View rollback actions report

This report provides a consolidated and point-in-time view of your protected entities that were deleted within a specified date range.

URL

https://apis.druva.com/platform/reporting/v1/reports/dgRollbackActions

Request type

HTTP POST

Sample cURL request

curl --request POST \
     --url https://apis.druva.com/platform/reporting/v1/reports/dgRollbackActions \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "filters": {
    "pageSize": 100,
    "filterBy": [
      {
        "fieldName": "deleteRequestID",
        "operator": "EQUAL",
        "value": "string"
      }
    ]
  },
  "pageToken": ""
}
'

To try this API endpoint, see Reports API reference.

📘
Note
On the API reference page, select dgRollbackActions as the report ID under path params to test this endpoint.

Sample responses

{
  "data": [
    {
      "dataSize": 20,
      "deleteRequestID": "11ef158d-929c-4841-ab83-0ca4179c1420",
      "deletedBy": "rollbackTest rollbackTest",
      "deletedDateTime": "2023-04-26T10:53:52.000Z",
      "deletionReason": "Automation testing - deletion for workload Teams",
      "entityName": "entity-1",
      "deletedItem": "Snapshot",
      "entityType": "SharePoint",
      "rollbackDateTime": "2023-04-26T10:57:51.000Z",
      "rolledBackBy": "rollbackTest rollbackTest",
      "status": "Rolled back",
      "permanentDeleteTime": "2023-04-28T10:57:51.000Z",
      "lastUpdatedDateTime": "2023-04-26T11:00:56.000Z"
    }
  ],
  "lastSyncTimestamp": "2024-03-26T15:32:09.788Z",
  "filters": {},
  "nextPageToken": "YTBDNDk6Rjk1MmViY1FpTVpBejNFTU9lSWxzUT09OjA="
}

Field	Type	Description
data	array of objects	The collection of rollback actions.
dataSize	integer	The data size.
deleteRequestID	string (UUID)	The delete request ID.
deletedBy	string	The admin who deleted the entity.
deletedDateTime	date-time	The date on which the entity was deleted. The time is in the UTC time zone. Example - 2019-10-25T00:00:00Z
deletionReason	string	The reason for which the entity was deleted.
entityName	string	The name of the entity.
deletedItem	string	Type of deleted entity.
entityType	string	The type of entity. (Endpoints, Exchange Online,File Servers,Google Drive,Google Mail,Groups,NAS,One Drive,Profiles,Public Folders,SharePoint,Shared Drives,Teams,Users, VMware)
rollbackDateTime	date-time	The date on which the entity was rolled-back. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z
rolledBackBy	string	The admin who rolled-back the entity.
status	string	The status of the request. Possible values(Available for rollback, Permanently deleted, Rollback in progress, Rolled back)
permanentDeleteTime	date-time	The date on which the entity will be permanently deleted if not rolled-back. Example - 2019-10-28T00:00:00Z
lastUpdatedDateTime	date-time	The last updated time stamp. The time is in the UTC time zone. Example - 2019-10-25T00:00:00Z
lastSyncTimestamp	date-time	Time stamp until which report data is returned in the API. The time is in the UTC time zone.
filters	object	Filters applied to the report.
nextPageToken	string	The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes.

{
  "code": "string",
  "data": {
    "additionalProp": {}
  },
  "message": "string",
  "retryable": true
}

Field	Type	Description
code	string	Error code.
data	object	Data of the error.
message	string	Error message.
retryable	boolean	Can retry the API call (`true` for yes and `false` for no.)

View data protection risk report

This report provides a consolidated view of the connection status of the enterprise workload agents with Druva.

Endpoint URL

https://apis.druva.com/platform/reporting/v1/reports/dgDataProtectionRisk

Request type

HTTP POST

Sample cURL request

curl --request POST \
     --url https://apis.druva.com/platform/reporting/v1/reports/dgDataProtectionRisk \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "filters": {
    "pageSize": 100,
    "filterBy": [
      {
        "fieldName": "workloadName",
        "operator": "EQUAL",
        "value": "string"
      }
    ]
  },
  "pageToken": ""
}
'

To try this API endpoint, see Reports API reference.

📘
Note
On the API reference page, select dgDataProtectionRisk as the report ID under path params to test this endpoint.

Sample responses

{
  "data": [
    {
      "organization": "custom-org",
      "workloadName": "Files",
      "workloadAgent": "device123",
      "connectionStatusToCloud": "Disconnected",
      "disconnectedFromCloudSince": "2024-03-26T15:32:09.788Z",
      "lastUpdatedTime": "2023-04-28T10:57:51.000Z",
      "vCenterESXiHosts": "centerhost123",
      "connectionStatusToVCenter": "Disconnected"
    }
  ],
  "lastSyncTimestamp": "2024-03-26T15:32:09.788Z",
  "filters": {},
  "nextPageToken": "YTBDNDk6Rjk1MmViY1FpTVpBejNFTU9lSWxzUT09OjA="
}

Field	Type	Description
data	array of objects	The collection of enterprise workload agents' connection statuses with the cloud.
organization	string	The name of the organization.
workloadAgent	string	The name of the workload. Possible values (Files, Hyper-V, MS-SQL, NAS, Oracle, Oracle-DTC, VMware)
connectionStatusToCloud	string	The connection status to the cloud. Example - Possible values (Connected,Disconnected)
disconnectedFromCloudSince	date-time	The date since which device is disconnected from cloud. The time is in the UTC time zone. Example - 2019-10-25T00:00:00Z
lastUpdatedTime	date-time	The last updated time stamp. The time is in the UTC time zone. Example - 2019-10-25T00:00:00Z
vCenterESXiHosts	string	Name of the vCentre or ESXi host where the backup proxy is deployed.
connectionStatusToVcenter	string	The connection status to the vCenter. Possible values (Connected,Disconnected)
lastSyncTimestamp	string	Time stamp until which report data is returned in the API. The time is in the UTC time zone.
filters	object	Filters applied to the report.
nextPageToken	string	The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes.

{
  "code": "string",
  "data": {
    "additionalProp": {}
  },
  "message": "string",
  "retryable": true
}

Field	Type	Description
code	string	Error code.
data	object	Data of the error.
message	string	Error message.
retryable	boolean	Can retry the API call (`true` for yes and `false` for no.)

View data access events report

This report provides a consolidated and point-in-time view of data access events, such as restore or download events. For example, you can specify whether you want the list of successful restore events.

URL

https://apis.druva.com/platform/reporting/v1/reports/dgDataAccessEvents

Request type

HTTP POST

Sample cURL request

curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgDataAccessEvents' \
--header 'Content-Type: application/json' \
--data '
{
  "filters": {
    "pageSize": 100,
    "filterBy": [
      {
        "fieldName": "jobStatus",
        "value": "Successful"
        "operator": "EQUAL"
      }
    ]
  },
  "pageToken": ""    
}'

To try this API endpoint, see Reports API reference.

📘
Note
On the API reference page, select dgDataAccessEvents as the report ID under path params to test this endpoint.

Sample HTTP 200 response

{
    "data": [
        {
            "accessType": "Admin Restore",
            "adminName": "C P",
            "endTime": "2024-01-29T04:54:56.000Z",
            "ipAddress": "114.143.238.10",
            "jobId": 74,
            "jobStatus": "Successful",
            "location": "Mumbai, India",
            "resourceName": "backupset_CPJFXH",
            "size": 1389581394,
            "startTime": "2024-01-29T04:52:22.000Z"
        },
    ],
    "filters": {
        "pageSize": 100,
        "filterBy": null
    },
    "lastSyncTimestamp": "2024-03-28T12:15:22.000Z",
    "nextPageToken": "MmZhOTBlMGUtMjBhMi00YWEwLWIwNzgtOTMxNzJlM2Y4NGU0"
}

Field	Type	Description
data	array of objects	The collection of data access events.
accessType	string	The name of the event.
adminName	string	The name of the administrator who triggered the event.
endTime	date-time	The timestamp when the job ended.
ipAddress	string	The IP address of the admin's computer.
jobId	integer	The event's job ID.
jobStatus	string	Whether the job succeeded or failed.
location	string	The admin's computer's location.
resourceName	string	The backup object's name that the admin used to trigger the event (ran a restore job in this case.)
size	integer	The size of the data (restored data in this example.)
startTime	date-time	The timestamp when the job started.
lastSyncTimestamp	string	Time stamp until which report data is returned in the API. The time is in the UTC time zone.
filters	object	Filters applied to the report.
nextPageToken	string	The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes.

{
  "code": "string",
  "data": {
    "additionalProp": {}
  },
  "message": "string",
  "retryable": true
}

Field	Type	Description
code	string	Error code.
data	object	Data of the error.
message	string	Error message.
retryable	boolean	Can retry the API call (`true` for yes and `false` for no.)

View admin login events report

This report provides a consolidated view of when your Druva admins logged in to the Druva Console.

URL

https://apis.druva.com/platform/reporting/v1/reports/dgAdminLoginEvents

Request type

HTTP POST

Sample cURL request

curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgAdminLoginEvents' \
--header 'Content-Type: application/json' \
--data '{
  "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "loginResult",
                "value": "Failed",
                "operator": "EQUAL"
            }
        ]
    }   
}'

To try this API endpoint, see Reports API reference.

📘
Note
On the API reference page, select dgAdminLoginEvents as the report ID under path params to test this endpoint.

Sample HTTP 200 response

{
    "data": [
        {
            "adminName": "C P",
            "ipAddress": "114.143.238.10",
            "location": "Mumbai, India",
            "loginResult": "Failed",
            "loginTime": "2024-03-27T05:56:16.000Z"
        }
    ],
    "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "loginResult",
                "value": "Failed",
                "operator": "EQUAL"
            }
        ]
    },
    "lastSyncTimestamp": "2024-06-04T07:43:37Z",
    "nextPageToken": "NWFlODMwY2YtZDcxMC00NTZiLTlhNzEtMTJmZDU3NWFkYjhm"
}

Field	Type	Description
data	array of objects	The collection of admin login events.
adminName	string	The name of the administrator who triggered the event.
ipAddress	string	The IP address of the admin's computer.
location	string	The admin's computer's location.
loginResult	string	The result of the login attempt. For example, "successful" or "failed".
loginTime	date-time	The timestamp when the admin tried to login to the Druva Console.
lastSyncTimestamp	string	Time stamp until which report data is returned in the API. The time is in the UTC time zone.
filters	object	Filters applied to the report.
nextPageToken	string	The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes.

{
  "code": "string",
  "data": {
    "additionalProp": {}
  },
  "message": "string",
  "retryable": true
}

Field	Type	Description
code	string	Error code.
data	object	Data of the error.
message	string	Error message.
retryable	boolean	Can retry the API call (`true` for yes and `false` for no.)

View unusual data activity alerts report

This reports provides a list of unusual data activity alerts.

URL

https://apis.druva.com/platform/reporting/v1/reports/dgUnusualDataActivityAlerts

Request type

HTTP POST

Sample cURL request

curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgUnusualDataActivityAlerts' \
--header 'Content-Type: application/json' \
--data '{
  "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "resourceType",
                "value": "NAS",
                "operator": "EQUAL"
            }
        ]
    }   
}'

To try this API endpoint, see Reports API reference.

📘
Note
On the API reference page, select dgUnusualDataActivityAlerts as the report ID under path params to test this endpoint.

Sample HTTP response

{
    "data": [
        {
            "affectedSnapshotName": "Apr 16 2024, 10:00",
            "alertGeneratedOn": "2024-04-15T10:00:28.000Z",
            "alertStatus": "Active",
            "alertType": "Modification",
            "encryptionReason": "High Entropy detected",
            "filesCreated": 0,
            "filesDeleted": 0,
            "filesEncrypted": 0,
            "filesModified": 80,
            "id": 258,
            "impactedFiles": 184,
            "resolvedStatus": "-",
            "resourceName": "test_report_dummy_NAS_ZIE2DN",
            "resourceParentName": "parent_7AZQ69",
            "resourceType": "NAS"
        }
    "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "resourceType",
                "value": "NAS",
                "operator": "EQUAL"
            }
        ]
    },
    "lastSyncTimestamp": "2024-06-05T06:03:11Z",
    "nextPageToken": ""
}

Field	Type	Description
data	array of objects	The collection of unusual data activity alerts.
affectedSnapshotName	string	The name of the snapshot that triggered the alert.
alertGeneratedOn	date-time	The timestamp when the alert was generated.
alertStatus	string	The alert's status. For more information, see View UDA alerts.
alertType	string	The type of alert. For more information, see View UDA alerts .
encryptionReason	string	The reason for encryption alerts.
filesCreated	integer	The number of files that were created.
filesDeleted	integer	The number of files that were delete.
filesEncrypted	integer	The number of files that were encrypted.
filesModified	integer	The number of files that were modified.
id	integer	The alert's ID.
impactedFiles	integer	The total number of files that were impacted.
resolvedStatus	string	The status of the alert, whether it's resolved or not.
resourceName	string	The device or computer on which Druva detected unusual data activity.
resourceParentName	string	The name of the device's parent. For example, ESXi host's name if the device is VMware virtual machine.
resourceType	string	The type of resource on which Druva detected an unusual data activity.
filters	object	The filters applied to the report.
lastSyncTimestamp	date-time	Time stamp until which report data is returned in the API. The time is in the UTC time zone.
nextPageToken	string	The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes.

{
  "code": "string",
  "data": {
    "additionalProp": {}
  },
  "message": "string",
  "retryable": true
}

Field	Type	Description
code	string	Error code.
data	object	Data of the error.
message	string	Error message.
retryable	boolean	Can retry the API call (`true` for yes and `false` for no.)

View quarantined resources report

This reports provides the list of resources that Druva marked as quarantined.

URL

https://apis.druva.com/platform/reporting/v1/reports/dgQuarantineResources

Request type

HTTP POST

Sample cURL request

curl --location --request POST 'https://apis.druva.com/platform/reporting/v1/reports/dgQuarantineResources' \
--header 'Content-Type: application/json' \
--data '{
    "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "resourceType",
                "value": "Endpoint",
                "operator": "EQUAL"
            }
        ]
    }
}'

To try this API endpoint, see Reports API reference.

📘
Note
On the API reference page, select dgQuarantineResources as the report ID under path params to test this endpoint.

Sample HTTP 200 response

{
    "data": [
        {
            "addedTime": "2024-05-29T10:41:15.000Z",
            "removedFromQR": "No",
            "fromTime": "2024-05-01T00:00:00.000Z",
            "lastUpdatedTime": "2024-05-29T11:25:14.000Z",
            "resourceName": "INTERN-PIYUSHK",
            "resourceType": "Endpoint",
            "toTime": "2024-05-02T23:59:59.000Z"
        }
    ],
    "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "resourceType",
                "value": "Endpoint",
                "operator": "EQUAL"
            }
        ]
    } ,
    "lastSyncTimestamp": "2024-06-05T08:54:45Z",
    "nextPageToken": ""
}

Field	Type	Description
data	array of objects	The collection of quarantined resources.
addedTime	date-time	The timestamp when the device or entity was added to the quarantined resources list.
fromTime	date-time	The start of the date range to quarantine this resource.
lastUpdatedTime	date-time	The timestamp when the quarantined resource was updated.
resourceName	string	The name of the device or entity that was quarantined.
resourceType	string	The type of the quarantined resource. For example, an endpoint.
toTime	date-time	The end of the date range to quarantine this resource.
filters	object	The filters applied to the report.
lastSyncTimestamp	date-time	Time stamp until which report data is returned in the API. The time is in the UTC time zone.
nextPageToken	string	The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes.

{
  "code": "string",
  "data": {
    "additionalProp": {}
  },
  "message": "string",
  "retryable": true
}

Field	Type	Description
code	string	Error code.
data	object	Data of the error.
message	string	Error message.
retryable	boolean	Can retry the API call (`true` for yes and `false` for no.)

View malicious scan jobs report

This report provides the list of malicious scan jobs.

URL

https://apis.druva.com/platform/reporting/v1/reports/dgMaliciousScanJob

Request type

HTTP POST

Sample cURL request

curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgMaliciousScanJob' \
--header 'Content-Type: application/json' \
--data '
 { "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "resourceName",
                "value": "INTERN-PIYUSHK",
                "operator": "EQUAL"
            }
        ]
    }   
}'

To try this API endpoint, see Reports API reference.

📘
Note
On the API reference page, select dgMaliciousScanJob as the report ID under path params to test this endpoint.

Sample HTTP 200 response

{
    "data": [
        {
            "deletedFiles": 0,
            "filesScanned": 2,
            "jobEndTime": "2024-05-28T10:19:44.000Z",
            "jobId": 1,
            "jobStartTime": "2024-05-28T10:19:41.000Z",
            "jobStatus": "Successful",
            "maliciousFiles": 0,
            "resourceName": "INTERN-PIYUSHK",
            "resourceType": "Endpoint",
            "scanType": "Restore Scan",
            "skippedFiles": 0
        }
    ],
    "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "resourceName",
                "value": "INTERN-PIYUSHK",
                "operator": "EQUAL"
            }
        ]
    },
    "lastSyncTimestamp": "2024-06-04T07:29:22Z",
    "nextPageToken": ""
}

Field	Type	Description
data	array of objects	The collection of malicious scan jobs.
deletedFiles	integer	The number of files identified as deleted in the job.
filesScanned	integer	The number of files scanned in the job.
jobEndTime	date-time	The timestamp when the job ended.
jobId	integer	The scan job's ID.
jobStartTime	date-time	The timestamp when the job ended.
jobStatus	string	The job's status.
maliciousFiles	integer	The number malicious files detected in the job.
filesEncrypted	integer	The number of files that were encrypted.
resourceName	string	The device or computer on which Druva detected unusual data activity.
resourceType	string	The type of resource on which Druva detected an unusual data activity.
scanType	string	The scan job's type.
skippedFiles	integer	The number of files that Druva couldn't scan in the job.
filters	object	The filters applied to the report.
lastSyncTimestamp	date-time	Time stamp until which report data is returned in the API. The time is in the UTC time zone.
nextPageToken	string	The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes.

{
  "code": "string",
  "data": {
    "additionalProp": {}
  },
  "message": "string",
  "retryable": true
}

Field	Type	Description
code	string	Error code.
data	object	Data of the error.
message	string	Error message.
retryable	boolean	Can retry the API call (`true` for yes and `false` for no.)

View curated snapshots report

This report provides a list of curated snapshots.

URL

https://apis.druva.com/platform/reporting/v1/reports/dgCuratedSnapshots

Request type

HTTP POST

Sample cURL request

curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgCuratedSnapshots' \
--header 'Content-Type: application/json' \
--data '{ "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "jobStatus",
                "value": "Successful",
                "operator": "EQUAL"
            }
        ]
    }   
}'

To try this API endpoint, see Reports API reference.

📘
Note
On the API reference page, select dgCuratedSnapshots as the report ID under path params to test this endpoint.

Sample HTTP 200 response

{
    "data": [
        {
            "createdBy": "p k",
            "expiry": "Jun 14 2024, 12:40",
            "filesIncluded": 4,
            "jobEndTime": "2024-05-30T12:40:09.000Z",
            "jobId": 7,
            "jobStartTime": "2024-05-30T12:40:02.000Z",
            "jobStatus": "Successful",
            "resourceName": "INTERN-PIYUSHK",
            "resourceType": "3",
            "size": 19962,
            "snapshot": "May 30, 2024 12:40",
            "snapshotRangeEndDate": "2024-05-30T23:59:59.000Z",
            "snapshotRangeStartDate": "2024-05-02T00:00:00.000Z",
            "snapshotStatus": "Deleted"
        }
    ],
    "filters": {
        "pageSize": 100,
        "filterBy": [
            {
                "fieldName": "jobStatus",
                "value": "Successful",
                "operator": "EQUAL"
            }
        ]
    } ,
    "lastSyncTimestamp": "2024-06-05T08:54:45Z",
    "nextPageToken": ""
}

Field	Type	Description
data	array of objects	The collection of malicious scan jobs.
createdBy	string	The name of the admin who created this snapshot.
expiry	string	The timestamp when this snapshot expires.
jobEndTime	date-time	The timestamp when the job ended.
jobId	integer	The snapshot creation job's ID.
jobStartTime	date-time	The timestamp when the job ended.
jobStatus	string	The job's status.
resourceName	string	The device or computer for which you create a curated snapshot.
resourceType	string	The type of resource for which you create curated snapshot.
size	integer	The curated snapshot's size.
snapshot	string	The name of the curated snapshot (generally the date and time when it was created).
snapshotRangeEndDate	date-time	The end of the date range to create this snapshot.
snapshotRangeStartDate	date-time	The start of the date range to create this snapshot.
snapshotStatus	string	The snapshot's status within Druva.
filters	object	The filters applied to the report.
lastSyncTimestamp	date-time	Time stamp until which report data is returned in the API. The time is in the UTC time zone.
nextPageToken	string	The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes.

{
  "code": "string",
  "data": {
    "additionalProp": {}
  },
  "message": "string",
  "retryable": true
}

Field	Type	Description
code	string	Error code.
data	object	Data of the error.
message	string	Error message.
retryable	boolean	Can retry the API call (`true` for yes and `false` for no.)

View rollback actions report

URL

Request type

Sample cURL request

📘Note

Sample responses

View data protection risk report

Endpoint URL

Request type

Sample cURL request

📘Note

Sample responses

View data access events report

URL

Request type

Sample cURL request

📘Note

Sample HTTP 200 response

View admin login events report

URL

Request type

Sample cURL request

📘Note

Sample HTTP 200 response

View unusual data activity alerts report

URL

Request type

Sample cURL request

📘Note

Sample HTTP response

View quarantined resources report

URL

Request type

Sample cURL request

📘Note

Sample HTTP 200 response

View malicious scan jobs report

URL

Request type

Sample cURL request

📘Note

Sample HTTP 200 response

View curated snapshots report

URL

Request type

Sample cURL request

📘Note

Sample HTTP 200 response

📘
Note

📘
Note

📘
Note

📘
Note

📘
Note

📘
Note

📘
Note

📘
Note