API Guide - Event

Get Events

Fetches a list of events from your Banyan organization system log.

Review the Event Spec Syntax for more information on the Event data structures.

HTTP Request

GET /events

URL Parameters

N/A

Query Parameters

Parameter Format Description
order String Sets the order for returned events based on created_at timestamp. Supported values ASC, DESC. Default is DESC
before Int Filters events that occurred before a specific [ epoch timestamp ] ( https://www.epochconverter.com/ ) (in milliseconds)
after Int Filters events that occurred after a specific [ epoch timestamp ] ( https://www.epochconverter.com/ ) (in milliseconds)
type String Filters events based on event types. Multiple types could be passed separated by a pipe
sub_type String Filters events of one subtype (conditionally depends on type , such as Access (type) and Connection (sub_type)
user_email String Filters events associated with users. Multiple email addresses could be passed separated by a pipe
device_id String Filters events associated with a single device, based on its device ID
serialnumber String Filters events associated with devices. Multiple serialnumber could be passed separated by a pipe
workload_container_id String Filters events associated with services. Multiple service_name could be passed separated by a pipe
service_name String Filters events associated with services. Multiple service_name could be passed separated by a pipe
skip Int Used in Pagination. Specifies the number of records to skip. Default is 0
limit Int Used in Pagination. Specifies the maximum number of records to return. Default is 10
action String Filters events by one of the possible event action values
id String Filters events based on its event ID
external_id String Filters events based on its external_id
severity String Filters events based on its severity value. The order of severity is DEBUG -> INFO -> WARN -> ERROR. So a severity of INFO will return all events of severity INFO and above

Request Headers

Authorization: Bearer $AUTHTOKEN

Request Body

N/A

Status Codes and Errors

Value Description  
  200 OK
  401 Unauthorized
  403 Forbidden
  500 InternalServerError

Response Headers

N/A

HTTP Response Body

Example Event Response

{
  "data": [{
    "id": "8f4a3c39-7fdd-469a-9a23-7857194387c9",
    "org_id": "88adaa4d-00b4-49a3-a8db-546dd41b6689",
    "org_name": "exampleorg",
    "severity": "INFO",
    "action": "Register",
    "type": "Registration",
    "sub_type": "Device",
    "message": "Device registered successfully",
    "result": "INFO",
    "created_at": 1589469516170,
    "user_principal":
    {
        "device":
        {
            "id": "a1c5dc86-5077-4476-9665-0d01e00e6fb7",
            "friendly_name": "computer-name",
            "mac_address": "",
            "serial_number": "ABCDEFGHIJKL",
            "registration_status": "FALSE",
            "compromised_status": "FALSE",
            "compliance_status": "",
            "oem_info": "",
            "model": "MacBook Pro",
            "platform": "Darwin",
            "ownership": "Corporate Dedicated",
            "architecture": "amd64",
            "udid": "",
            "source": "BNN",
            "last_mdm_data_synced_at": 1589469323245456400
        },
        "user":
        {
            "email": "user@email.com",
            "groups":
            [
                "Engineering",
                "Everyone"
            ],
            "roles":
            [
                "Engineering"
            ]
        }
    }
  }]
}

Get Events Count

Fetches a count of events from your Banyan organization system log.

HTTP Request

GET /events/count

URL Parameters

N/A

Query Parameters

Parameter Format Description
before Int Filters events that occurred before a specific [ epoch timestamp ] ( https://www.epochconverter.com/ ) (in milliseconds)
after Int Filters events that occurred after a specific [ epoch timestamp ] ( https://www.epochconverter.com/ ) (in milliseconds)
type String Filters events based on event types. Multiple types could be passed separated by a pipe
sub_type String Filters events of one subtype (conditionally depends on type , such as Access (type) and Connection (sub_type)
user_email String Filters events associated with users. Multiple email addresses could be passed separated by a pipe
device_id String Filters events associated with a single device, based on its device ID
serialnumber String Filters events associated with devices. Multiple serialnumber could be passed separated by a pipe
workload_container_id String Filters events associated with services. Multiple service_name could be passed separated by a pipe
service_name String Filters events associated with services. Multiple service_name could be passed separated by a pipe
action String Filters events by one of the possible event action values
id String Filters events based on its event ID
external_id String Filters events based on its external_id
severity String Filters events based on its severity value. The order of severity is DEBUG -> INFO -> WARN -> ERROR. So a severity of INFO will return all events of severity INFO and above

Request Headers

Authorization: Bearer $AUTHTOKEN

Request Body

N/A

Status Codes and Errors

Value Description  
  200 OK
  401 Unauthorized
  403 Forbidden
  500 InternalServerError

Response Headers

N/A

HTTP Response Body

Example Event Response

{
    "data": 571
}


Get Events Feed

HTTP Request

GET /events/feed

URL Parameters

N/A

Query Parameters

Parameter Format Description
order String set order for returned dataset based on timestamp
before Int Filter - epoch timestamp in ms setting the inclusive upper time range limit
after Int Filter - epoch timestamp in ms setting the inclusive lower time range limit
skip Int Pagination - the number of records to skip
limit Int Pagination - the maximum number of records to return

Request Headers

Authorization: Bearer $AUTHTOKEN

Request Body

N/A

Status Codes and Errors

Value Description
200 OK

Response Headers

N/A

HTTP Response Body

{
  "data": [{
    "action": "Register",
    "created_at": 1589469516170,
    "group_id": "05746a72-6a19-49fd-9660-96f01cee25cf",
    "id": "8f4a3c39-7fdd-469a-9a23-7857194387c9",
    "messages": "Device registered successfully",
    "org_id": "88adaa4d-00b4-49a3-a8db-546dd41b6689",
    "org_name": "eventsv2",
    "result": "INFO",
    "severity": "INFO",
    "sub_type": "Device",
    "type": "Registration",
    "user_principal":
    {
        "device":
        {
            "architecture": "amd64",
            "compliance_status": "",
            "compromised_status": "FALSE",
            "friendly_name": "computer-name",
            "id": "a1c5dc86-5077-4476-9665-0d01e00e6fb7",
            "last_mdm_data_synced_at": 1589469323245456400,
            "mac_address": "",
            "model": "MacBook Pro",
            "oem_info": "",
            "ownership": "Corporate Dedicated",
            "platform": "Darwin",
            "registration_status": "FALSE",
            "serial_number": "ABCDEFGHIJKL",
            "source": "BNN",
            "udid": ""
        },
        "user":
        {
            "email": "user@email.com",
            "groups":
            [
                "Engineering",
                "Everyone"
            ],
            "roles":
            [
                "Engineering"
            ]
        }
    }
  }]
}

Last modified: Jul 08, 2021