02T12:00:09.255085+00:00"
}
],
"cell": [
{
"hierarchy": "computer_name",
"path": [
"2526",
"HWIDVB94bea50c-4604cbd0",
"DESKTOP-E308NV5"
],
"type": "point",
"dimension": "agent_agent",
"level_depth": 3
},
{
"from": [
"2018-08-29T00:00:00+07:00"
],
"level_depth": 1,
"hierarchy": null,
"to": [
"2018-09-04T23:59:59.999000+07:00"
],
"type": "range",
"dimension": "local_time"
}
],
"levels": {
"agent_agent": [
"id",
"guid",
"computer_name"
]
},
"remainder": {}
}
Dimensions’ values¶
Handler: /analytics/values/agent_event/
Name |
Description |
|---|---|
drill |
Dimension name |
Sample request:
https://localhost/analytics/values/agent_event/?backend=postgresql&drill=agent_agent@computer_name:computer_name&time_from=2018-09-04T00:00:00.000&time_to=2018-09-04T23:59:59.999&secret=3a7e...418418e
Sample return:
{
"cells": [
{
"agent_agent.last_report_time": "2018-09-02T12:00:09.255085+00:00",
"agent_agent.guid": "HWIDVB94bea50c-4604cbd0",
"agent_agent.id": 2526,
"agent_agent.computer_name": "DESKTOP-E308NV5",
"agent_agent.last_activity_time": "2018-09-02T11:59:04.523638+00:00"
},
...
]
}