KSC Open API
Kaspersky Security Center API description
IAM Event types

Predefined value of the "source" parameter

General event attributes

  1. ds_info_reset: An event to need to reset previously received information regarding Directory Service entities. Once the reset process has been completed, a ds_info_reset_complete message will be sent to notifucate the operation has been successfully completed.

Required attributes of data object:

  • tenant_id
  • ksc_instance_id

Example: 

                {
                    "source" : "osmp-ds-info-provider"
                    "id" : "21c7518462e853ff078d955e27c2f680101961a9"
                    "specversion" : "1.0"
                    "type" : "ds_info_reset"
                    "time" : "2024-09-13T09:44:22Z"
                    "data" : {
                        "tenant_id" : "3031feff-815a-4920-a781-0201d1b2cb13"
                        "ksc_instance_id" : "95d3de78-a56c-4bf4-83a1-819ff859e9ec"
                    }
                }
  1. ds_info_reset_complete: An event after restoring the KSC server from a backup about the completion of publishing information about users, security groups, and directory services (which begins with the publication of the ds_info_reset event).

Required attributes of data object:

  • tenant_id
  • ksc_instance_id Example: 
                {
                "source" : "osmp-ds-info-provider"
                "id" : "31c7518462e853ff078d955e27c2f680101961a0"
                "specversion" : "1.0"
                "type" : "ds_info_reset_complete"
                "time" : "2024-09-13T09:47:44Z"
                "data" : {
                    "tenant_id" : "3031feff-815a-4920-a781-0201d1b2cb13"
                    "ksc_instance_id" : "95d3de78-a56c-4bf4-83a1-819ff859e9ec"
                }
            }
  1. ds_user_info: Main information about Directory Service user.

Required attributes of data object:

  • tenant_id
  • ksc_instance_id
  • ksc_trustee_id
  • ksc_trustee_sfx
  • ds_info Optional attributes of data object:
  • ksc_vs_uid
  • ksc_vs_id
  • ds_info_original

Example: 

            {
               "source" : "osmp-ds-info-provider"
                "id" : "bc90166c358682cf038b6ee0c8d7117660bd4c5b "
                "specversion" : "1.0"
                "type" : "ds_user_info"
                "time" : "2024-09-13T09:45:28Z"
                "data" : {
                    "tenant_id" : "3031feff-815a-4920-a781-0201d1b2cb13"
                    "ksc_instance_id" : "95d3de78-a56c-4bf4-83a1-819ff859e9ec"
                    "ksc_vs_uid" : "VSRV42a6e07b-891f-4b88-bdbf-7438434346a4"
                    "ksc_vs_id" : "42"
                    "ksc_trustee_id" : "42"
                    "ksc_trustee_sfx" : "65536"
                    "ds_info" : {
                        "ds" : "AD"
                        "uid" : "81e8d217-de5c-4fe9-875a-569522f005b7"
                        "uid_bin" : "gejSF95cT+mHWlaVIvAFtw=="
                        "sid_bin" : "AQUAAAAAAAUVAAAAGw5oPb8WR561pZ7BWAQAAA=="
                        "sid_hash" : "G8KbNvYjuoKq9nJP07FnGA=="
                        "dn" : "cn=John Smith,ou=people,dc=example,dc=com"
                        "dn_hash" : "Lxq33Udh1dH0yGlXdRRaFA=="
                        "display_name" : "John Smith"
                        "upn" : "john.smith@example.com"
                        "sam_name" : "JSMITH"
                        "mail" : "john.smith@example.com"
                    }
                }
            }
  1. ds_group_info: Main information about Directory Service group.

Required attributes of data object:

  • tenant_id
  • ksc_instance_id
  • ksc_trustee_id
  • ksc_trustee_sfx
  • ds_info

Optional attributes of data object:

  • ksc_vs_uid
  • ksc_vs_id
  • ds_info_original
  1. ds_obj_deleted: Users and/or Directory Service security groups removing signal.

Required attributes of data object:

  • tenant_id
  • ksc_instance_id
  • ds_ids_chunk

Optional attributes of data object:

  • ds
  • ksc_vs_uid
  • ksc_vs_id
  1. ds_group_members: Information about the direct membership of users and security groups in the specified Directory Service security group.

Required attributes of data object:

  • tenant_id
  • ksc_instance_id
  • ds_ids
  • ds_ids_chunk

Optional attributes of data object:

  • ksc_vs_uid
  • ksc_vs_id

Example: 

            {
                "source" : "osmp-ds-info-provider"
                "id" : "bc90166c358682cf038b6ee0c8d7117660bd4c5b"
                "specversion" : "1.0"
                "type" : "ds_group_members"
                "time" : "2024-09-13T09:48:33Z"
                "data" : {
                    "tenant_id" : "3031feff-815a-4920-a781-0201d1b2cb13"
                    "ksc_instance_id" : "95d3de78-a56c-4bf4-83a1-819ff859e9ec"
                    "ksc_vs_uid" : "VSRV42a6e07b-891f-4b88-bdbf-7438434346a4"
                    "ksc_vs_id" : "42"
                    "ds_ids" : {
                        "ds" : "AD"
                        "uid" : "2e37a8a6-ca4d-4810-bed5-287d6f4b1efc"
                        "uid_bin" : "LjeopspNSBC+1Sh9b0se/A=="
                        "sid_hash" : "rjnJpMrxs1pB8GxyqEQeTg=="
                        "ksc_trustee_id" : "14"
                        "ksc_trustee_sfx" : "33554432"
                    }
                    "ds_ids_chunk" : [
                        {
                            "ksc_trustee_id" : "42"
                            "ksc_trustee_sfx" : 65536
                        },
                        {
                            "uid" : "5fec2a06-b668-41af-9322-dc0cf962dd7e"
                        },
                        {
                            "uid" : "7f628ba4-71b1-4867-9ffc-adde9a8e7c67"
                        },
                        {
                            "sid_hash": "G8KbNvYjuoKq9nJP07FnGA=="
                        }
                    ]
                }
            }
  1. ds_group_members_deleted: Signal that direct membership of users and security groups in the specified Directory Service security group has been removed.

Required attributes of data object:

  • tenant_id
  • ksc_instance_id
  • ds_ids
  • ds_ids_chunk

Optional attributes of data object:

  • ds
  • ksc_vs_uid
  • ksc_vs_id
  1. ds_obj_memberof: Information about the direct membership of the specified object (user or security group) in the Directory Service security groups.

Required attributes of data object:

  • tenant_id
  • ksc_instance_id
  • ds_ids
  • ds_ids_chunk

Optional attributes of data object:

  • ksc_vs_uid
  • ksc_vs_id
  1. ds_obj_memberof_deleted: Signals that the specified object's (user or security group's) direct membership in Directory Service security groups has been removed.

Required attributes of data object:

  • tenant_id
  • ksc_instance_id
  • ds_ids
  • ds_ids_chunk

Optional attributes of data object:

  • ds
  • ksc_vs_uid
  • ksc_vs_id