000037019 - How to download RSA SecurID Access Cloud Administration Audit Logs using Cloud Administration REST API CLU

Document created by RSA Customer Support Employee on Dec 19, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037019
Applies ToRSA Product Set:  SecurID Access
IssueFor troubleshooting purposes it can be useful to see a history of administrative actions performed on your Cloud Administration Console.
This information is not currently captured in the Administration Console itself.
 
ResolutionAdministrative activity can be obtained by using the Cloud Administration REST APIs.  Here are the basic steps to download the last 24 hours of Admin Console actions using the API package's CLU:
  1. Download the RSA SecurID Access Administration REST API to any Windows or Linux machine that has connectivity to your RSA SecurID Access Cloud environment and unzip it.
  2. From the Cloud Administration Console Add an API key and download it to the machine where you unzipped the Administration REST API.
  3. From the top level directory of the unzipped API package run the CLU shown below (note that the example syntax is on Windows):



.\bin\rsa-securidaccess-rest-client-sdk.bat -f <path to API key file> -o exportAllAdminLog -u https://access.securid.com/AdminInterface/restapi/v1


Where access.securid.com is for Americas customers.  Substitute the appropriate access-eu.securid.com or access-anz.securid.com for EMEA and APJ tenants, respectively.

The file exportAllAdminLog.csv will be written to the current working directory.



 


 

NotesA specific time period of interest can be specified with the additional command line switches -s (start time period) and/or -e (end time period). 
Simply run the rsa-securidaccess-rest-client.sdk CLU with no switches to see all of the available command options.

Attachments

    Outcomes