System.Log
URI: http://soap.zeus.com/zxtm/1.0/System/Log/
The System.Log interface provides audit log and error log information for this machine. Using this interface, you can retrieve the error log as a string, get a list of individual entries in the audit log and clear the error log.
Methods
clearErrorLog()
Clear the error log for this machine.
void clearErrorLog()
getAuditLog()
Get a list of the most recent elements of the audit log for this machine.
System.Log.AuditItem[] getAuditLog()
getAuditLogLines( max_lines )
Get a maximum of max_lines lines of the audit log for this machine.
System.Log.AuditItem[] getAuditLogLines(
Integer max_lines
)
getErrorLogLines( max_lines )
Get a maximum of max_lines lines of the error log for this machine as a string, if max_lines is 0 then 1024 lines are returned.
String getErrorLogLines(
Integer max_lines
)
getErrorLogString()
Get the error log for this machine as a string.
String getErrorLogString()
Structures
System.Log.AccessDenied
This is the operation parameters structure for 'accessdenied' operations (host denied by access restrictions). It is used when getting Audit Log data.
struct System.Log.AccessDenied implements System.Log.OpParam {
# A host value.
String host;
}
System.Log.AddAuthenticator
This is the operation parameters structure for 'addauth' operations (authenticator added). It is used when getting Audit Log data.
struct System.Log.AddAuthenticator implements System.Log.OpParam {
# An authenticator being modified.
String modauth;
# Type of an authenticator being modified.
String authtype;
}
System.Log.AddFile
This is the operation parameters structure for 'addfile' operations (file added). It is used when getting Audit Log data.
struct System.Log.AddFile implements System.Log.OpParam {
# A file on the filesystem being modified.
String file;
}
System.Log.AddGroup
This is the operation parameters structure for 'addgroup' operations (group added). It is used when getting Audit Log data.
struct System.Log.AddGroup implements System.Log.OpParam {
# A group being modified.
String modgroup;
}
System.Log.AddUser
This is the operation parameters structure for 'adduser' operations (user added). It is used when getting Audit Log data.
struct System.Log.AddUser implements System.Log.OpParam {
# A user being modified.
String moduser;
# A group being modified.
String modgroup;
}
System.Log.Adhoc
This is the operation parameters structure for 'adhoc' operations (a custom event). It is used when getting Audit Log data.
struct System.Log.Adhoc implements System.Log.OpParam {
# Arbitrary text.
String text;
# An arbitrary object.
String obj;
}
System.Log.AuditItem
This structure contains the information about an event in the Audit Log file. It is used when getting Audit Log information.
struct System.Log.AuditItem {
# The date and time at which the event occurred.
Time date;
# The name of the user who caused the event.
String user;
# The group of the user who caused the event.
String group;
# The authenticator that authorised the user who caused the event.
String auth;
# The IP address of the user.
String ip;
# The type of operation that occurred.
System.Log.OperationType op_type;
# The list of parameters used in the operation. This list is required for all
# operations with the exception of operations for which there are no
# additional parameters.
System.Log.OpParam op_params;
}
System.Log.CopyAuthenticator
This is the operation parameters structure for 'copyauth' operations (authenticator copied). It is used when getting Audit Log data.
struct System.Log.CopyAuthenticator implements System.Log.OpParam {
# An authenticator being modified.
String modauth;
# An authenticator that was copied.
String oldauth;
# Type of an authenticator being modified.
String authtype;
}
System.Log.CopyFile
This is the operation parameters structure for 'copyfile' operations (file copied). It is used when getting Audit Log data.
struct System.Log.CopyFile implements System.Log.OpParam {
# A file that was copied or renamed.
String oldfile;
# A file on the filesystem being modified.
String file;
}
System.Log.CopyGroup
This is the operation parameters structure for 'copygroup' operations (group copied). It is used when getting Audit Log data.
struct System.Log.CopyGroup implements System.Log.OpParam {
# A group being modified.
String modgroup;
# A group that was copied.
String oldgroup;
}
System.Log.DeleteAuthenticator
This is the operation parameters structure for 'delauth' operations (authenticator deleted). It is used when getting Audit Log data.
struct System.Log.DeleteAuthenticator implements System.Log.OpParam {
# An authenticator being modified.
String modauth;
# Type of an authenticator being modified.
String authtype;
}
System.Log.DeleteFile
This is the operation parameters structure for 'delfile' operations (file deleted). It is used when getting Audit Log data.
struct System.Log.DeleteFile implements System.Log.OpParam {
# A file on the filesystem being modified.
String file;
}
System.Log.DeleteGroup
This is the operation parameters structure for 'delgroup' operations (group deleted). It is used when getting Audit Log data.
struct System.Log.DeleteGroup implements System.Log.OpParam {
# A group being modified.
String modgroup;
}
System.Log.DeleteUser
This is the operation parameters structure for 'deluser' operations (user deleted). It is used when getting Audit Log data.
struct System.Log.DeleteUser implements System.Log.OpParam {
# A user being modified.
String moduser;
# A file on the filesystem being modified.
String file;
}
System.Log.Login
This is the operation parameters structure for 'login' operations (logged in). It is used when getting Audit Log data.
struct System.Log.Login implements System.Log.OpParam {
# A login type, i.e. UI, basicauth, or SSH.
String logintype;
# A login timeout value.
String timeout;
}
System.Log.LoginFail
This is the operation parameters structure for 'loginfail' operations (failed login attempt). It is used when getting Audit Log data.
struct System.Log.LoginFail implements System.Log.OpParam {
# A login type, i.e. UI, basicauth, or SSH.
String logintype;
# Resource being accessed.
String resource;
}
System.Log.LoginLimitHit
This is the operation parameters structure for 'loginlockout' operations (user account disabled). It is used when getting Audit Log data.
struct System.Log.LoginLimitHit implements System.Log.OpParam {
# Arbitrary text.
String text;
}
System.Log.LoginSuspended
This is the operation parameters structure for 'loginsusp' operations (suspended user login attempt). It is used when getting Audit Log data.
struct System.Log.LoginSuspended implements System.Log.OpParam {
# A login type, i.e. UI, basicauth, or SSH.
String logintype;
}
System.Log.MaintenanceCLICmd
This is the operation parameters structure for 'maintclicmd' operations (maintenance CLI command). It is used when getting Audit Log data.
struct System.Log.MaintenanceCLICmd implements System.Log.OpParam {
# The command being run.
String cmd;
# The arguments for the command being run.
String args;
}
System.Log.ModifyFile
This is the operation parameters structure for 'filemod' operations (file modified). It is used when getting Audit Log data.
struct System.Log.ModifyFile implements System.Log.OpParam {
# A file on the filesystem being modified.
String file;
}
System.Log.ModifyKey
This is the operation parameters structure for 'keymod' operations (config modified). It is used when getting Audit Log data.
struct System.Log.ModifyKey implements System.Log.OpParam {
# A configuration key.
String key;
# A configuration value.
String value;
# A value that was changed.
String oldval;
# A file on the filesystem being modified.
String file;
}
System.Log.ModifyRule
This is the operation parameters structure for 'rulemod' operations (modified rule). It is used when getting Audit Log data.
struct System.Log.ModifyRule implements System.Log.OpParam {
# A file on the filesystem being modified.
String file;
}
System.Log.ModifyUser
This is the operation parameters structure for 'usermod' operations (user modified). It is used when getting Audit Log data.
struct System.Log.ModifyUser implements System.Log.OpParam {
# A user being modified.
String moduser;
}
System.Log.NoAccessPermission
This is the operation parameters structure for 'noperm' operations (user was refused permission whilst accessing section/item). It is used when getting Audit Log data.
struct System.Log.NoAccessPermission implements System.Log.OpParam {
# A section.
String sec;
}
System.Log.NoChangePermission
This is the operation parameters structure for 'nopostperm' operations (user was refused permission to update data in section). It is used when getting Audit Log data.
struct System.Log.NoChangePermission implements System.Log.OpParam {
# A section.
String sec;
}
System.Log.OpParam
This is the base type structure for operation parameters. It is used when getting Audit Log data.
struct System.Log.OpParam {
}
System.Log.PasswordExpired
This is the operation parameters structure for 'passwordexpired' operations (user's password has expired.). It is used when getting Audit Log data.
struct System.Log.PasswordExpired implements System.Log.OpParam {
# A login type, i.e. UI, basicauth, or SSH.
String logintype;
# Resource being accessed.
String resource;
}
System.Log.RegenerateUUID
This is the operation parameters structure for 'uuidregen' operations (user regenerated UUID.). It is used when getting Audit Log data.
struct System.Log.RegenerateUUID implements System.Log.OpParam {
# A configuration value.
String value;
# A value that was changed.
String oldval;
# Arbitrary text.
String text;
}
System.Log.RemoveKey
This is the operation parameters structure for 'removekey' operations (removed config key). It is used when getting Audit Log data.
struct System.Log.RemoveKey implements System.Log.OpParam {
# A configuration key.
String key;
# A value that was changed.
String oldval;
# A file on the filesystem being modified.
String file;
}
System.Log.RenameFile
This is the operation parameters structure for 'renfile' operations (file renamed). It is used when getting Audit Log data.
struct System.Log.RenameFile implements System.Log.OpParam {
# A file that was copied or renamed.
String oldfile;
# A file on the filesystem being modified.
String file;
}
System.Log.SessionTerminated
This is the operation parameters structure for 'terminated' operations (user session terminated). It is used when getting Audit Log data.
struct System.Log.SessionTerminated implements System.Log.OpParam {
# Arbitrary text.
String text;
}
System.Log.StartVS
This is the operation parameters structure for 'startvs' operations (virtual server started). It is used when getting Audit Log data.
struct System.Log.StartVS implements System.Log.OpParam {
# A virtual server.
String vs;
}
System.Log.StopVS
This is the operation parameters structure for 'stopvs' operations (virtual server stopped). It is used when getting Audit Log data.
struct System.Log.StopVS implements System.Log.OpParam {
# A virtual server.
String vs;
}
System.Log.TrafficManagerActivated
This is the operation parameters structure for 'activated' operations (traffic manager activated). It is used when getting Audit Log data.
struct System.Log.TrafficManagerActivated implements System.Log.OpParam {
# A host value.
String host;
}
Enumerations
System.Log.OperationType
This enumeration defines the possible types of operations that may exist in the audit log.
enum System.Log.OperationType {
# An AccessDenied operation occurs when a user is denied access to the Admin
# Server due to access restrictions which are in place. It appears as an
# 'accessdenied' operation in the Audit Log.
AccessDenied,
# A TrafficManagerActivated operation occurs when a traffic manager is
# restored from a pending state after a failure has occured. This results in
# the traffic manager's Traffic IPs being restored to it. It appears as an
# 'activated' operation in the Audit Log.
TrafficManagerActivated,
# An AddAuthenticator operation type occurs when a new authenticator is
# created. It appears as a 'addauth' operation in the Audit Log.
AddAuthenticator,
# An AddFile operation occurs when a file is added. This operation is caused
# by a user creating a new object such as a Virtual Server, Pool, etc. It
# appears as an 'addfile' operation in the Audit Log.
AddFile,
# An AddGroup operation occurs when a new group of users is created. It
# appears as an 'addgroup' operation in the Audit Log.
AddGroup,
# An AddUser operation occurs when a new user is added. It appears as an
# 'adduser' operation in the Audit Log.
AddUser,
# An Adhoc operation represents a custom event which does not fit any of the
# other Operation Types. For example, it occurs when a user is adding or
# deleting a License Key or modifying the Security settings. It appears as an
# 'adhoc' operation the Audit Log.
Adhoc,
# The admin user's password has been reset from the system console.
AdminPasswordReset,
# A CopyAuthenticator operation type occurs when a new authenticator is
# created by saving an existing authenticator to a new name. It appears as a
# 'copyauth' operation in the Audit Log.
CopyAuthenticator,
# A CopyFile operation occurs when a file is copied. This operation is caused
# by the user saving an object as a new name, for example a Rule or an SSL
# Certificate. It appears as a 'copyfile' operation in the Audit Log.
CopyFile,
# A CopyGroup operation occurs when a user group is saved with a new group
# name. It appears as an 'copygroup' operation in the Audit Log.
CopyGroup,
# A DeleteAuthenticator operation type occurs when an existing authenticator
# is deleted. It appears as a 'delauth' operation in the Audit Log.
DeleteAuthenticator,
# A DeleteFile operation occurs when a file is deleted. This operation is
# caused by a user deleting an existing object such as a Virtual Server,
# Pool, etc. It appears as a 'delfile' operation in the Audit Log.
DeleteFile,
# A DeleteGroup operation occurs when a group of users is deleted. It appears
# as an 'delgroup' operation in the Audit Log.
DeleteGroup,
# A DeleteUser operation occurs when an existing user is deleted. It appears
# as an 'deluser' operation in the Audit Log.
DeleteUser,
# A ModifyFile operation occurs when the contents of a non-config file are
# modified. This differs from a ModifyKey operation in that ModifyFile
# operations are caused by the modification of non-config files which are not
# managed by the traffic manager, for example changing the settings of an SSL
# Certificate. It appears as a 'filemod' operation in the Audit Log.
ModifyFile,
# A ModifyKey operation occurs when the value of a config file is modified.
# This operation is caused by a user changing the settings for an existing
# object such as a Virtual Server, Pool, etc. It appears as a 'keymod'
# operation in the Audit Log.
ModifyKey,
# A Login operation occurs when a user successfully logs on to the admin
# server. It appears as a 'login' operation in the Audit Log.
Login,
# A LoginFail operation occurs when a user tries and fails to log on to the
# admin server. This type of operation does not have any additional
# parameters to log therefore the 'op_params' field does not exist. It
# appears as a 'loginfail' operation in the Audit Log.
LoginFail,
# A LoginLimitHit operation occurs when the limit on login attempts is hit
# for a particular user . It appears as an 'loginlockout' operation in the
# Audit Log.
LoginLimitHit,
# A LoginSuspended operation occurs when suspended user attempts to login. It
# appears as an 'loginsusp' operation in the Audit Log.
LoginSuspended,
# A Logout operation occurs when a user successfully logs out of the admin
# server. This type of operation does not have any additional parameters to
# log therefore the 'op_params' field does not exist. It appears as a
# 'logout' operation in the Audit Log.
Logout,
# A MaintenanceCLICmd operation occurs when a command is run in the appliance
# maintenance CLI. It appears as an 'maintclicmd' operation in the Audit Log.
MaintenanceCLICmd,
# A NoAccessPermission operation occurs when a user is refused permission
# whist accessing a section of the Admin Server. It appears as a 'noperm'
# operation in the Audit Log.
NoAccessPermission,
# A NoChangePermission operation occurs when a user is refused permission to
# update data in a section of the Admin Server. It appears as a 'nopostperm'
# operation in the Audit Log.
NoChangePermission,
# A PasswordExpired operation occurs when a user's password is too old and
# expires. It appears as an 'passwordexpired' operation in the Audit Log.
PasswordExpired,
# A SystemSettingsReapplied operation occurs when operating system
# configuration is reapplied on an appliance. It appears as an
# 'reapplynetwork' operation in the Audit Log.
SystemSettingsReapplied,
# A RemoveKey operation type occurs when a key is removed from a config file,
# usually because a key is being made location specific. It appears as a
# 'removekey' operation in the Audit Log.
RemoveKey,
# A RenameFile operation occurs when a file is renamed. This operation is
# caused by a user renaming an existing object such as a Virtual Server,
# Pool, etc. It appears as a 'renfile' operation in the Audit Log.
RenameFile,
# No recent activity has been seen for this user on the REST API.
RestSessionEnd,
# An authenticated user has accessed the REST API
RestSessionStart,
# A ConfigRefreshed operation occurs when the configuration is forcably
# reloaded. It appears as an 'revalidate' operation in the Audit Log.
ConfigRefreshed,
# A ModifyRule operation occurs when the contents of a rule are modified.
# This operation is caused by a user editing an existing rule. It appears as
# a 'rulemod' operation in the Audit Log.
ModifyRule,
# A StartVS operation type occurs when a user starts an existing virtual
# server. It appears as a 'startvs' operation in the Audit Log.
StartVS,
# A StopVS operation type occurs when a user stops an existing virtual
# server. It appears as a 'stopvs' operation in the Audit Log.
StopVS,
# A SuspensionExpired operation occurs when a users suspension expires,
# restoring them to active status. This usually occurs when after too many
# attempts have been made to login to an account. It appears as an
# 'suspensionexpired' operation in the Audit Log.
SuspensionExpired,
# A Synchronise operation type occurs when configuration is replicated from
# one machine across the cluster, for example in order to resolve a conflict
# arising from one machine being unavailable at the time when a configuration
# change was made. It appears as a 'synchronise' operation in the Audit Log.
Synchronise,
# A SessionTerminated operation occurs when a users session is terminated
# externally. It appears as an 'terminated' operation in the Audit Log.
SessionTerminated,
# A Timeout operation occurs when a user session times out. This type of
# operation does not have any additional parameters to log therefore the
# 'op_params' field does not exist. It appears as a 'timeout' operation in
# the Audit Log.
Timeout,
# A ModifyUser operation occurs when an existing user is modified. It appears
# as an 'usermod' operation in the Audit Log.
ModifyUser,
# UUID has been regenerated by the user.
RegenerateUUID
}