About
This data dictionary will provide all information needed to align the Audit Data to meet your compliance or business requirements.
All times and dates are in ISO8601 format.
Jump to:
- Audit Event Types
- api-token
- appIdBundle
- contract-get
- dlp-rules
- dlpOverride
- encrypted-search-key
- licenseInvitation
- organization
- policy
- unit-attributes
- userSettings
Audit Event Types
Audit records are labeled with human-readable event names which attempt to describe what the event represents.
Event Type | API Event Value | Description |
---|---|---|
Policy Created | POLICY.CREATED |
Summary Event
|
Policy Updated | POLICY.UPDATED |
Summary Event
|
Policy Create Error | POLICY.CREATE_ERROR |
Summary Event
|
Policy Update Error | POLICY.UPDATE_ERROR |
Summary Event
|
Secure Email Drafted | EMAIL.DRAFTED |
Indicates a secure draft was created in one of the virtru clients
|
Secure Email Sent | EMAIL.SENT |
Indicates a secure email was sent
|
Secure Email Forward | EMAIL.FORWARDED |
Indicates a secure email was forwarded
|
Secure Email Accessed | EMAIL.ACCESS_SUCCEEDED |
Indicates a secure email was accessed
|
Secure Email Access Denied | EMAIL.ACCESS_FAILED |
Indicates access to a secure email was denied
|
Secure Email Revoke | EMAIL.REVOKED |
Indicates a secure email was revoked
|
Secure Email Reauthorized | EMAIL.REAUTHORIZED |
Indicates a previously revoked email has been re-enabled
|
Secure Email Expiration Set | EMAIL.EXPIRATION_ENABLED |
Indicates an expiration date has been set on a secure email
|
Secure Email Expiration Disabled | EMAIL.EXPIRATION_DISABLED |
Indicates a previously set expiration date on a secure email was removed
|
Secure Email Forwarding Disabled | EMAIL.FORWARD_DISABLED |
Indicates forwarding was disabled for a secure email
|
Secure Email Forwarding Enabled | EMAIL.FORWARD_ENABLED |
Indicates forwarding was enabled for a secure email
|
Secure Email Watermark Enabled | EMAIL.WATERMARK_ENABLED |
Indicates secure email watermark was enabled
|
Secure Email Watermark Disabled | EMAIL.WATERMARK_DISABLED |
Indicates secure email watermark was disabled
|
Secure Email One Click Enabled | EMAIL.ONE_CLICK_ENABLED |
Indicates secure email one click was enabled
|
Secure Email One Click Disabled | EMAIL.ONE_CLICK_DISABLED |
Indicates secure email one click was disabled
|
Secure File Attached | EMAIL.FILE_ATTACHED |
Indicates secure file was attached to an email
|
Secure File Encrypted | FILE.ENCRYPTED |
Indicates an unencrypted file was encrypted
|
Secure File Encrypted (Copy) | FILE.ENCRYPTED_COPY |
Indicates an encrypted copy of a file was created
|
Secure File Uploaded | FILE.UPLOADED |
Indicates a secure file was uploaded
|
Secure File Decrypted | FILE.DECRYPTED |
Indicates a secure file was decrypted
|
Secure File Decrypted (Copy) | FILE.DECRYPTED_COPY |
Indicates a decrypted copy of a file was created
|
Secure File Downloaded | FILE.DOWNLOADED |
Indicates a decrypted copy of a file was downloaded
|
Secure File Accessed | FILE.ACCESS_SUCCEEDED |
Indicates secure file was accessed. This can occur when a secure email/draft with an attachment is opened, or when a secure file in Drive is opened
|
Secure File Shared | FILE.SHARED |
Indicates a secure file was shared
|
Secure Version Added | FILE.VERSION_ADDED |
A new version of a file has been added.
|
Secure Version Removed | FILE.VERSION_REMOVED |
A version of a file has been removed.
|
Secure File Revoke | FILE.REVOKED |
Indicates a secure file was revoked
|
Secure File Reauthorize | FILE.REAUTHORIZED |
Indicates a previously revoked file was reauthorized
|
Secure File Access Denied | FILE.ACCESS_FAILED |
Indicates an unsuccessful attempt to access a file
|
Secure File Expiration Enabled | FILE.EXPIRATION_ENABLED |
Indicates expiration enabled on a secure file
|
Secure File Expiration Disabled | FILE.EXPIRATION_DISABLED |
Indicates expiration disabled on a secure file
|
Secure File Re-sharing Enabled | FILE.SHARING_ENABLED |
Indicates file re-sharing enabled
|
Secure File Re-sharing Disabled | FILE.SHARING_DISABLED |
Indicates file re-sharing disabled
|
Secure File Watermark Enabled | FILE.WATERMARK_ENABLED |
Indicates file watermark enabled
|
Secure File Watermark Disabled | FILE.WATERMARK_DISABLED |
Indicates file watermark disabled
|
Event Type | API Event Value | Description |
Invitation Sent | INVITATION.SENT |
Indicates a license invitation was sent
|
Invitation Accepted | INVITATION.ACCEPTED |
Indicates a license invitation was accepted
|
Invitation Revoked | INVITATION.REVOKED |
Indicates the license for a non-activated user was removed
|
Activation Started | ACTIVATION.STARTED |
Indicates a user-activated the virtru plugin or logged into the Control Center
|
Activation Completed | ACTIVATION.COMPLETED |
Indicates a user has completed the activation process on one of the Virtru Clients
|
Activation Revoked | ACTIVATION.REVOKED |
Indicates a user logged out of the Control Center or a plugin
|
Event Type | API Event Value | Description |
User Created | USER.CREATED |
Indicates a user was created. This can be triggered by a domain sync
|
User Updated | USER.UPDATED |
Indicates a user was updated. This can be triggered by any action that may update to a user's setting. e.g. a user updating a setting on their settings page, domain sync, or a license update
|
Event Type | API Event Value | Description |
Policy Admin Added | PERMISSION.POLICY_ADMIN_ADDED |
Indicates a user was given permissions to manage dlp rules ( MANAGE DLP RULES in the permissions modal)
|
User Admin Added | PERMISSION.USER_ADMIN_ADDED |
Indicates a user was given admin permissions to manage other users within the org (EDIT PERMISSIONS in the permissions modal)
|
Content Admin Added | PERMISSION.CONTENT_ADMIN_ADDED |
Indicates a user was given permissions to view email and file meta data (VIEW SECURE METADATA in the permissions modal)
|
eDiscovery Admin Added | PERMISSION.EDISCOVERY_ADMIN_ADDED |
Indicate a user was given permissions to decrypt any content even if they are not the intended recipient (DECRYPT SECURE CONTENT in the permissions modal)
|
Policy Admin Removed | PERMISSION.POLICY_ADMIN_REMOVED |
Opposite of Policy Admin Added
|
User Admin Removed | PERMISSION.USER_ADMIN_REMOVED |
Opposite of User Admin Added
|
Content Admin Removed | PERMISSION.CONTENT_ADMIN_REMOVED |
Opposite of Content Admin Added
|
eDiscovery Admin Removed | PERMISSION.EDISCOVERY_ADMIN_REMOVED |
Opposite of eDiscovery Admin Added
|
User Permissions Updated | PERMISSION.USER_UPDATED |
Opposite of User Permissions Added
|
Super Admin Added | PERMISSION.SUPER_ADMIN_ADDED |
Indicates a user was granted super admin permissions
|
Super Admin Removed | PERMISSION.SUPER_ADMIN_REMOVED |
Indicates a was removed as a super admin
|
Event Type | API Event Value | Description |
OU/Group Created | UNIT.CREATED |
Indicates an OU/GROUP was created, usually during a domain sync
|
OU/Group Updated | UNIT.UPDATED |
Indicates an OU/GROUP was updated, usually during a domain sync
|
Event Type | API Event Value | Description |
API Token Created | ORGANIZATION.API_TOKEN_CREATED |
Indicates an API token was created for the org
|
Organization Created | ORGANIZATION.CREATED |
Indicates an Organization was created
|
Organization Updated | ORGANIZATION.UPDATED |
Indicates some organization-wide action, such as domain sync, occurred.
|
Encrypted Key Generated | ORGANIZATION.KEY_CREATED |
Indicates the encrypted search key feature was enabled
|
Encrypted Key Revoked | ORGANIZATION.KEY_REVOKED |
Indicates the encrypted search key feature was disabled
|
Event Type | API Event Value | Description |
Rule Created | RULE.CREATED |
Indicates a DLP rule was created in the Control Center
|
Rule Updated | RULE.UPDATED |
Indicates a DLP rule was updated in the Control Center
|
Rule Deleted | RULE.DELETED |
Indicates a DLP rule was deleted in the Control Center
|
Rule Triggered | RULE.TRIGGERED |
Indicates a DLP rule was triggered in one of the virtru clients
|
Rule Overridden | RULE.OVERRIDDEN |
Indicates a DLP rule was triggered but ignored in one of the virtru clients
|
api-token
Organization-wide API tokens for CLI interaction with Virtru platform.
Attribute Name |
Type |
Description |
action |
String |
The action that was done to the object. Possible values:
|
auditDataType | string | As defined above. |
created |
String |
The ISO8601 datetime when the token was created. |
creator |
String |
The email address of the Virtru employee who created the token. |
displayName |
String |
A short label that describes the purpose of the token. |
lastModified |
String |
The date the record was last modified |
orgActionType |
String |
The organization action the record represents. |
orgId |
String |
The organizational ID. |
owner |
String |
The email address of the user who requested the token. |
permissions[] |
Array<String> |
Array of permissions the token has. This dictates what the token can be used for. Possible values:
|
recordId |
String |
The unique ID for this record. |
timestamp |
String |
Datetime of the event. |
tokenId | String | The token ID. |
type | String | Should always be "api-token" |
appIdBundle
Objects that contain unique identifiers for users. Used for authentication in the Virtru platform.
Attribute Name |
Type |
Description |
action |
String |
Actions taken for this record Possible Values
|
auditDataType | String | As defined above. |
created |
String |
The ISO8601 datetime when the appIdBundle was created. |
groups[] |
Array<String> |
An array of groups that the user is in. e.g. [ ‘Engineering@virtru.com’, ‘Gateway@virtru.com’ ] |
isActivateEvent |
Boolean |
Whether the appId was activated as part of this event. |
isDisableEvent |
Boolean |
Whether the appId was disabled as part of this event. |
isRevokedEvent |
Boolean |
Whether the appId was revoked as part of this event. |
lastModified |
String |
Datetime last modified. |
ous[] |
Array<String> |
IDs of all organizational units of the user which the appIdBundle was created for. e.g. [‘id%3A02f1mw1826k6eyh’,‘id%3A02f1mw182boq9zy’] |
orgActionType |
String |
Unique Id and action of this record. |
orgId |
String |
Unique Id of the organization |
primaryOu |
String |
ID of primary organizational unit of the user which the appIdBundle was created for. |
recordId |
String |
Unique Id of the record. |
requestId |
String |
Unique id of the request |
requestIp |
String |
IP of the requesting client. |
state |
String |
The state of the appIdBundle. Possible values:
|
timestamp |
String |
Timestamp of the event. |
type |
String |
Should always be "appIdBundle" |
userAgent |
String |
User agent string of the client used for the request. |
userId |
String |
The email address of the user who the appId was created for. |
virtruClient |
String |
String representing the client used for the request. |
contract-get
Created when a policy is accessed, whenever a Virtru email or file is decrypted.
Attribute Name |
Type |
Description |
action | String |
Recorded action Possible Values
|
adminDataType | String | As defined above. |
created | String | Datetime created |
expirationDate | String | Datetime of expiration |
groups[] |
Array<String> |
Array of groups that the accessing user belongs to. e.g. [ ‘engineer@virtru.com’, ‘gateway@virtru.com’ ] |
isNoAuth |
Boolean |
True if the user accessed the contract without authenticating. |
lastModified | String | Datetime last modified |
orgActionType |
String |
Action taken. |
orgId | String | Unique Id of the organization. |
ous[] |
Array<String> |
IDs of all organizational units of the user who accessed the policy. e.g. [‘id%3A02f1mw1826k6eyh’,‘id%3A02f1mw182boq9zy’] |
policyId |
String |
The ID of the policy that was accessed. |
primaryOu |
String |
ID of primary organizational unit of the user who accessed the policy. |
recordId | String | Unique Id of the record |
requestId |
String |
Unique Id of the request |
requestIp |
String |
IP address of the requesting user. |
timestamp | String | Datetime of the record |
type | String | Should always be "contract-get" |
userAgent | String | String name of the connecting client. |
userId |
String |
The email address of the user who accessed the policy. |
virtruClient | String | Name of the client. |
dlp-rules
DLP rules that run when a user attempts to send an email.
Attribute Name |
Type |
Description |
action | String | Action recorded by record |
auditDataType | String | As defined above. |
created |
String |
The ISO8601 datetime when the DLP rule was first created. |
dlpActions |
Array<String> |
The actions the rule takes when triggered. Possible values:
|
displayName |
String |
The name of the DLP rule. |
groups[] |
Array<String> |
Array of groups that the DLP rule applies to. e.g. [ ‘Engineering@virtru.com’, ‘Gateway@virtru.com’ ] |
isDeprecated |
Boolean |
Whether the rule is in use anymore; Possible Values:
|
lastModified | String | Datetime of the records last modification |
ous[] |
Array<String> |
IDs of all organizational units of that the DLP rule applies to. e.g. [‘id%3A02f1mw1826k6eyh’,‘id%3A02f1mw182boq9zy’] |
orgActionType | String | Action taken by organization |
orgId | String | Unique ID of the organization |
recordId | String | Unique ID of the record. |
requestId | String | Unique ID of the request. |
requestIp |
String |
Ip of the requesting client. |
ruleGroups[] |
Array<String> |
Array of groups that the DLP rule applies to. e.g. [ ‘Engineering@virtru.com’, ‘Gateway@virtru.com’ ] |
ruleId |
String |
The unqiue ID of the DLP rule. |
ruleOus[] |
Array<String> |
IDs of all organizational units of that the DLP rule applies to. e.g. [‘id%3A02f1mw1826k6eyh’,‘id%3A02f1mw182boq9zy’] |
scope |
String |
Mail flow direction for rule to be evaluated Possible Values:
|
timestamp | String | Datetime of the action |
type | String | Should always be "dlp-rules" |
userAgent | String | User Agent of requesting client |
userId |
String |
The email address of the user who created or updated the DLP rule. |
virtruClient | String | Name of the requesting client |
dlpOverride
An event representing a user bypassing a DLP warning and sending unsecure.
Attribute Name |
Type |
Description |
action | String |
The action that was done to the object. Possible values:
|
auditDataType | String | As defined above. |
expirationDate | String | Datetime of expiration |
lastModified | String | Datetime last modified |
orgActionType | String | Action taken |
orgId | String | The organizational ID |
policyId | String | The ID of the policy that was accessed |
recordId | String | Unique Id of the record |
requestId | String | Unique Id of the request |
requestIp | String | IP address of the requesting user |
timestamp | String | Datetime of the record |
type |
String |
Should always be "dlpOverride" |
userAgent | String | User Agent of requesting client |
userGroups | Array<String> |
Array of groups that the DLP rule applies to. e.g. [ ‘Engineering@virtru.com’, ‘Gateway@virtru.com’ ] |
userId |
String |
The email address of the user who created or updated the DLP rule. |
userOus |
Array<String> |
IDs of all organizational units of the user which the appIdBundle was created for. e.g. [‘id%3A02f1mw1826k6eyh’,‘id%3A02f1mw182boq9zy’] |
userPrimaryOu |
String |
ID of primary organizational unit of the user which the appIdBundle was created for. |
violatedRuleIds[] |
Array<String> |
Array of DLP rule IDs that were triggered and bypassed by the user. Corresponds with violatedRuleNames. |
violatedRuleNames[] |
Array<String> |
Array of DLP rule IDs that were triggered and bypassed by the user. Corresponds with violatedRuleNames. |
virtruClient |
String |
Name of the requesting client |
encrypted-search-key
Organization-wide keys used for searching and indexing encrypted emails. They are generated in the Virtru Control Center by administrators only one set of keys can be active per tenant.
Attribute Name |
Type |
Description |
acceptedOn | String | Datetime activated key. |
action | String |
Action recoreded by record Possible Values
|
auditDataType | String | As defined above. |
created |
String |
The ISO8601 datetime when the key was created. |
keyId |
String |
The unique ID of the encrypted search key. |
lastModified | String | Datetime of the record modification |
orgActionType |
String |
Organization level Action |
orgId |
String |
Unique ID of the organization |
receiverId |
String |
Unique Id of the recipient |
recordId |
String |
Unique ID of the record |
requestId |
String |
Unique ID of the request |
requestIp |
String |
IP of the computer that requested the creation/revocation of the key |
revokedOn | String | The ISO8601 datetime of when (and if) the search key was revoked. |
status |
String |
Status of the key Possible Values
|
timestamp |
String |
Datetime of the event |
type | String | Should always be "encrypted-search-key" |
userId |
String |
The email address of the user who created the search key. |
userAgent | String | User Agent string of the requesting client |
virtruClient | String | Name of the requesting client |
licenseInvitation
Invitations that are sent out to users to install and activate Virtru software.
Attribute Name |
Type |
Description |
acceptedOn |
String |
The ISO8601 datetime when/if the invitation was accepted. |
action | String | Action recoreded by record |
auditDataType | String | As defined above. |
created |
String |
The ISO8601 datetime when the invitation was created. |
invitationId |
String |
The unique ID of the livense invitation. |
lastModified | String | Datetime of the record modification |
orgActionType | String | Organization level Action |
orgId | String | Unique ID of the organization |
receiverId |
String |
The email address of the user who was sent the invitation. |
recordId | String | Unique ID of the record |
requestId | String | Unique ID of the request |
requestIp | String | IP of the computer that initiated the request |
revokedOn |
String |
The ISO8601 datetime when/if the invitation was revoked. |
status |
String |
The status of the invitation. Possible values:
|
timestamp | String | Datetime of the event |
type |
String |
Should always be "licenseInvitation" |
userAgent | String | User Agent string of the requesting client |
virtruClient | String | Name of the Virtru client requesting the invitation |
organization
The details and configuration of the organization.
Attribute Name |
Type |
Description |
action |
String |
The action that was done to the object. Possible Values
|
auditDataType | String | As defined above. |
created |
String |
The ISO8601 datetime when the invitation was created. |
delegationEmail |
String |
The delegation email address for use when triggering the automatic domain synchronization. |
lastDomainRefresh |
String |
The ISO8601 datetime when the organization was last synchronized. |
lastModified |
String |
Date the record was last modified. |
orgActionType |
String | A simple join of the orgId, type, and action fields. Used for indexing purposes. |
orgId |
String |
The unique ID of the organization. |
owner |
String |
The email address of the organization owner. |
recordId |
String |
Unique ID of the record |
requestId |
String |
The unique ID of the request. |
requestIp |
String |
IP of the requesting client |
timestamp |
String |
The ISO8601 datetime of the moment the audit record was created. |
type |
String |
Should always be "organization" |
userAgent |
String |
The web browser user agent. Contains information such as the browser and operating system. |
userId |
String |
The email address of the user who created or updated the organization. |
virtruClient |
String |
The Virtru client that was used to make the request. |
policy
Policies created and updated for every encrypted email and file.
Attribute Name |
Type |
Description |
accessedBy[] |
Array<String> |
Array of all email addresses of users who have accessed the policy. |
action |
String |
The action that was done to the object. Possible Values
|
appliedActions[] |
Array<String> |
Array of DLP actions applied to the policy as a result of the above violation. e.g. [‘virtru:encrypt’,‘virtru:disableForwarding’] |
auditDataType | String | As defined above. |
children[] |
Array<String> |
Array of child policy IDs (usually attachments to an email). |
created |
String |
The ISO8601 datetime when the policy was created. |
displayName |
String |
The subject/name of the email/file. |
expiration |
String |
The ISO8601 datetime for when/if the policy is set to expire. |
forwardLog[] |
Array<Object> |
Array of forward events containing recipient, sender, and timestamp fields. e.g. |
groups[] |
Array<String> |
Array of groups which the policy belongs to. Same as the groups of the user who created the policy at the time. e.g. [‘engineering@virtru.com’,‘gateway@virtru.com’] |
isExpireEvent |
Boolean |
True is policy expiration was set as part of this event. |
isForwardEvent |
Boolean |
True if an email/file was forwarded as part of this event. Represents a change to the 'forwardLog' field. |
isForwardingDisabled |
Boolean |
True if forwarding has been disabled for this policy. |
isForwardingDisabledEvent |
Boolean |
True if policy forwarding was disabled as part of this event. |
isManaged |
Boolean |
True if the policy is managed. |
isManagedEvent |
Boolean |
True if policy was set to managed as part of this event. |
isNoAuth |
Boolean |
True if the policy does not require authentication. |
isNoAuthEvent |
Boolean |
True if authorization was disabled as part of this event. |
isRevokeEvent |
Boolean |
True if the policy was revoked as part of this event. |
isReauthorizeEvent |
Boolean |
True if a previously-revoked policy was re-enabled as part of this event. |
isSendEvent |
Boolean |
True if an email/file was sent as part of this event. |
lastModified |
String |
Datetime of the last time the record was modified |
ous[] |
Array<String> |
IDs of all organizational units of the user who create/updated the policy. e.g. [‘id%3A02f1mw1826k6eyh’,‘id%3A02f1mw182boq9zy’] |
orgActionType |
String |
A simple join of the orgId, type, and action fields. Used for indexing purposes. |
orgId |
String |
Unique ID of the organization |
policyId |
String |
The unique ID of the policy. |
policyGroups[] |
Array<String> |
Array of groups which the policy belongs to. Same as the groups of the user who created the policy at the time. e.g. |
policyOus[] |
Array<String> |
IDs of all organizational units of the user who create/updated the policy. e.g. |
policyOwner |
String |
The email address of the policy owner (the user who originally created the policy). |
policyType |
String |
The type of the policy. Possible Values:
|
primaryOu |
String |
ID of the primary organizational unit of the user who created/updated the policy. e.g. ‘id%3A02f1mw1826k6eyh’ |
recipients[] |
Array<String> |
Array of users (email addresses) who are authorized to access this email or file. |
recordId |
String |
Unique ID of the record |
requestId |
String |
The unique ID of the request. |
requestIp |
String |
The IP address where the request originated from. |
state |
String |
Whether the policy is active or revoked. Possible Values:
|
timestamp |
String |
The ISO8601 datetime of the moment the audit record was created. |
type |
String |
Should always be "policy" |
userAgent |
String |
The web browser user agent. Contains information such as the browser and operating system. |
userId |
String |
The email address of the user who created or updated the policy. |
violatedRuleIds[] |
Array<String> |
Array of IDs of DLP rules that were violated/triggered when this policy was created. |
violatedRuleNames[] |
Array<String> |
Array of Names of DLP rules that were violated/triggered when this policy was created. |
virtruClient |
String |
The Virtru client that was used to make the request. |
unit-attributes
The groups and organizational units of the organization.
Attribute Name |
Type |
Description |
action |
String |
The action that was done to the object. Possible Values
|
adminDlp[] |
Array<String> |
Arrays of various administrators of this unit broken up by permissions. |
adminDlpAdded[] |
Array<String> |
Arrays of any administrators that were added or removed segmented up by permissions type. |
adminDlpRemoved[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyBulkExport[] |
Array<String> |
Arrays of various administrators of this unit broken up by permissions. |
adminPolicyBulkExportAdded[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyBulkExportRemoved[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyContractFetch[] |
Array<String> |
Arrays of various administrators of this unit broken up by permissions. |
adminPolicyContractFetchAdded[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyContractFetchRemoved[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyEdit[] |
Array<String> |
Arrays of various administrators of this unit broken up by permissions. |
adminPolicyEditAdded[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyEditRemoved[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyRead[] |
Array<String> |
Arrays of various administrators of this unit broken up by permissions. |
adminPolicyReadAdded[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyReadRemoved[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyRevoke[] |
Array<String> |
Arrays of various administrators of this unit broken up by permissions. |
adminPolicyRevokeAdded[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminPolicyRevokeRemoved[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminUnit[] |
Array<String> |
Arrays of various administrators of this unit broken up by permissions. |
adminUnitAdded[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
adminUnitRemoved[] | Array<String> | Arrays of any administrators that were added or removed segmented up by permissions type. |
auditDataType | String | As defined above. |
created | String | The ISO8601 datetime when the unit was created. |
lastModified |
String |
Datetime of the last time the record was modified |
name | String | The name of the unit. |
orgActionType |
String |
A simple join of the orgId, type, and action fields. Used for indexing purposes. |
orgId |
String |
Unique ID of the organization |
permissions[] | Array<String> |
An array of permissions for the users in this unit. e.g. [ |
recordId |
String |
Unique ID of the record |
remoteId | String | The unique ID of the unit. |
requestId |
String |
The unique ID of the request. |
requestIp |
String |
The IP address where the request originated from. |
timestamp |
String |
The ISO8601 datetime of the moment the audit record was created. |
type |
String |
Should always be "unit-attributes" |
unitType |
String |
The type of the unit. Possible Values
|
userAgent |
String |
The web browser user agent. Contains information such as the browser and operating system. |
virtruClient |
String |
The Virtru client that was used to make the request. |
userSettings
The users in the organization and their settings/memberships.
Attribute Name |
Type |
Description |
action |
String |
The action that was done to the object. Possible Values
|
auditDataType | String | As defined above. |
created |
String |
The ISO8601 datetime the user was created |
groups[] |
Array<String> |
An array of groups the user is in. e.g. [ ‘Engineering@virtru.com’, ‘Gateway@virtru.com’ ] |
lastModified |
String |
Datetime of the last time the record was modified |
orgActionType |
String |
A simple join of the orgId, type, and action fields. Used for indexing purposes. |
orgId |
String |
Unique ID of the organization |
ous[] |
Array<String> |
IDs of all organizational units of the user. e.g. [‘id%3A02f1mw1826k6eyh’,‘id%3A02f1mw182boq9zy’] |
permissions[] |
Array<String> |
An array of permissions the user has. Possible Values:
|
primaryOu |
String |
ID of the primary organizational unit of the user. e.g. ‘id%3A02f1mw1826k6eyh’ |
recordId |
String |
Unique ID of the record |
timestamp |
String |
The ISO8601 datetime of the moment the audit record was created. |
type |
String |
Should always be "userSettings" |
userId |
String |
The user’s email address. |
userSettingsGroups[] |
Array<String> |
An array of groups of the user settings. e.g. [ |
userSettingsId |
String |
The email address of the user settings object being created or updated. |
userSettingsIsSuperAdmin |
Boolean |
True if user settings is that of a super administrator. |
userSettingsPrimaryOu |
String |
ID of the primary organizational unit of the user settings. e.g. 'id%3A02f1mw1826k6eyh' |
userSettingsOus[] |
Array<String> |
IDs of all organizational units of the user settings. e.g. [ |