Tenant protection reports are downloaded using the Integration Server REST API. Interaction with the Integration Server REST API is based on requests and responses and is carried out using the HTTP protocol.
If the computer on which the Integration Server is installed belongs to an Active Directory domain, authentication is performed using the NTLM or Kerberos protocols. Make sure that your domain account is a member of the KLAdmins group or the local administrators group on the computer where the Integration Server is installed.
If the computer where the Integration Server is installed is not included in the Active Directory domain, specify the settings of the Integration Server administrator account in the Authorization request header, in the form of the following string: {account name}:{password} encoded by the Base64 method. Authentication of the Basic type is used.
To download a tenant protection report, execute the following query:
GET https://{IP-address}:{port}/api/1.0/reports/protectionPeriods?[infraId={ID}&tenantId={ID}&periodStart={date and time}&periodEnd={date and time}]
where:
{IP-address} – Integration Server IP-address.{port} – port for connecting to the Integration Server (by default 7271).infraId={ID} – identifier assigned to the virtual infrastructure to which the virtual machine belongs (optional). If this parameter is specified, the report contains only information about the virtual machines that belong to the specified virtual infrastructure.You can get a list of the infrastructure IDs using the following query:
GET https://{IP address}:{portal}/api/1.0/im/vsphere
The query returns the infrastructure identifiers in the <infrastructure id="{ID}"> parameter.
tenantId={ID|none} – identifier assigned to the virtual Administration Server in Kaspersky Security Center, or the none value (optional). If the parameter is specified, and the virtual Administration Server identifier is specified, the report contains information only about protection periods of the virtual machines from the Cloud Director organization, which is mapped to the specified virtual server. If the parameter is specified, and the none value is specified, the report contains information only about protection periods of the virtual machines from the Cloud Director organizations, which are not mapped to any virtual Administration Server.You can get a list of all virtual Administration Servers using the following query:
GET https://{IP address}:{port}/api/1.0/mt/tenants
The query returns the infrastructure identifiers in the <vKSC id="{ID}"> parameter.
periodStart={date and time} – date and time of the reporting period start in the YYYY-MM-DDThh:mm:ssZ format. If the parameter is not specified, the date of the earliest record in the Integration Server database is used.periodEnd={date and time} – date and time of the reporting period end in the YYYY-MM-DDThh:mm:ssZ format. If the parameter not specified, the current date is used.To execute API queries, you can use any applications or plug-ins for HTTP queries, such as the cURL command line utility. cURL utility usage example:
curl -i -S -s -o - --noproxy '*' --insecure -u admin:1 -X GET "https://192.168.77.7:7271/api/1.0/reports/protectionPeriods?infraId={ID}&tenantId={ID}"
As a result of the query execution, the report data is displayed as a table. Each line contains information about one virtual machine protection period in the following format:
{virtual Administration Server ID};{virtual Administration Server name};{virtual machine ID};{virtual machine name};{infrastructure ID};{infrastructure name};{date and time when protection was enabled};{date and time when protection was disabled}
where:
{virtual Administration Server ID} – identifier of the virtual Administration Server assigned to the tenant. If the virtual machine is included in the Cloud Director organization, which is not mapped to any virtual Administration Server, nothing is specified.{virtual Administration Server name} – name of the virtual Administration Server assigned to the tenant. If the virtual machine is included in the Cloud Director organization, which is not mapped to any virtual Administration Server, nothing is specified.{virtual machine ID} – identifier of the virtual machine that was protected by the application.{virtual machine name} – name of the virtual machine that was protected by the application.{infrastructure ID} – identifier of the virtual infrastructure to which the virtual machine belongs.{infrastructure name} – name of the virtual infrastructure to which the virtual machine belongs.{date and time when protection was enabled} – date and time of the virtual machine protection period start.{date and time when protection was disabled} – date and time of the virtual machine protection period end.If during the reporting period the virtual machine was protected by the application several times (protection was enabled and disabled), the report displays each virtual machine protection period.
Page top