Security rule audit: Get audit rules matrix
This API is extremely reliable and will not be broken unless absolutely necessary.
Method
POST
Path
/qrs/systemrule/security/audit/matrix
Description
Perform an audit of the access control system. Use the body to pass audit properties to the Qlik Sense Repository Service (QRS). The audit results are returned in a matrix.
Body
AuditMatrixParameters:
{ "resourceType" : "App", "resourceRef" : { "resourceFilter" : "((((name eq 'username'))))", // "selection" : "b82b5844-085c-499c-8ee0-3cf2795edd62" -- If there is a selection set, this parameter can be used. }, "subjectRef" : { "resourceFilter" : "((((name eq 'username'))))", // "selection" : "b82b5844-085c-499c-8ee0-3cf2795edd62" -- If there is a selection set, this parameter can be used. }, "actions" : 46, // The actions to audit. "environmentAttributes" : "", "resourceProperties" : ["name"], // The properties of the output objects. "subjectProperties" : ["name", "userid", "userdirectory"], // The properties of the output subjects: Users for security and license rules, nodes for sync rules. "auditLimit" : 1000, "outputObjectsPrivileges" : 4 ", // Bit mask: If 0, there will be no content in the OUTPUT.subjects and OUTPUT.resources arrays. If set, the specified privileges are appended. //"previewRule" : { // If the audit is to be done with a specific non-persisted rule, use this parameter to preview the result. //"condition" : "resource.Name == \"name1\"" //} }
The environmentAttributes type is one (or several, separated by “;”) of the following:
- OS
- Device
- Browser
- RequestType
- IP
Return value
AuditMatrixResult:
{ "matrix" : [{ "subjectId" : "9246cc6c-5cda-4f20-93b5-610df34ceef9", "resourceId" : "5727c8ef-b705-45a9-b393-012f02e92955", "audit" : { "access" : 46, // Bitmask for actions with privileges. "disabled" : 16, // Bitmask for actions that have disabled rules. "broken" : 1 // Bitmask for actions that have broken rules. } }, { "subjectId" : "9246cc6c-5cda-4f20-93b5-610df34ceef9", "resourceId" : "09d62372-ed24-43f4-9b2d-264ec5ad3d78", "audit" : { "access" : 46, // Bitmask for actions with privileges. "disabled" : 16, // Bitmask for actions that have disabled rules. "broken" : 1 // Bitmask for actions that have broken rules. } } ], "resources" : { "5727c8ef-b705-45a9-b393-012f02e92955" : { "resourceProperties" : { "name" : "License Monitor" }, "privileges" : ["read", "update"] }, "09d62372-ed24-43f4-9b2d-264ec5ad3d78" : { "resourceProperties" : { "name" : "Operations Monitor" }, "privileges" : ["read", "update"] } }, "subjects" : { "9246cc6c-5cda-4f20-93b5-610df34ceef9" : { "subjectProperties" : { "name" : "username", "userid" : "username", "userdirectory" : "USERDIR" }, "privileges" : ["read", "update"] } } }
Optional parameters
-