Root/Get-WS1AuditDate.ps1
<#
.SYNOPSIS Query the audit data for matching records. .PARAMETER Tenant Mandatory: WS1 Access Tenant URL .PARAMETER Token Mandatory: oAuth2 AccessToken .PARAMETER actorUserName filter events generated by this user .PARAMETER objectType filter specific types of audit events or affected objects .PARAMETER objectAction filter specific actions .PARAMETER linkedObjectType filter specific types of linked to object types, only applicable for LINK and UNLINK actions .PARAMETER objectName filter events that affect a specific object instance .PARAMETER fromMillis filter events no older than this time, milliseconds since epoch, defaults to 3 days ago (now-96 hours) .PARAMETER toMillis filter events no newer than this time, milliseconds since epoch. Defaults to now .PARAMETER startIndex Use offset to page through the results .PARAMETER pageSize Max page size of the results, max allowed value is 5000 #> function Get-WS1AuditData{ [cmdletbinding()] param( [Parameter(Mandatory=$true)][string]$Tenant, [Parameter(Mandatory=$true)][string]$Token, [Parameter(Mandatory=$false)][string]$actorUserName, [Parameter(Mandatory=$false)][string]$objectType, [Parameter(Mandatory=$false)][string]$objectAction, [Parameter(Mandatory=$false)][string]$linkedObjectType, [Parameter(Mandatory=$false)][string]$ToobjectNameken, [Parameter(Mandatory=$false)][string]$fromMillis, [Parameter(Mandatory=$false)][string]$toMillis, [Parameter(Mandatory=$false)][string]$startIndex, [Parameter(Mandatory=$false)][string]$pageSize ) Begin{ } Process{ $URI = "https://$($Tenant)/SAAS/jersey/manager/api/reporting/reports/audit" $Header = @{ Host = $Tenant Authorization = "HZN $($Token)" Accept = '*/*' } $Body = @{ objectAction = "CREATE" } $IRMParams = @{ Method = 'Get' Headers = $Header URI = $URI Body = $Body } $report = Invoke-RestMethod @IRMParams If($report){ Return $report } Return $false } } |