Lastline Session API

The Lastline Session API is accessible at:

https://user.lastline.com/papi/session/<function>

Methods

Method Index

Method Documentation

session.get_log_sources(response_format)

Return the current list of log sources

URL

/papi/session/get_log_sources[. response_format]

response_format can be xml or json (defaults to json)

HTTP METHOD

GET

GET Parameters

  • appliance_uuid:

    Unique identifier of an appliance

Contents of successful response

Dictionary of dictionaries.

First level

The first leve is a dictionary that classify log sources by type. Each entry regroup all log sources of the same type (for example WMI) and is a dictionary indexed by the name of the source:

{'wmi_sources': <dic of all WMI sources, ...}

Second level

The second level is a dictionary of all the log sources of a same type. The key is always the name of the source and the value is a dictionary that regroups all the properties of the source:

{'wmi_sources': {'my_wmi_src': <dic of properties of my_wmi_src>}}

Third level

The third level is a dictionary that group all properties of one log source. The content depends of course on the type of log source.

For a WMI source (note that the password is not returned):

  • username:

    username to use to connect to the WMI source

  • hostname:

    IP or hostname of the WMI source

  • source_type:

    type of WMI source (for example “Windows DC”)

  • polling:

    interval between sending requests to the WMI source to retrieve the logs (in seconds)

Error Codes

session.edit_wmi_source(response_format)

Set the parameters of a wmi source already configued in an appliance

URL

/papi/session/edit_wmi_source[. response_format]

response_format can be xml or json (defaults to json)

HTTP METHOD

POST

POST Parameters

  • appliance_uuid:

    Unique identifier of an appliance

  • source_name:

    Name of the WMI source to add

  • hostname:

    Hostname or IP of the WMI source to add

  • log_username:

    Username to use to connect to the WMI source

  • log_password:

    Password to use to connect to the WMI source (not required)

  • wmi_source_type:

    Type of WMI source (currently only ‘Windows DC’)

  • polling:

    Interval in seconds between polling the WMI source

Contents of successful response

“OK”

Error Codes

session.add_wmi_source(response_format)

Add a new wmi source to an appliance

URL

/papi/session/add_wmi_source[. response_format]

response_format can be xml or json (defaults to json)

HTTP METHOD

GET

POST Parameters

  • appliance_uuid:

    Unique identifier of an appliance

  • source_name:

    Name of the WMI source to add

  • hostname:

    Hostname or IP of the WMI source to add

  • log_username:

    Username to use to connect to the WMI source

  • log_password:

    Password to use to connect to the WMI source

  • wmi_source_type:

    Type of WMI source (currently only ‘Windows DC’)

  • polling:

    Interval in seconds between polling the WMI source

Contents of successful response

“OK”

Error Codes

session.delete_wmi_source(response_format)

Delete an existing WMI source from an appliance

URL

/papi/session/delete_wmi_source[. response_format]

response_format can be xml or json (defaults to json)

HTTP METHOD

POST

GET Parameters

  • appliance_uuid:

    Unique identifier of an appliance

  • source_name:

    Name of the source to delete

Contents of successful response

“OK”

Error Codes

session.set_wmi_sources(response_format)

Configure the whole list of WMI sources at once

URL

/papi/session/set_wmi_sources[. response_format]

response_format can be xml or json (defaults to json)

HTTP METHOD

POST

POST Parameters

  • appliance_uuid:

    The unique identifier of the appliance to configure

  • wmi_sources:

    a JSON representation of the list of wmi_sources Each wmi_sources is represented by a dictionary with the following keys:

    • source_name:

      Name of the WMI source to add

    • hostname:

      Hostname or IP of the WMI source to add

    • log_username:

      Username to use to connect to the WMI source

    • log_password:

      Password to use to connect to the WMI source

    • wmi_source_type:

      Type of WMI source (currently only ‘Windows DC’)

    • polling:

      Interval in seconds between polling the WMI source

Contents of successful response

“OK”

Error Codes

session.get_users_logged_on(response_format)

Get the list of usernames that were logged in a computer (identified by its IP address)

URL

/papi/session/get_users_logged_on[. response_format]

response_format can be xml or json (defaults to json)

HTTP METHOD

GET

GET Parameters

  • timezone: local timezone
  • ip_address: ip_address of the computer where users were logged on
  • lookup_start: start date of the search
  • lookup_start: end date of the search

Contents of successful response

List of dictionary; each dictionary represents a user that was logged on and contains the following fields:

  • username: username that was logged on

  • user_uuid: UUID of the user that was logged on

  • session_log_type: ActiveDirectory

  • first_seen: first loggon event of this username on the requested

    system in the requested interval

  • last_seen: last loggon event of this username on the requested

    system in the requested interval

Error Codes

session.LLAPI_APPLIANCE_MGMT_ERROR__NO_SUCH_APPLIANCE

Error code 9001: Returned when an operation is requested on an appliance that does not exist

session.LLAPI_APPLIANCE_MGMT_ERROR__BAD_SETTING

Error code 9006: Returned when the appliance configuration is invalid

session.LLAPI_ERROR__NO_SUCH_ENTITY

Error code 3007: Returned when an operation is requested on an object that does not exist

session.LLAPI_ERROR_UNSUPPORTED_FEATURE

Error code 4: Returned when an operation is requested on an appliance that does not support the feature