Get data governance reports
The reports that provide information on data governance jobs such as non-compliant files, eDiscovery downloads, defensible deletes etc.
eDiscovery download jobs report
This report provides information on eDiscovery download jobs based on the specified filters.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgeDiscoveryDownloadJobsReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgeDiscoveryDownloadJobsReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "status",
"value": "Successful",
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgeDiscoveryDownloadJobsReport
as the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"custodian": "John Doe",
"custodianEmail": "[email protected]",
"dataDownloadedInBytes": 37908078,
"dataSource": "Exchange Online",
"dataType": "Data and Metadata",
"downloadClient": "client1_PF_123",
"downloadLocation": "E:\\Download",
"endTime": "2024-02-12T09:32:32.000Z",
"error": "-",
"fileTypes": "Zip",
"filesCheckedForDataIntegrity": "NA",
"filesDownloaded": 35,
"jobCreatedBy": "Elite CAonly",
"jobId": 2,
"legalHold": "LH policy",
"legalHoldType": "Human Resources",
"startTime": "2024-02-12T09:21:41.000Z",
"status": "Successful",
"totalDataInBytes": "37908078",
"totalFiles": "35"
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "status",
"value": "Successful",
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T08:34:03Z",
"nextPageToken": "NWQzMjkzYWEtY2ViMy00Y2QyLWE5YTEtNWYzMmE5MmRmN2Y3"
}
Field | Type | Description |
---|---|---|
data | array of objects | The collection of eDiscovery download jobs. |
custodian | string | The details of the custodian who is under legal hold. |
custodianEmail | string | The custodian's email address. |
dataDownloadedInBytes | integer | The amount of data that was downloaded. |
dataSource | string | The source from where the client downloaded the data. |
dataType | string | The data type that was download. |
downloadClient | string | The inSync client's name that ran the download. |
downloadLocation | string | The location on the computer where the client stored the downloaded data. |
endTime | date-time | The timestamp when the download job ended. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z. |
error | string | The errors that the download job ran into. |
fileTypes | string | The file type of the downloaded data. |
filesCheckedForDataIntegrity | string | The list of files that eDiscovery job checked for data integrity. |
filesDownloaded | integer | The number of files included in the download. |
jobCreatedBy | string | The name of the admin who ran the job on Druva Console. |
jobId | integer | The job's identifier. |
legalHold | string | The legal hold policy that the Druva platform used. |
legalHoldType | string | The category used to classify the legal hold policy. |
startTime | date-time | The timestamp when the download job started. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z. |
status | string | The download job's status, such as successful or unsuccessful. |
totalDataInBytes | integer | The total amount of data for the eDiscovery job. |
totalFiles | integer | The total number of files that Druva platform looked at in the eDiscovery job. |
filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains data on 100 download jobs per page - Only includes jobs that were successful |
lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Global custodian report
This report provides information on the list of custodians who were put under legal hold.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgGlobalCustodianReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgGlobalCustodianReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "legalHoldType",
"value": "Information Security",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgGlobalCustodianReport
as the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"addedOn": "2024-05-09T04:25:51.000Z",
"additionalDataCollection": null,
"backupData(MB)": "15.81",
"collectedData(MB)": "-",
"createdOn": "2024-05-09T04:25:51.000Z",
"custodian": "QAAutomation 3",
"customAttributeName": "100041_custom_attr",
"customAttributeValue": "10000069",
"dataSource": "OneDrive",
"email": "[email protected]",
"lastCompletedBackup": "2024-07-03T10:28:29.000Z",
"lastCompletedCollection": null,
"legalHold": "last_collected_policy",
"legalHoldType": "Information Security",
"systemStateData(MB)": "0.00",
"totalBackupData(MB)": "30.21",
"totalCollectedData(MB)": "-",
"totalSystemStateData(MB)": "0.00",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "legalHoldType",
"value": "Information Security",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T08:54:11Z",
"nextPageToken": "MmZhOTBlMGUtMjBhMi00YWEwLWIwNzgtOTMxNzJlM2Y4NGU0"
}
Field | Type | Description |
---|---|---|
data | array of objects | The list of custodians who were put under legal hold. |
addedOn | date-time | The UTC timestamp when this custodian was added to a legal hold. |
additionalDataCollection | string | Whether additional data collection is enabled or disabled. This field's value is null if additional data collection is not configured for this custodian. |
backupData(MB) | string | The size of the data backed up in the last successful backup job for this custodian in mega bytes. |
collectedData(MB) | string | The amount of data collected for this custodian during the last additional data collection in megabytes. |
createdOn | date-time | The UTC timestamp when the custodian account was created. |
custodian | string | The custodian's name. |
customAttributeName | string | The custom attribute assigned to this user. |
customAttributeValue | string | The value of the custom attribute assigned to this custodian. |
dataSource | string | The data source that is under legal hold for this custodian. |
string | The custodian's email address. | |
lastCompletedBackup | date-time | The UTC timestamp of the last successful backup. |
lastCompletedCollection | date-time | The UTC timestamp of the last successful additional data collection. |
legalHold | string | The legal hold policy's name that is attached to this custodian. |
legalHoldType | string | The legal hold policy's type. |
systemStateData(MB) | string | The amount of system and app settings data backed up for this custodian during the last successful backup in megabytes. |
totalBackupData(MB) | string | The amount of data backed up for the custodian, including the data backed up for system and app settings in megabytes. |
totalCollectedData(MB) | string | The total amount of data collected for this custodian in megabytes. |
totalSystemStateData(MB) | string | The total amount of system and app settings data backed up for this custodian in megabytes. |
isDeleted | integer | Whether this custodian is deleted or not. 1 means yes, 0 means no. |
filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains data on 100 custodians per page - Only includes custodians for whom legalHoldType is 'Information Security'.- Only includes custodians that were NOT deleted ( isDeleted set to 0 ) |
lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Non compliant file report
This report displays a consolidated view of the files that caused compliance violations with respect to the company's policies.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgNonCompliantFileReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgNonCompliantFileReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKEyGoesHeRe' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "dataSource",
"value": "Google Drive",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgNonCompliantFileReport
as the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"additionalComments": null,
"dataSource": "Google Drive",
"email": "[email protected]",
"fileModifiedOn": "2024-06-04T09:35:50.000Z",
"fileName": "09_ms_office_ppt.pptx",
"filePath": "/Documents/09_ms_office_ppt.pptx",
"fileType": "MS Office Documents",
"pendingActions": "-",
"policyViolation": "OFFICE new",
"resolutionDetails": "Quarantined",
"resolvedOn": "2024-06-20 08:50:27",
"sensitiveDataFound": "all star",
"severity": "Critical",
"userComments": null,
"userName": "John Doe",
"userResolution": "-",
"violationReportedOn": "2024-06-20T07:30:43.000Z",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "dataSource",
"value": "Google Drive",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T09:09:20Z",
"nextPageToken": "ZTcxNjdmMjItZDc3YS00OTU3LTk3MjktZjJmY2M0ZDUxNTY3"
}
Field | Type | Description |
---|---|---|
data | array of objects | The list of files that violate compliance guidelines. |
additionalComments | string | The additional information about the violation. |
dataSource | string | Data source on which the file resides. For example, Google Drive. |
string | The user's email ID whose file violated compliance requirements. | |
fileModifiedOn | date-time | The UTC timestamp when the file was last modified. |
filePath | string | The file path from the specified endpoint. |
fileType | string | The file's type. |
pendingActions | string | The non-Compliant files on which no action is taken. |
policyViolation | string | The policy's name that this file violates. |
resolutionDetails | string | The details of the resolution of the file violation. For example, Quarantined or marked as Acceptable Risk. |
resolvedOn | date-time | The UTC timestamp when the file violation was resolved. |
sensitiveDataFound | string | The type of sensitive data that is found in the file. |
severity | string | The violation's severity. |
userComments | string | The comments on the violation. |
userName | string | The user's name whose data violates the compliance requirements. |
userResolution | string | The details on the actions taken to resolve the compliance violation. |
violationReportedOn | date-time | The UTC timestamp when Druva finds the violation in the file. |
isDeleted | integer | Whether the violation is deleted or not. 1 means yes. 0 means no. |
filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains 100 violations per page - Only includes files that are stored on Google Drive - Only includes file violations that were NOT deleted ( isDeleted set to 0 ) |
lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Archived non compliant report
This report displays a consolidated view of the archived file violations.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgArchivedNonCompliantFileReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgArchivedNonCompliantFileReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "userName",
"value": "John Doe",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgArchivedNonCompliantFileReport
as the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"additionalComments": "This file was auto archived by violation management policy.",
"archivedOn": "2024-04-12T12:37:34.000Z",
"dataSource": "OneDrive",
"email": "[email protected]",
"fileExtension": "XLSX",
"fileModifiedOn": "2024-03-12T05:16:39.000Z",
"fileName": "Excel_native_reports.xlsx",
"filePath": "/Documents/subfolder1/Excel_native_reports.xlsx",
"fileType": "MS Office Documents",
"policyViolation": "office",
"resolutionDetails": "Auto Archived by Violation Management Settings",
"sensitiveDataFound": "01SD_allstar",
"severity": "Critical",
"userName": "John Doe",
"violationReportedOn": "2024-03-12T05:47:02.000Z",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "userName",
"value": "John Doe",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T08:59:39Z",
"nextPageToken": "NWQzMjkzYWEtY2ViMy00Y2QyLWE5YTEtNWYzMmE5MmRmN2Y3"
}
Field | Type | Description |
---|---|---|
data | array of objects | The list of compliance violations that were archived. |
additionalComments | string | Additional information about the violation. |
archivedOn | date-time | The UTC timestamp when the file violation was archived. |
dataSource | string | The name of the data source where the file resides. |
string | The email ID of the user whose file caused compliance violation. | |
fileExtension | string | The file's extension that caused the compliance violation. |
fileModifiedOn | date-time | The UTC timestamp when the file was last modified. |
fileName | string | The file's name. |
filePath | string | The file's location on the endpoint. |
fileType | string | The file's type. |
policyViolation | string | The policy's name that this file violates. |
resolutionDetails | string | The resolution of the file violation. For example, Auto Resolved or marked as Acceptable Risk. |
sensitiveDataFound | string | The type of sensitive data that is found in the file. |
severity | string | The violation's severity. |
userName | string | The name of the user whose file violated the compliance requirements. |
violationReportedOn | date-time | The timestamp when the violation was reported. |
isDeleted | integer | Whether the archived violation is deleted or not. 1 means yes. 0 means no. |
filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains 100 archived violations per page - Only includes violations that were reported for the user whose userName is 'John Doe'.- Only includes archived violations that were NOT deleted ( isDeleted set to 0 ) |
lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Non compliant email report
This report displays a consolidated view of emails that caused violations of the company's compliance policies.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgNonCompliantEmailReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgNonCompliantEmailReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data-raw '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "from",
"value": "[email protected]",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgNonCompliantEmailReport
as the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"additionalComments": null,
"email": "[email protected]",
"emailPath": "June 3 folder 1",
"emailSentReceivedTime": "2019-06-03T06:37:08.000Z",
"from": "[email protected]",
"pendingActions": "Pending on user",
"policyViolation": "new policy by cloud admin",
"resolutionDetails": "-",
"resolvedOn": "-",
"sensitiveDataFound": "Confidential Document Markers",
"severity": "Critical",
"subject": "june 3 meeting update",
"to": "[email protected],[email protected]",
"userComments": null,
"userName": "John Doe",
"userResolution": "-",
"violationReportedOn": "2024-06-12T04:10:33.000Z",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "from",
"value": "[email protected]",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T09:19:07Z",
"nextPageToken": "NWQzMjkzYWEtY2ViMy00Y2QyLWE5YTEtNWYzMmE5MmRmN2Y3"
}
Field | Type | Description |
---|---|---|
data | array of objects | The list of emails that caused compliance violations. |
additionalComments | string | Additional information about the violation. |
string | The email ID of the user whose email caused compliance violation. | |
emailPath | string | The location where this email is stored. |
emailSentReceivedTime | date-time | The UTC timestamp when the email was sent or received. |
from | string | The sender's email address. |
pendingActions | string | Non-compliant emails on which no action is taken. |
policyViolation | string | The compliance policy's name that this email violates. |
resolutionDetails | string | The resolution of the email violation. For example, Auto Resolved or marked as Acceptable Risk. |
resolvedOn | date-time | The UTC timestamp when the violation was resolved. |
sensitiveDataFound | string | The type of sensitive data that is found in the email. |
severity | string | The violation's severity. |
subject | string | The subject of the email. |
to | string | Receiver's email address. |
userComments | string | The user's comments about the violation. |
userName | string | The user whose email caused the compliance violation. |
userResolution | string | The details of the action that the user took on the non-compliant email. |
violationReportedOn | date-time | The timestamp when the violation was reported. |
isDeleted | integer | Whether the violation is deleted or not. 1 means yes. 0 means no. |
filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains 100 archived violations per page - Only includes emails that were from [email protected] .- Only includes email violations that were NOT deleted ( isDeleted set to 0 ) |
lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Archived non-compliant email report
This report displays a consolidated view of archived email violations.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgArchivedNonCompliantEmailReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgArchivedNonCompliantEmailReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "policyViolation",
"value": "Gmail policy",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgArchivedNonCompliantEmailReport
as the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"additionalComments": "This email was auto archived by violation management policy.",
"archivedOn": "2024-06-18 15:38:43",
"email": "[email protected]",
"emailPath": "22 june email",
"emailSentReceivedTime": "2024-06-05T05:25:15.000Z",
"from": "[email protected]",
"policyViolation": "Gmail policy",
"resolutionDetails": "Auto Archived by Violation Management Settings",
"sensitiveDataFound": "01SD_allstar",
"severity": "Critical",
"subject": "minutes of meeting 22 june",
"to": "[email protected]",
"userName": "John Doe",
"violationReportedOn": "2024-06-11T04:00:44.000Z",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "policyViolation",
"value": "Gmail policy",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-06-18T16:21:30Z",
"nextPageToken": "NGQ5MDAzZjQtYTNjYi00NmI2LTk3NzgtMzk0NTExMTU0MDc4"
}
Field | Type | Description |
---|---|---|
data | array of objects | The list of compliance violations that were archived. |
additionalComments | string | Additional information about the violation. |
archivedOn | date-time | The UTC timestamp when the violation was archived. |
string | The email ID of the user whose email caused compliance violation. | |
emailPath | string | The location where this email is stored. |
emailSentReceivedTime | date-time | The UTC timestamp when the email was sent or received. |
from | string | The sender's email address. |
policyViolation | string | The policy's name that this email violates. |
resolutionDetails | string | The resolution of the violation. For example, Auto Resolved or marked as Acceptable Risk. |
sensitiveDataFound | string | The type of sensitive data that is found in the email. |
severity | string | The violation's severity. |
subject | string | The subject of the email. |
to | string | The receiver's email address. |
userName | string | The user whose email caused the violation. |
violationReportedOn | date-time | The timestamp when the violation was reported. |
isDeleted | integer | Whether the archived violation is deleted or not. 1 means yes. 0 means no. |
filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains 100 archived violations per page - Only includes violations where policyViolation is 'Gmail Policy'.- Only includes email violations that were NOT deleted ( isDeleted set to 0 ) |
lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Defensible delete for files report
This report displays a consolidated view of the defensible deletes that admins ran to remove user files.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgDefensibleDeleteForFilesReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgDefensibleDeleteForFilesReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "adminName",
"value": "Ernie Carter",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgDefensibleDeleteForFilesReport
as the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"actionTaken": "Deleted from Source & Snapshot",
"actionTakenOn": "2024-03-12T06:49:35.000Z",
"adminEmail": "[email protected]",
"adminName": "Ernie Carter",
"dataSource": "OneDrive",
"deletedFromSnapshot": "Success",
"deletedFromSource": "Success",
"feature": "Sensitive Data Governance",
"filePath": "Documents/Deleted Files - 240305052546691.csv",
"modificationTime": "2024-03-12T05:15:29.000Z",
"size": 16285,
"userEmail": "[email protected]",
"userName": "John Doe",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "adminName",
"value": "Ernie Carter",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T09:39:27Z",
"nextPageToken": "NGQ5MDAzZjQtYTNjYi00NmI2LTk3NzgtMzk0NTExMTU0MDc4"
}
Field | Type | Description |
---|---|---|
data | array of objects | List of defensible delete jobs. |
actionTakenOn | date-time | The UTC timestamp when the admin ran the defensible delete job. |
adminEmail | string | The administrator's email ID who ran the defensible delete job. |
adminName | string | The administrator's name. |
dataSource | string | The data source (a device or a SaaS app such as OneDrive in this example.) |
deletedFromSnapshot | string | Indicates whether the file was successfully deleted from the snapshot. Its value can be either Success, Processing, or Failure. |
deletedFromSource | string | Indicates whether the file was successfully deleted from source. Its value can be either Success, Processing, or Failure. |
feature | string | The Druva functionality that was used to run this job. This can be either Sensitive Data Governance or Federated Search. |
filePath | string | The file's location. |
modificationTime | date-time | The last time when the file was modified. |
size | integer | The total size of the file in KBs. |
userEmail | string | The user's email who owns this file. |
userName | string | The user's name who owns this file. |
isDeleted | integer | Whether this job is deleted or not. 1 means yes. 0 means no. |
filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains a list of 100 defensible delete jobs per page. - Only includes the list of jobs where adminName is 'Ernie Carter'.- Only includes jobs that were NOT deleted ( isDeleted set to 0 ) |
lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Defensible delete for emails report
This report displays a consolidated view of the deleted emails.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgDefensibleDeleteForEmailsReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgDefensibleDeleteForEmailsReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "feature",
"value": "Federated Search",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgDefensibleDeleteForEmailsReport
as the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"actionTaken": "Deleted from Source & Snapshot",
"actionTakenOn": "2024-06-07T09:52:43.000Z",
"adminEmail": "[email protected]",
"adminName": "Ernie Carter",
"attachmentName": "Screenshot 2020-01-29 at 3.58.09 PM.png",
"attachmentSize": "52650",
"bcc": "[email protected]",
"cc": "[email protected]",
"dataSource": "Exchange Online",
"deletedFromSnapshot": "Processing",
"deletedFromSource": "Processing",
"displayPath": "Alert from Druva inSync. Restore Status - यूज़र१.eml",
"email": "[email protected]",
"feature": "Federated Search",
"from": "[email protected]",
"sendReceiveTime": "2017-04-18T08:48:48.000Z",
"subject": "Alert from Druva inSync",
"to": "[email protected]",
"userName": "John Doe",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "feature",
"value": "Federated Search",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T09:44:46Z",
"nextPageToken": "NGQ5MDAzZjQtYTNjYi00NmI2LTk3NzgtMzk0NTExMTU0MDc4"
}
Field | Type | Description |
---|---|---|
data | array of objects | List of defensible delete jobs. |
actionTakenOn | date-time | The UTC timestamp when the admin ran the defensible delete job. |
adminEmail | string | The administrator's email ID who ran the defensible delete job. |
adminName | string | The administrator's name. |
attachmentName | string | The file that was attached to this email. |
attachmentSize | string | The total size of the file in KBs. |
bcc | string | The email address(es) in the BCC field. |
cc | string | The email address(es) in the CC field. |
dataSource | string | The data source ('Exchange Online' in this example.) |
deletedFromSnapshot | string | Indicates whether the file was successfully deleted from the snapshot. Its value can be either Success, Processing, or Failure. |
deletedFromSource | string | Indicates whether the file was successfully deleted from source. Its value can be either Success, Processing, or Failure. |
displayPath | string | The email's location. |
feature | string | The Druva functionality that was used to run this job. This can be either Sensitive Data Governance or Federated Search. |
from | string | Sender's email address. |
sendReceiveTime | date-time | The UTC time when the email was sent or was received. |
subject | string | The email's subject |
to | string | The receiver's email address. |
isDeleted | integer | Whether this job is deleted or not. 1 means yes. 0 means no. |
filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains a list of 100 defensible delete jobs per page. - Only includes the list of jobs where feature is 'Federated Search'.- Only includes jobs that were NOT deleted ( isDeleted set to 0 ) |
lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Updated about 2 months ago