Skip to main content Skip to complementary content
Qlik Resources

Security rule audit: Get audit rules matrix

Information noteLOCKED.

This API is extremely reliable and will not be broken unless absolutely necessary.

Method

POST

Path

/qrs/systemrule/security/audit/matrix

Description

Perform an audit of the access control system. Use the body to pass audit properties to the Qlik Sense Repository Service (QRS). The audit results are returned in a matrix.

Body

AuditMatrixParameters:

{
	"resourceType" : "App",
	"resourceRef" : {
		"resourceFilter" : "((((name eq 'username'))))",
		// "selection" : "b82b5844-085c-499c-8ee0-3cf2795edd62"  -- If there is a selection set, this parameter can be used.
	},
	"subjectRef" : {
		"resourceFilter" : "((((name eq 'username'))))",
		// "selection" : "b82b5844-085c-499c-8ee0-3cf2795edd62"  -- If there is a selection set, this parameter can be used.
	},
	"actions" : 46, // The actions to audit.
	"environmentAttributes" : "",
	"resourceProperties" : ["name"], // The properties of the output objects.
	"subjectProperties" : ["name", "userid", "userdirectory"], // The properties of the output subjects: Users for security and license rules, nodes for sync rules.
	"auditLimit" : 1000,
	"outputObjectsPrivileges" : 4 ", // Bit mask: If 0, there will be no content in the OUTPUT.subjects and OUTPUT.resources arrays. If set, the specified privileges are appended.
	//"previewRule" : {  // If the audit is to be done with a specific non-persisted rule, use this parameter to preview the result.
	//"condition" : "resource.Name == \"name1\""
	//}
}

The environmentAttributes type is one (or several, separated by “;”) of the following:

  • OS
  • Device
  • Browser
  • RequestType
  • IP

Return value

AuditMatrixResult:

{
	"matrix" : [{
		"subjectId" : "9246cc6c-5cda-4f20-93b5-610df34ceef9",
		"resourceId" : "5727c8ef-b705-45a9-b393-012f02e92955",
		"audit" : {
			"access" : 46, // Bitmask for actions with privileges.
			"disabled" : 16, // Bitmask for actions that have disabled rules.
			"broken" : 1 // Bitmask for actions that have broken rules.
		}
	}, {
			"subjectId" : "9246cc6c-5cda-4f20-93b5-610df34ceef9",
			"resourceId" : "09d62372-ed24-43f4-9b2d-264ec5ad3d78",
			"audit" : {
				"access" : 46, // Bitmask for actions with privileges.
				"disabled" : 16, // Bitmask for actions that have disabled rules.
				"broken" : 1 // Bitmask for actions that have broken rules.
			}
		}
	],
	"resources" : {
		"5727c8ef-b705-45a9-b393-012f02e92955" : {
			"resourceProperties" : {
				"name" : "License Monitor"
			},
			"privileges" : ["read", "update"]
		},
		"09d62372-ed24-43f4-9b2d-264ec5ad3d78" : {
			"resourceProperties" : {
				"name" : "Operations Monitor"
			},
			"privileges" : ["read", "update"]
		}
	},
	"subjects" : {
		"9246cc6c-5cda-4f20-93b5-610df34ceef9" : {
			"subjectProperties" : {
				"name" : "username",
				"userid" : "username",
				"userdirectory" : "USERDIR"
			},
			"privileges" : ["read", "update"]
		}
	}
}

Optional parameters

-

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!

Leave your feedback here