Policy >
Security
>
East West Security
>
Distributed Firewall
>
Settings
>
Firewall Identity Store
Get IDFW user login events for a given VM
It will get IDFW user login events for a given VM
(all active plus up to 5 most recent archived entries).
This API is available when using VMware Cloud (AWS, Dell-EMC, Outpost, Hyperscalers) or VMware NSX-T.
Request:
Method:
GET
URI Path(s):
/policy/api/v1/infra/settings/firewall/idfw/vm-stats/<vm-id>
Request Headers:
n/a
Query Parameters:
PolicyIdfwEnforcementPointRequestParameters
+
PolicyIdfwEnforcementPointRequestParameters
(
schema
)
Name
Description
Type
Notes
enforcement_point_path
String Path of the enforcement point
enforcement point path, forward slashes must be escaped using %2F.
string
Request Body:
n/a
Example Request:
GET https://<policy-ip>/policy/api/v1/infra/settings/firewall/idfw/vm-stats/<vm-id>
Successful Response:
Response Code:
200 OK
Response Headers:
Content-type: application/json
Response Body:
IdfwVmStats
+
IdfwVmStats
(
schema
)
Name
Description
Type
Notes
active_sessions
List of active (still logged in) user login/sessions data (no limit)
array of
IdfwUserSessionData
Required
archived_sessions
Optional list of archived (previously logged in) user login/session data (maximum 5)
Optional list of up to 5 most recent archived (previously logged in) user login/session data.
array of
IdfwUserSessionData
vm_ext_id
Virtual machine external ID or BIOS UUID
Virtual machine (external ID or BIOS UUID) where login/logout event occurred.
string
Required
Example Response:
{ "vm_ext_id": "501ae853-9b09-69e3-394a-1af06f7dbfec", "active_sessions": [ { "id": "9540cd6d-8d46-4c20-b2cc-491efc005865", "domain_name": "IDFW0", "user_name": "administrator", "user_id": "10446e86-99c1-43a7-8345-fda90c56291c", "vm_ext_id": "501ae853-9b09-69e3-394a-1af06f7dbfec", "user_session_id": 2, "login_time": 1589165250502, "logout_time": 0 } ], "archived_sessions": [ { "id": "198de711-e83e-4ff9-be85-6e024f9dc1a7", "domain_name": "DESKTOP-2GEFUOB", "user_name": "Administrator", "user_id": "", "vm_ext_id": "501ae853-9b09-69e3-394a-1af06f7dbfec", "user_session_id": 1, "login_time": 1588744262515, "logout_time": 1588750666046 }, { "id": "96efd394-b4a3-4d18-9f1a-307dfe34bc62", "domain_name": "KCWIN101", "user_name": "Administrator", "user_id": "", "vm_ext_id": "501ae853-9b09-69e3-394a-1af06f7dbfec", "user_session_id": 1, "login_time": 1588750750783, "logout_time": 1588754687486 }, { "id": "9e8ae910-8846-4b63-ac4a-6572ac43a6c1", "domain_name": "IDFW0", "user_name": "administrator", "user_id": "10446e86-99c1-43a7-8345-fda90c56291c", "vm_ext_id": "501ae853-9b09-69e3-394a-1af06f7dbfec", "user_session_id": 2, "login_time": 1588759570683, "logout_time": 1588788406470 }, { "id": "288f8533-7b40-47e7-9435-4d0ea80dee32", "domain_name": "KCWIN101", "user_name": "Administrator", "user_id": "", "vm_ext_id": "501ae853-9b09-69e3-394a-1af06f7dbfec", "user_session_id": 1, "login_time": 1588935137151, "logout_time": 1588964081327 } ] }
Required Permissions:
read
Feature:
policy_identity
Additional Errors:
404 Not Found
301 Moved Permanently
307 Temporary Redirect
400 Bad Request
403 Forbidden
409 Conflict
412 Precondition Failed
500 Internal Server Error
503 Service Unavailable