List events | emnify Documentation

Returns the list of events, filtered, sorted and paged according to query parameters.

Authentication

AuthorizationBearer

An auth_token should be provided to authenticate a session.

To obtain an auth_token, see the /api/v1/authenticate POST request.

Query parameters

pageintegerOptional

Current page number

per_pageintegerOptional

Defines the number of items per page

sortstringOptional

Sort properties according to a comma separated list of accepted fields. Valid fields are:

id - (event id)
timestamp - (event timestamp)
source - (event source)
severity - (event severity)
alert - (alert status)
organisation - (organisation name)
user - (user id)
endpoint - (endpoint name)
tags - (endpoint tags)
ip_address - (endpoint ip_address)
iccid - (sim iccid)
imsi - (sim imsi)
type - (event type)

Sort properties according to a comma separated list of accepted fields. Valid fields are: * `id` - (**event id**) * `timestamp` - (**event timestamp**) * `source` - (**event source**) * `severity` - (**event severity**) * `alert` - (**alert status**) * `organisation` - (**organisation name**) * `user` - (**user id**) * `endpoint` - (**endpoint name**) * `tags` - (**endpoint tags**) * `ip_address` - (**endpoint ip_address**) * `iccid` - (**sim iccid**) * `imsi` - (**sim imsi**) * `type` - (**event type**)

qstringOptional

format: "(from|until|type|source|severity|alert|description|organisation|user|endpoint|tags|ip_address|imei|iccid|imsi|timestamp):.+"

Filter parameter in <filter>:<value> format. Multiple filters must be a comma-separated list of the following fields:

from (date, format YYYY-MM-DDTHH:mm:ssZ, only valid with until)
until (date, format YYYY-MM-DDTHH:mm:ssZ, only valid with from)
type (event_type, numerical)
source (event_type, numerical, e.g. 0 = Network), 1 = Policy Control, 2 = API)
severity (event_severity, numerical, e.g. 0 = Info, 1 = Warn), 2 = Critical)
alert (boolean, e.g. true, false)
description (event description, string)
organisation (organisation name, string)
user (user name, string)
endpoint (endpoint name, string)
tags (endpoint tags, string)
ip_address (endpoint IP address, valid IPv4/IPv6 address)
imei (endpoint imei, numerical string)
iccid (sim iccid, numerical string)
imsi (sim imsi, numerical string)
timestamp (date, format YYYY-MM-DDTHH:mm:ssZ, for querying events of 1 day, deprecated in future)

Filter parameter in `<filter>:<value>` format. Multiple filters must be a comma-separated list of the following fields: * `from` (**date**, format `YYYY-MM-DDTHH:mm:ssZ`, **only valid with until**) * `until` (**date**, format `YYYY-MM-DDTHH:mm:ssZ`, **only valid with from**) * `type` (**event_type**, numerical) * `source` (**event_type**, numerical, e.g. 0 = Network), 1 = Policy Control, 2 = API) * `severity` (**event_severity**, numerical, e.g. 0 = Info, 1 = Warn), 2 = Critical) * `alert` (boolean, e.g. true, false) * `description` (**event description**, string) * `organisation` (**organisation name**, string) * `user` (**user name**, string) * `endpoint` (**endpoint name**, string) * `tags` (**endpoint tags**, string) * `ip_address` (**endpoint IP address**, valid IPv4/IPv6 address) * `imei` (**endpoint imei**, numerical string) * `iccid` (**sim iccid**, numerical string) * `imsi` (**sim imsi**, numerical string) * `timestamp` (**date**, format `YYYY-MM-DDTHH:mm:ssZ`, for querying events of 1 day, deprecated in future)

Response

Successfully returned a list of events

idinteger or null

alertboolean or null

descriptionstring or null

timestampstring or null

event_typeobject or null

event_sourceobject or null

event_severityobject or null

organisationobject or null

userobject or null

Errors

Filter parameter in <filter>:<value> format. Multiple filters must be a comma-separated list of the following fields:

from (date, format YYYY-MM-DDTHH:mm:ssZ, only valid with until)
until (date, format YYYY-MM-DDTHH:mm:ssZ, only valid with from)
type (event_type, numerical)
source (event_type, numerical, e.g. 0 = Network), 1 = Policy Control, 2 = API)
severity (event_severity, numerical, e.g. 0 = Info, 1 = Warn), 2 = Critical)
alert (boolean, e.g. true, false)
description (event description, string)
organisation (organisation name, string)
user (user name, string)
endpoint (endpoint name, string)
tags (endpoint tags, string)
ip_address (endpoint IP address, valid IPv4/IPv6 address)
imei (endpoint imei, numerical string)
iccid (sim iccid, numerical string)
imsi (sim imsi, numerical string)
timestamp (date, format YYYY-MM-DDTHH:mm:ssZ, for querying events of 1 day, deprecated in future)

1	import requests
2
3	url = "https://cdn.emnify.net/api/v1/event"
4
5	querystring = {"sort":"","q":""}
6
7	headers = {"Authorization": "Bearer <token>"}
8
9	response = requests.get(url, headers=headers, params=querystring)
10
11	print(response.json())

1	[
2	{
3	"id": 123456,
4	"alert": true,
5	"description": "Disconnecting data access for endpoint, because it has been disabled.",
6	"timestamp": "2020-07-20T14:19:29.000+0000",
7	"event_type": {
8	"id": 0,
9	"description": "Generic"
10	},
11	"event_source": {
12	"id": 1,
13	"description": "Policy Control"
14	},
15	"event_severity": {
16	"id": 1,
17	"description": "Warn"
18	},
19	"organisation": {
20	"id": 1234,
21	"name": "Example Organisation"
22	},
23	"endpoint": {
24	"id": 123456,
25	"name": "My Endpoint",
26	"ip_address": "10.10.10.10",
27	"tags": null,
28	"imei": "1234567890123456"
29	},
30	"imsi": {
31	"id": 1234,
32	"imsi": "123456789123456",
33	"import_date": "2019-01-22T13:38:30.000+0000"
34	},
35	"sim": {
36	"id": 1234,
37	"iccid": "8988303000123456789",
38	"production_date": "2019-01-22T13:38:30.000+0000"
39	}
40	}
41	]