Uploading tenant protection reports

Support

Support for business applications

Kaspersky Security for Virtualization 6.x Agentless

Configuring protection of tenant organizations

Working with the tenant virtual machine protection report

Uploading tenant protection reports

December 13, 2023

ID 204765

Tenant protection reports are downloaded using the Integration Server REST API. Interaction with the Integration Server REST API is based on requests and responses and is carried out using the HTTP protocol.

If the computer on which the Integration Server is installed belongs to an Active Directory domain, authentication is performed using the NTLM or Kerberos protocols. Make sure that your domain account is a member of the KLAdmins group or the local administrators group on the computer where the Integration Server is installed.

If the computer where the Integration Server is installed is not included in the Active Directory domain, specify the settings of the Integration Server administrator account in the Authorization request header, in the form of the following string: {account name}:{password} encoded by the Base64 method. Authentication of the Basic type is used.

To download a tenant protection report, execute the following query:

GET https://{IP-address}:{port}/api/1.0/reports/protectionPeriods?[infraId={ID}&tenantId={ID}&periodStart={date and time}&periodEnd={date and time}]

where:

{IP-address} – Integration Server IP-address.
{port} – port for connecting to the Integration Server (by default 7271).
infraId={ID} – identifier assigned to the virtual infrastructure to which the virtual machine belongs (optional). If this parameter is specified, the report contains only information about the virtual machines that belong to the specified virtual infrastructure.
You can get a list of the infrastructure IDs using the following query:

GET https://{IP address}:{portal}/api/1.0/im/vsphere

The query returns the infrastructure identifiers in the <infrastructure id="{ID}"> parameter.
tenantId={ID|none} – identifier assigned to the virtual Administration Server in Kaspersky Security Center, or the none value (optional). If the parameter is specified, and the virtual Administration Server identifier is specified, the report contains information only about protection periods of the virtual machines from the Cloud Director organization, which is mapped to the specified virtual server. If the parameter is specified, and the none value is specified, the report contains information only about protection periods of the virtual machines from the Cloud Director organizations, which are not mapped to any virtual Administration Server.
You can get a list of all virtual Administration Servers using the following query:

GET https://{IP address}:{port}/api/1.0/mt/tenants

The query returns the infrastructure identifiers in the <vKSC id="{ID}"> parameter.
periodStart={date and time} – date and time of the reporting period start in the YYYY-MM-DDThh:mm:ssZ format. If the parameter is not specified, the date of the earliest record in the Integration Server database is used.
periodEnd={date and time} – date and time of the reporting period end in the YYYY-MM-DDThh:mm:ssZ format. If the parameter not specified, the current date is used.

To execute API queries, you can use any applications or plug-ins for HTTP queries, such as the cURL command line utility. cURL utility usage example:

curl -i -S -s -o - --noproxy '*' --insecure -u admin:1 -X GET "https://192.168.77.7:7271/api/1.0/reports/protectionPeriods?infraId={ID}&tenantId={ID}"

As a result of the query execution, the report data is displayed as a table. Each line contains information about one virtual machine protection period in the following format:

{virtual Administration Server ID};{virtual Administration Server name};{virtual machine ID};{virtual machine name};{infrastructure ID};{infrastructure name};{date and time when protection was enabled};{date and time when protection was disabled}

where:

{virtual Administration Server ID} – identifier of the virtual Administration Server assigned to the tenant. If the virtual machine is included in the Cloud Director organization, which is not mapped to any virtual Administration Server, nothing is specified.
{virtual Administration Server name} – name of the virtual Administration Server assigned to the tenant. If the virtual machine is included in the Cloud Director organization, which is not mapped to any virtual Administration Server, nothing is specified.
{virtual machine ID} – identifier of the virtual machine that was protected by the application.
{virtual machine name} – name of the virtual machine that was protected by the application.
{infrastructure ID} – identifier of the virtual infrastructure to which the virtual machine belongs.
{infrastructure name} – name of the virtual infrastructure to which the virtual machine belongs.
{date and time when protection was enabled} – date and time of the virtual machine protection period start.
{date and time when protection was disabled} – date and time of the virtual machine protection period end.

If during the reporting period the virtual machine was protected by the application several times (protection was enabled and disabled), the report displays each virtual machine protection period.

Kaspersky Professional Services

Implementation services. Health check and security system configuration. Contact us if you need expert help.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.