Get data governance reports
The reports that provide information on data governance jobs such as non-compliant files, eDiscovery downloads, defensible deletes etc.
eDiscovery download jobs report
This report provides information on eDiscovery download jobs based on the specified filters.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgeDiscoveryDownloadJobsReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgeDiscoveryDownloadJobsReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "status",
"value": "Successful",
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgeDiscoveryDownloadJobsReportas the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"custodian": "John Doe",
"custodianEmail": "[email protected]",
"dataDownloadedInBytes": 37908078,
"dataSource": "Exchange Online",
"dataType": "Data and Metadata",
"downloadClient": "client1_PF_123",
"downloadLocation": "E:\\Download",
"endTime": "2024-02-12T09:32:32.000Z",
"error": "-",
"fileTypes": "Zip",
"filesCheckedForDataIntegrity": "NA",
"filesDownloaded": 35,
"jobCreatedBy": "Elite CAonly",
"jobId": 2,
"legalHold": "LH policy",
"legalHoldType": "Human Resources",
"startTime": "2024-02-12T09:21:41.000Z",
"status": "Successful",
"totalDataInBytes": "37908078",
"totalFiles": "35"
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "status",
"value": "Successful",
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T08:34:03Z",
"nextPageToken": "NWQzMjkzYWEtY2ViMy00Y2QyLWE5YTEtNWYzMmE5MmRmN2Y3"
}
| Field | Type | Description |
|---|---|---|
| data | array of objects | The collection of eDiscovery download jobs. |
| custodian | string | The details of the custodian who is under legal hold. |
| custodianEmail | string | The custodian's email address. |
| dataDownloadedInBytes | integer | The amount of data that was downloaded. |
| dataSource | string | The source from where the client downloaded the data. |
| dataType | string | The data type that was download. |
| downloadClient | string | The inSync client's name that ran the download. |
| downloadLocation | string | The location on the computer where the client stored the downloaded data. |
| endTime | date-time | The timestamp when the download job ended. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z. |
| error | string | The errors that the download job ran into. |
| fileTypes | string | The file type of the downloaded data. |
| filesCheckedForDataIntegrity | string | The list of files that eDiscovery job checked for data integrity. |
| filesDownloaded | integer | The number of files included in the download. |
| jobCreatedBy | string | The name of the admin who ran the job on Druva Console. |
| jobId | integer | The job's identifier. |
| legalHold | string | The legal hold policy that the Druva platform used. |
| legalHoldType | string | The category used to classify the legal hold policy. |
| startTime | date-time | The timestamp when the download job started. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z. |
| status | string | The download job's status, such as successful or unsuccessful. |
| totalDataInBytes | integer | The total amount of data for the eDiscovery job. |
| totalFiles | integer | The total number of files that Druva platform looked at in the eDiscovery job. |
| filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains data on 100 download jobs per page - Only includes jobs that were successful |
| lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
| nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Global custodian report
This report provides information on the list of custodians who were put under legal hold.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgGlobalCustodianReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgGlobalCustodianReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "legalHoldType",
"value": "Information Security",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgGlobalCustodianReportas the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"addedOn": "2024-05-09T04:25:51.000Z",
"additionalDataCollection": null,
"backupData(MB)": "15.81",
"collectedData(MB)": "-",
"createdOn": "2024-05-09T04:25:51.000Z",
"custodian": "QAAutomation 3",
"customAttributeName": "100041_custom_attr",
"customAttributeValue": "10000069",
"dataSource": "OneDrive",
"email": "[email protected]",
"lastCompletedBackup": "2024-07-03T10:28:29.000Z",
"lastCompletedCollection": null,
"legalHold": "last_collected_policy",
"legalHoldType": "Information Security",
"systemStateData(MB)": "0.00",
"totalBackupData(MB)": "30.21",
"totalCollectedData(MB)": "-",
"totalSystemStateData(MB)": "0.00",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "legalHoldType",
"value": "Information Security",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T08:54:11Z",
"nextPageToken": "MmZhOTBlMGUtMjBhMi00YWEwLWIwNzgtOTMxNzJlM2Y4NGU0"
}
| Field | Type | Description |
|---|---|---|
| data | array of objects | The list of custodians who were put under legal hold. |
| addedOn | date-time | The UTC timestamp when this custodian was added to a legal hold. |
| additionalDataCollection | string | Whether additional data collection is enabled or disabled. This field's value is null if additional data collection is not configured for this custodian. |
| backupData(MB) | string | The size of the data backed up in the last successful backup job for this custodian in mega bytes. |
| collectedData(MB) | string | The amount of data collected for this custodian during the last additional data collection in megabytes. |
| createdOn | date-time | The UTC timestamp when the custodian account was created. |
| custodian | string | The custodian's name. |
| customAttributeName | string | The custom attribute assigned to this user. |
| customAttributeValue | string | The value of the custom attribute assigned to this custodian. |
| dataSource | string | The data source that is under legal hold for this custodian. |
| string | The custodian's email address. | |
| lastCompletedBackup | date-time | The UTC timestamp of the last successful backup. |
| lastCompletedCollection | date-time | The UTC timestamp of the last successful additional data collection. |
| legalHold | string | The legal hold policy's name that is attached to this custodian. |
| legalHoldType | string | The legal hold policy's type. |
| systemStateData(MB) | string | The amount of system and app settings data backed up for this custodian during the last successful backup in megabytes. |
| totalBackupData(MB) | string | The amount of data backed up for the custodian, including the data backed up for system and app settings in megabytes. |
| totalCollectedData(MB) | string | The total amount of data collected for this custodian in megabytes. |
| totalSystemStateData(MB) | string | The total amount of system and app settings data backed up for this custodian in megabytes. |
| isDeleted | integer | Whether this custodian is deleted or not. 1 means yes, 0 means no. |
| filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains data on 100 custodians per page - Only includes custodians for whom legalHoldType is 'Information Security'.- Only includes custodians that were NOT deleted ( isDeleted set to 0) |
| lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
| nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Non compliant file report
This report displays a consolidated view of the files that caused compliance violations with respect to the company's policies.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgNonCompliantFileReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgNonCompliantFileReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKEyGoesHeRe' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "dataSource",
"value": "Google Drive",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgNonCompliantFileReportas the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"additionalComments": null,
"dataSource": "Google Drive",
"email": "[email protected]",
"fileModifiedOn": "2024-06-04T09:35:50.000Z",
"fileName": "09_ms_office_ppt.pptx",
"filePath": "/Documents/09_ms_office_ppt.pptx",
"fileType": "MS Office Documents",
"pendingActions": "-",
"policyViolation": "OFFICE new",
"resolutionDetails": "Quarantined",
"resolvedOn": "2024-06-20 08:50:27",
"sensitiveDataFound": "all star",
"severity": "Critical",
"userComments": null,
"userName": "John Doe",
"userResolution": "-",
"violationReportedOn": "2024-06-20T07:30:43.000Z",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "dataSource",
"value": "Google Drive",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T09:09:20Z",
"nextPageToken": "ZTcxNjdmMjItZDc3YS00OTU3LTk3MjktZjJmY2M0ZDUxNTY3"
}
| Field | Type | Description |
|---|---|---|
| data | array of objects | The list of files that violate compliance guidelines. |
| additionalComments | string | The additional information about the violation. |
| dataSource | string | Data source on which the file resides. For example, Google Drive. |
| string | The user's email ID whose file violated compliance requirements. | |
| fileModifiedOn | date-time | The UTC timestamp when the file was last modified. |
| filePath | string | The file path from the specified endpoint. |
| fileType | string | The file's type. |
| pendingActions | string | The non-Compliant files on which no action is taken. |
| policyViolation | string | The policy's name that this file violates. |
| resolutionDetails | string | The details of the resolution of the file violation. For example, Quarantined or marked as Acceptable Risk. |
| resolvedOn | date-time | The UTC timestamp when the file violation was resolved. |
| sensitiveDataFound | string | The type of sensitive data that is found in the file. |
| severity | string | The violation's severity. |
| userComments | string | The comments on the violation. |
| userName | string | The user's name whose data violates the compliance requirements. |
| userResolution | string | The details on the actions taken to resolve the compliance violation. |
| violationReportedOn | date-time | The UTC timestamp when Druva finds the violation in the file. |
| isDeleted | integer | Whether the violation is deleted or not. 1 means yes. 0 means no. |
| filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains 100 violations per page - Only includes files that are stored on Google Drive - Only includes file violations that were NOT deleted ( isDeleted set to 0) |
| lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
| nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Archived non compliant report
This report displays a consolidated view of the archived file violations.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgArchivedNonCompliantFileReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgArchivedNonCompliantFileReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "userName",
"value": "John Doe",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgArchivedNonCompliantFileReportas the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"additionalComments": "This file was auto archived by violation management policy.",
"archivedOn": "2024-04-12T12:37:34.000Z",
"dataSource": "OneDrive",
"email": "[email protected]",
"fileExtension": "XLSX",
"fileModifiedOn": "2024-03-12T05:16:39.000Z",
"fileName": "Excel_native_reports.xlsx",
"filePath": "/Documents/subfolder1/Excel_native_reports.xlsx",
"fileType": "MS Office Documents",
"policyViolation": "office",
"resolutionDetails": "Auto Archived by Violation Management Settings",
"sensitiveDataFound": "01SD_allstar",
"severity": "Critical",
"userName": "John Doe",
"violationReportedOn": "2024-03-12T05:47:02.000Z",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "userName",
"value": "John Doe",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T08:59:39Z",
"nextPageToken": "NWQzMjkzYWEtY2ViMy00Y2QyLWE5YTEtNWYzMmE5MmRmN2Y3"
}
| Field | Type | Description |
|---|---|---|
| data | array of objects | The list of compliance violations that were archived. |
| additionalComments | string | Additional information about the violation. |
| archivedOn | date-time | The UTC timestamp when the file violation was archived. |
| dataSource | string | The name of the data source where the file resides. |
| string | The email ID of the user whose file caused compliance violation. | |
| fileExtension | string | The file's extension that caused the compliance violation. |
| fileModifiedOn | date-time | The UTC timestamp when the file was last modified. |
| fileName | string | The file's name. |
| filePath | string | The file's location on the endpoint. |
| fileType | string | The file's type. |
| policyViolation | string | The policy's name that this file violates. |
| resolutionDetails | string | The resolution of the file violation. For example, Auto Resolved or marked as Acceptable Risk. |
| sensitiveDataFound | string | The type of sensitive data that is found in the file. |
| severity | string | The violation's severity. |
| userName | string | The name of the user whose file violated the compliance requirements. |
| violationReportedOn | date-time | The timestamp when the violation was reported. |
| isDeleted | integer | Whether the archived violation is deleted or not. 1 means yes. 0 means no. |
| filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains 100 archived violations per page - Only includes violations that were reported for the user whose userName is 'John Doe'.- Only includes archived violations that were NOT deleted ( isDeleted set to 0) |
| lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
| nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Non compliant email report
This report displays a consolidated view of emails that caused violations of the company's compliance policies.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgNonCompliantEmailReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgNonCompliantEmailReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data-raw '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "from",
"value": "[email protected]",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgNonCompliantEmailReportas the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"additionalComments": null,
"email": "[email protected]",
"emailPath": "June 3 folder 1",
"emailSentReceivedTime": "2019-06-03T06:37:08.000Z",
"from": "[email protected]",
"pendingActions": "Pending on user",
"policyViolation": "new policy by cloud admin",
"resolutionDetails": "-",
"resolvedOn": "-",
"sensitiveDataFound": "Confidential Document Markers",
"severity": "Critical",
"subject": "june 3 meeting update",
"to": "[email protected],[email protected]",
"userComments": null,
"userName": "John Doe",
"userResolution": "-",
"violationReportedOn": "2024-06-12T04:10:33.000Z",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "from",
"value": "[email protected]",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T09:19:07Z",
"nextPageToken": "NWQzMjkzYWEtY2ViMy00Y2QyLWE5YTEtNWYzMmE5MmRmN2Y3"
}
| Field | Type | Description |
|---|---|---|
| data | array of objects | The list of emails that caused compliance violations. |
| additionalComments | string | Additional information about the violation. |
| string | The email ID of the user whose email caused compliance violation. | |
| emailPath | string | The location where this email is stored. |
| emailSentReceivedTime | date-time | The UTC timestamp when the email was sent or received. |
| from | string | The sender's email address. |
| pendingActions | string | Non-compliant emails on which no action is taken. |
| policyViolation | string | The compliance policy's name that this email violates. |
| resolutionDetails | string | The resolution of the email violation. For example, Auto Resolved or marked as Acceptable Risk. |
| resolvedOn | date-time | The UTC timestamp when the violation was resolved. |
| sensitiveDataFound | string | The type of sensitive data that is found in the email. |
| severity | string | The violation's severity. |
| subject | string | The subject of the email. |
| to | string | Receiver's email address. |
| userComments | string | The user's comments about the violation. |
| userName | string | The user whose email caused the compliance violation. |
| userResolution | string | The details of the action that the user took on the non-compliant email. |
| violationReportedOn | date-time | The timestamp when the violation was reported. |
| isDeleted | integer | Whether the violation is deleted or not. 1 means yes. 0 means no. |
| filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains 100 archived violations per page - Only includes emails that were from [email protected].- Only includes email violations that were NOT deleted ( isDeleted set to 0) |
| lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
| nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Archived non-compliant email report
This report displays a consolidated view of archived email violations.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgArchivedNonCompliantEmailReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgArchivedNonCompliantEmailReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "policyViolation",
"value": "Gmail policy",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgArchivedNonCompliantEmailReportas the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"additionalComments": "This email was auto archived by violation management policy.",
"archivedOn": "2024-06-18 15:38:43",
"email": "[email protected]",
"emailPath": "22 june email",
"emailSentReceivedTime": "2024-06-05T05:25:15.000Z",
"from": "[email protected]",
"policyViolation": "Gmail policy",
"resolutionDetails": "Auto Archived by Violation Management Settings",
"sensitiveDataFound": "01SD_allstar",
"severity": "Critical",
"subject": "minutes of meeting 22 june",
"to": "[email protected]",
"userName": "John Doe",
"violationReportedOn": "2024-06-11T04:00:44.000Z",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "policyViolation",
"value": "Gmail policy",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-06-18T16:21:30Z",
"nextPageToken": "NGQ5MDAzZjQtYTNjYi00NmI2LTk3NzgtMzk0NTExMTU0MDc4"
}
| Field | Type | Description |
|---|---|---|
| data | array of objects | The list of compliance violations that were archived. |
| additionalComments | string | Additional information about the violation. |
| archivedOn | date-time | The UTC timestamp when the violation was archived. |
| string | The email ID of the user whose email caused compliance violation. | |
| emailPath | string | The location where this email is stored. |
| emailSentReceivedTime | date-time | The UTC timestamp when the email was sent or received. |
| from | string | The sender's email address. |
| policyViolation | string | The policy's name that this email violates. |
| resolutionDetails | string | The resolution of the violation. For example, Auto Resolved or marked as Acceptable Risk. |
| sensitiveDataFound | string | The type of sensitive data that is found in the email. |
| severity | string | The violation's severity. |
| subject | string | The subject of the email. |
| to | string | The receiver's email address. |
| userName | string | The user whose email caused the violation. |
| violationReportedOn | date-time | The timestamp when the violation was reported. |
| isDeleted | integer | Whether the archived violation is deleted or not. 1 means yes. 0 means no. |
| filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains 100 archived violations per page - Only includes violations where policyViolation is 'Gmail Policy'.- Only includes email violations that were NOT deleted ( isDeleted set to 0) |
| lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
| nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Defensible delete for files report
This report displays a consolidated view of the defensible deletes that admins ran to remove user files.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgDefensibleDeleteForFilesReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgDefensibleDeleteForFilesReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "adminName",
"value": "Ernie Carter",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgDefensibleDeleteForFilesReportas the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"actionTaken": "Deleted from Source & Snapshot",
"actionTakenOn": "2024-03-12T06:49:35.000Z",
"adminEmail": "[email protected]",
"adminName": "Ernie Carter",
"dataSource": "OneDrive",
"deletedFromSnapshot": "Success",
"deletedFromSource": "Success",
"feature": "Sensitive Data Governance",
"filePath": "Documents/Deleted Files - 240305052546691.csv",
"modificationTime": "2024-03-12T05:15:29.000Z",
"size": 16285,
"userEmail": "[email protected]",
"userName": "John Doe",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "adminName",
"value": "Ernie Carter",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T09:39:27Z",
"nextPageToken": "NGQ5MDAzZjQtYTNjYi00NmI2LTk3NzgtMzk0NTExMTU0MDc4"
}
| Field | Type | Description |
|---|---|---|
| data | array of objects | List of defensible delete jobs. |
| actionTakenOn | date-time | The UTC timestamp when the admin ran the defensible delete job. |
| adminEmail | string | The administrator's email ID who ran the defensible delete job. |
| adminName | string | The administrator's name. |
| dataSource | string | The data source (a device or a SaaS app such as OneDrive in this example.) |
| deletedFromSnapshot | string | Indicates whether the file was successfully deleted from the snapshot. Its value can be either Success, Processing, or Failure. |
| deletedFromSource | string | Indicates whether the file was successfully deleted from source. Its value can be either Success, Processing, or Failure. |
| feature | string | The Druva functionality that was used to run this job. This can be either Sensitive Data Governance or Federated Search. |
| filePath | string | The file's location. |
| modificationTime | date-time | The last time when the file was modified. |
| size | integer | The total size of the file in KBs. |
| userEmail | string | The user's email who owns this file. |
| userName | string | The user's name who owns this file. |
| isDeleted | integer | Whether this job is deleted or not. 1 means yes. 0 means no. |
| filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains a list of 100 defensible delete jobs per page. - Only includes the list of jobs where adminName is 'Ernie Carter'.- Only includes jobs that were NOT deleted ( isDeleted set to 0) |
| lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
| nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Defensible delete for emails report
This report displays a consolidated view of the deleted emails.
URL
https://apis.druva.com/platform/reporting/v1/reports/dgDefensibleDeleteForEmailsReport
Request type
HTTP POST
Sample cURL request
curl --location 'https://apis.druva.com/platform/reporting/v1/reports/dgDefensibleDeleteForEmailsReport' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ApiKeyGoesHere' \
--data '
{ "filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "feature",
"value": "Federated Search",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"pageToken": ""
}'
To try this API endpoint, see Reports API reference.
Note
On the API reference page, select
dgDefensibleDeleteForEmailsReportas the report ID under path params to test this endpoint.
Sample HTTP 200 response
{
"data": [
{
"actionTaken": "Deleted from Source & Snapshot",
"actionTakenOn": "2024-06-07T09:52:43.000Z",
"adminEmail": "[email protected]",
"adminName": "Ernie Carter",
"attachmentName": "Screenshot 2020-01-29 at 3.58.09 PM.png",
"attachmentSize": "52650",
"bcc": "[email protected]",
"cc": "[email protected]",
"dataSource": "Exchange Online",
"deletedFromSnapshot": "Processing",
"deletedFromSource": "Processing",
"displayPath": "Alert from Druva inSync. Restore Status - यूज़र१.eml",
"email": "[email protected]",
"feature": "Federated Search",
"from": "[email protected]",
"sendReceiveTime": "2017-04-18T08:48:48.000Z",
"subject": "Alert from Druva inSync",
"to": "[email protected]",
"userName": "John Doe",
"isDeleted": 0
}
],
"filters": {
"pageSize": 100,
"filterBy": [
{
"fieldName": "feature",
"value": "Federated Search",
"operator": "EQUAL"
},
{
"fieldName": "isDeleted",
"value": 0,
"operator": "EQUAL"
}
]
},
"lastSyncTimestamp": "2024-07-04T09:44:46Z",
"nextPageToken": "NGQ5MDAzZjQtYTNjYi00NmI2LTk3NzgtMzk0NTExMTU0MDc4"
}
| Field | Type | Description |
|---|---|---|
| data | array of objects | List of defensible delete jobs. |
| actionTakenOn | date-time | The UTC timestamp when the admin ran the defensible delete job. |
| adminEmail | string | The administrator's email ID who ran the defensible delete job. |
| adminName | string | The administrator's name. |
| attachmentName | string | The file that was attached to this email. |
| attachmentSize | string | The total size of the file in KBs. |
| bcc | string | The email address(es) in the BCC field. |
| cc | string | The email address(es) in the CC field. |
| dataSource | string | The data source ('Exchange Online' in this example.) |
| deletedFromSnapshot | string | Indicates whether the file was successfully deleted from the snapshot. Its value can be either Success, Processing, or Failure. |
| deletedFromSource | string | Indicates whether the file was successfully deleted from source. Its value can be either Success, Processing, or Failure. |
| displayPath | string | The email's location. |
| feature | string | The Druva functionality that was used to run this job. This can be either Sensitive Data Governance or Federated Search. |
| from | string | Sender's email address. |
| sendReceiveTime | date-time | The UTC time when the email was sent or was received. |
| subject | string | The email's subject |
| to | string | The receiver's email address. |
| isDeleted | integer | Whether this job is deleted or not. 1 means yes. 0 means no. |
| filters | object | The filters from the request payload to optimize the endpoint's response. In this example, the request payload told Druva to return a response that: - Contains a list of 100 defensible delete jobs per page. - Only includes the list of jobs where feature is 'Federated Search'.- Only includes jobs that were NOT deleted ( isDeleted set to 0) |
| lastSyncTimestamp | date-time | Time stamp when the API returns the report. The report includes data that the platform has up until this point. The time is in the UTC time zone. Example - 2019-10-26T00:00:00Z |
| nextPageToken | string | The token to access the next page of results. This parameter will be empty for the last page of the results. This token is valid for 5 minutes. |
Updated 4 days ago