Package com.microsoft.graph.models.security

Class AuditLogQuery

java.lang.Object
com.microsoft.graph.models.Entity
com.microsoft.graph.models.security.AuditLogQuery
All Implemented Interfaces:
com.microsoft.kiota.serialization.AdditionalDataHolder, com.microsoft.kiota.serialization.Parsable, com.microsoft.kiota.store.BackedModel
@Generated("com.microsoft.kiota") public class AuditLogQuery extends Entity implements com.microsoft.kiota.serialization.Parsable

  • Constructor Details

    • AuditLogQuery

      public AuditLogQuery()
      Instantiates a new AuditLogQuery and sets the default values.

  • Method Details

    • createFromDiscriminatorValue

      @Nonnull public static AuditLogQuery createFromDiscriminatorValue(@Nonnull com.microsoft.kiota.serialization.ParseNode parseNode)
      Creates a new instance of the appropriate class based on discriminator value
      Parameters:
      parseNode - The parse node to use to read the discriminator value and create the object
      Returns:
      a AuditLogQuery

    • getAdministrativeUnitIdFilters

      @Nullable public List<String> getAdministrativeUnitIdFilters()
      Gets the administrativeUnitIdFilters property value. The administrative units tagged to an audit log record.
      Returns:
      a List<String>

    • getDisplayName

      @Nullable public String getDisplayName()
      Gets the displayName property value. The display name of the saved audit log query.
      Returns:
      a String

    • getFieldDeserializers

      @Nonnull public Map<String,Consumer<com.microsoft.kiota.serialization.ParseNode>> getFieldDeserializers()
      The deserialization information for the current model
      Specified by:
      getFieldDeserializers in interface com.microsoft.kiota.serialization.Parsable
      Overrides:
      getFieldDeserializers in class Entity
      Returns:
      a Map<String,Consumer<com.microsoft.kiota.serialization.ParseNode>>

    • getFilterEndDateTime

      @Nullable public OffsetDateTime getFilterEndDateTime()
      Gets the filterEndDateTime property value. The end date of the date range in the query.
      Returns:
      a OffsetDateTime

    • getFilterStartDateTime

      @Nullable public OffsetDateTime getFilterStartDateTime()
      Gets the filterStartDateTime property value. The start date of the date range in the query.
      Returns:
      a OffsetDateTime

    • getIpAddressFilters

      @Nullable public List<String> getIpAddressFilters()
      Gets the ipAddressFilters property value. The IP address of the device that was used when the activity was logged.
      Returns:
      a List<String>

    • getKeywordFilter

      @Nullable public String getKeywordFilter()
      Gets the keywordFilter property value. Free text field to search non-indexed properties of the audit log.
      Returns:
      a String

    • getObjectIdFilters

      @Nullable public List<String> getObjectIdFilters()
      Gets the objectIdFilters property value. For SharePoint and OneDrive for Business activity, the full path name of the file or folder accessed by the user. For Exchange admin audit logging, the name of the object that was modified by the cmdlet.
      Returns:
      a List<String>

    • getOperationFilters

      @Nullable public List<String> getOperationFilters()
      Gets the operationFilters property value. The name of the user or admin activity. For a description of the most common operations/activities, see Search the audit log in the Office 365 Protection Center.
      Returns:
      a List<String>

    • getRecords

      @Nullable public List<AuditLogRecord> getRecords()
      Gets the records property value. An individual audit log record.
      Returns:
      a List<AuditLogRecord>

    • getRecordTypeFilters

      @Nullable public List<AuditLogRecordType> getRecordTypeFilters()
      Gets the recordTypeFilters property value. The type of operation indicated by the record. The possible values are: exchangeAdmin, exchangeItem, exchangeItemGroup, sharePoint, syntheticProbe, sharePointFileOperation, oneDrive, azureActiveDirectory, azureActiveDirectoryAccountLogon, dataCenterSecurityCmdlet, complianceDLPSharePoint, sway, complianceDLPExchange, sharePointSharingOperation, azureActiveDirectoryStsLogon, skypeForBusinessPSTNUsage, skypeForBusinessUsersBlocked, securityComplianceCenterEOPCmdlet, exchangeAggregatedOperation, powerBIAudit, crm, yammer, skypeForBusinessCmdlets, discovery, microsoftTeams, threatIntelligence, mailSubmission, microsoftFlow, aeD, microsoftStream, complianceDLPSharePointClassification, threatFinder, project, sharePointListOperation, sharePointCommentOperation, dataGovernance, kaizala, securityComplianceAlerts, threatIntelligenceUrl, securityComplianceInsights, mipLabel, workplaceAnalytics, powerAppsApp, powerAppsPlan, threatIntelligenceAtpContent, labelContentExplorer, teamsHealthcare, exchangeItemAggregated, hygieneEvent, dataInsightsRestApiAudit, informationBarrierPolicyApplication, sharePointListItemOperation, sharePointContentTypeOperation, sharePointFieldOperation, microsoftTeamsAdmin, hrSignal, microsoftTeamsDevice, microsoftTeamsAnalytics, informationWorkerProtection, campaign, dlpEndpoint, airInvestigation, quarantine, microsoftForms, applicationAudit, complianceSupervisionExchange, customerKeyServiceEncryption, officeNative, mipAutoLabelSharePointItem, mipAutoLabelSharePointPolicyLocation, microsoftTeamsShifts, secureScore, mipAutoLabelExchangeItem, cortanaBriefing, search, wdatpAlerts, powerPlatformAdminDlp, powerPlatformAdminEnvironment, mdatpAudit, sensitivityLabelPolicyMatch, sensitivityLabelAction, sensitivityLabeledFileAction, attackSim, airManualInvestigation, securityComplianceRBAC, userTraining, airAdminActionInvestigation, mstic, physicalBadgingSignal, teamsEasyApprovals, aipDiscover, aipSensitivityLabelAction, aipProtectionAction, aipFileDeleted, aipHeartBeat, mcasAlerts, onPremisesFileShareScannerDlp, onPremisesSharePointScannerDlp, exchangeSearch, sharePointSearch, privacyDataMinimization, labelAnalyticsAggregate, myAnalyticsSettings, securityComplianceUserChange, complianceDLPExchangeClassification, complianceDLPEndpoint, mipExactDataMatch, msdeResponseActions, msdeGeneralSettings, msdeIndicatorsSettings, ms365DCustomDetection, msdeRolesSettings, mapgAlerts, mapgPolicy, mapgRemediation, privacyRemediationAction, privacyDigestEmail, mipAutoLabelSimulationProgress, mipAutoLabelSimulationCompletion, mipAutoLabelProgressFeedback, dlpSensitiveInformationType, mipAutoLabelSimulationStatistics, largeContentMetadata, microsoft365Group, cdpMlInferencingResult, filteringMailMetadata, cdpClassificationMailItem, cdpClassificationDocument, officeScriptsRunAction, filteringPostMailDeliveryAction, cdpUnifiedFeedback, tenantAllowBlockList, consumptionResource, healthcareSignal, dlpImportResult, cdpCompliancePolicyExecution, multiStageDisposition, privacyDataMatch, filteringDocMetadata, filteringEmailFeatures, powerBIDlp, filteringUrlInfo, filteringAttachmentInfo, coreReportingSettings, complianceConnector, powerPlatformLockboxResourceAccessRequest, powerPlatformLockboxResourceCommand, cdpPredictiveCodingLabel, cdpCompliancePolicyUserFeedback, webpageActivityEndpoint, omePortal, cmImprovementActionChange, filteringUrlClick, mipLabelAnalyticsAuditRecord, filteringEntityEvent, filteringRuleHits, filteringMailSubmission, labelExplorer, microsoftManagedServicePlatform, powerPlatformServiceActivity, scorePlatformGenericAuditRecord, filteringTimeTravelDocMetadata, alert, alertStatus, alertIncident, incidentStatus, case, caseInvestigation, recordsManagement, privacyRemediation, dataShareOperation, cdpDlpSensitive, ehrConnector, filteringMailGradingResult, publicFolder, privacyTenantAuditHistoryRecord, aipScannerDiscoverEvent, eduDataLakeDownloadOperation, m365ComplianceConnector, microsoftGraphDataConnectOperation, microsoftPurview, filteringEmailContentFeatures, powerPagesSite, powerAppsResource, plannerPlan, plannerCopyPlan, plannerTask, plannerRoster, plannerPlanList, plannerTaskList, plannerTenantSettings, projectForTheWebProject, projectForTheWebTask, projectForTheWebRoadmap, projectForTheWebRoadmapItem, projectForTheWebProjectSettings, projectForTheWebRoadmapSettings, quarantineMetadata, microsoftTodoAudit, timeTravelFilteringDocMetadata, teamsQuarantineMetadata, sharePointAppPermissionOperation, microsoftTeamsSensitivityLabelAction, filteringTeamsMetadata, filteringTeamsUrlInfo, filteringTeamsPostDeliveryAction, mdcAssessments, mdcRegulatoryComplianceStandards, mdcRegulatoryComplianceControls, mdcRegulatoryComplianceAssessments, mdcSecurityConnectors, mdaDataSecuritySignal, vivaGoals, filteringRuntimeInfo, attackSimAdmin, microsoftGraphDataConnectConsent, filteringAtpDetonationInfo, privacyPortal, managedTenants, unifiedSimulationMatchedItem, unifiedSimulationSummary, updateQuarantineMetadata, ms365DSuppressionRule, purviewDataMapOperation, filteringUrlPostClickAction, irmUserDefinedDetectionSignal, teamsUpdates, plannerRosterSensitivityLabel, ms365DIncident, filteringDelistingMetadata, complianceDLPSharePointClassificationExtended, microsoftDefenderForIdentityAudit, supervisoryReviewDayXInsight, defenderExpertsforXDRAdmin, cdpEdgeBlockedMessage, hostedRpa, cdpContentExplorerAggregateRecord, cdpHygieneAttachmentInfo, cdpHygieneSummary, cdpPostMailDeliveryAction, cdpEmailFeatures, cdpHygieneUrlInfo, cdpUrlClick, cdpPackageManagerHygieneEvent, filteringDocScan, timeTravelFilteringDocScan, mapgOnboard, unknownFutureValue.
      Returns:
      a List<AuditLogRecordType>

    • getServiceFilters

      @Nullable public List<String> getServiceFilters()
      Gets the serviceFilters property value. The serviceFilters property
      Returns:
      a List<String>

    • getStatus

      @Nullable public AuditLogQueryStatus getStatus()
      Gets the status property value. Describes the current status of the query. The possible values are: notStarted, running, succeeded, failed, cancelled, unknownFutureValue.
      Returns:
      a AuditLogQueryStatus

    • getUserPrincipalNameFilters

      @Nullable public List<String> getUserPrincipalNameFilters()
      Gets the userPrincipalNameFilters property value. The UPN (user principal name) of the user who performed the action (specified in the operation property) that resulted in the record being logged; for example, myname@mydomain_name.
      Returns:
      a List<String>

    • serialize

      public void serialize(@Nonnull com.microsoft.kiota.serialization.SerializationWriter writer)
      Serializes information the current object
      Specified by:
      serialize in interface com.microsoft.kiota.serialization.Parsable
      Overrides:
      serialize in class Entity
      Parameters:
      writer - Serialization writer to use to serialize this model

    • setAdministrativeUnitIdFilters

      public void setAdministrativeUnitIdFilters(@Nullable List<String> value)
      Sets the administrativeUnitIdFilters property value. The administrative units tagged to an audit log record.
      Parameters:
      value - Value to set for the administrativeUnitIdFilters property.

    • setDisplayName

      public void setDisplayName(@Nullable String value)
      Sets the displayName property value. The display name of the saved audit log query.
      Parameters:
      value - Value to set for the displayName property.

    • setFilterEndDateTime

      public void setFilterEndDateTime(@Nullable OffsetDateTime value)
      Sets the filterEndDateTime property value. The end date of the date range in the query.
      Parameters:
      value - Value to set for the filterEndDateTime property.

    • setFilterStartDateTime

      public void setFilterStartDateTime(@Nullable OffsetDateTime value)
      Sets the filterStartDateTime property value. The start date of the date range in the query.
      Parameters:
      value - Value to set for the filterStartDateTime property.

    • setIpAddressFilters

      public void setIpAddressFilters(@Nullable List<String> value)
      Sets the ipAddressFilters property value. The IP address of the device that was used when the activity was logged.
      Parameters:
      value - Value to set for the ipAddressFilters property.

    • setKeywordFilter

      public void setKeywordFilter(@Nullable String value)
      Sets the keywordFilter property value. Free text field to search non-indexed properties of the audit log.
      Parameters:
      value - Value to set for the keywordFilter property.

    • setObjectIdFilters

      public void setObjectIdFilters(@Nullable List<String> value)
      Sets the objectIdFilters property value. For SharePoint and OneDrive for Business activity, the full path name of the file or folder accessed by the user. For Exchange admin audit logging, the name of the object that was modified by the cmdlet.
      Parameters:
      value - Value to set for the objectIdFilters property.

    • setOperationFilters

      public void setOperationFilters(@Nullable List<String> value)
      Sets the operationFilters property value. The name of the user or admin activity. For a description of the most common operations/activities, see Search the audit log in the Office 365 Protection Center.
      Parameters:
      value - Value to set for the operationFilters property.

    • setRecords

      public void setRecords(@Nullable List<AuditLogRecord> value)
      Sets the records property value. An individual audit log record.
      Parameters:
      value - Value to set for the records property.

    • setRecordTypeFilters

      public void setRecordTypeFilters(@Nullable List<AuditLogRecordType> value)
      Sets the recordTypeFilters property value. The type of operation indicated by the record. The possible values are: exchangeAdmin, exchangeItem, exchangeItemGroup, sharePoint, syntheticProbe, sharePointFileOperation, oneDrive, azureActiveDirectory, azureActiveDirectoryAccountLogon, dataCenterSecurityCmdlet, complianceDLPSharePoint, sway, complianceDLPExchange, sharePointSharingOperation, azureActiveDirectoryStsLogon, skypeForBusinessPSTNUsage, skypeForBusinessUsersBlocked, securityComplianceCenterEOPCmdlet, exchangeAggregatedOperation, powerBIAudit, crm, yammer, skypeForBusinessCmdlets, discovery, microsoftTeams, threatIntelligence, mailSubmission, microsoftFlow, aeD, microsoftStream, complianceDLPSharePointClassification, threatFinder, project, sharePointListOperation, sharePointCommentOperation, dataGovernance, kaizala, securityComplianceAlerts, threatIntelligenceUrl, securityComplianceInsights, mipLabel, workplaceAnalytics, powerAppsApp, powerAppsPlan, threatIntelligenceAtpContent, labelContentExplorer, teamsHealthcare, exchangeItemAggregated, hygieneEvent, dataInsightsRestApiAudit, informationBarrierPolicyApplication, sharePointListItemOperation, sharePointContentTypeOperation, sharePointFieldOperation, microsoftTeamsAdmin, hrSignal, microsoftTeamsDevice, microsoftTeamsAnalytics, informationWorkerProtection, campaign, dlpEndpoint, airInvestigation, quarantine, microsoftForms, applicationAudit, complianceSupervisionExchange, customerKeyServiceEncryption, officeNative, mipAutoLabelSharePointItem, mipAutoLabelSharePointPolicyLocation, microsoftTeamsShifts, secureScore, mipAutoLabelExchangeItem, cortanaBriefing, search, wdatpAlerts, powerPlatformAdminDlp, powerPlatformAdminEnvironment, mdatpAudit, sensitivityLabelPolicyMatch, sensitivityLabelAction, sensitivityLabeledFileAction, attackSim, airManualInvestigation, securityComplianceRBAC, userTraining, airAdminActionInvestigation, mstic, physicalBadgingSignal, teamsEasyApprovals, aipDiscover, aipSensitivityLabelAction, aipProtectionAction, aipFileDeleted, aipHeartBeat, mcasAlerts, onPremisesFileShareScannerDlp, onPremisesSharePointScannerDlp, exchangeSearch, sharePointSearch, privacyDataMinimization, labelAnalyticsAggregate, myAnalyticsSettings, securityComplianceUserChange, complianceDLPExchangeClassification, complianceDLPEndpoint, mipExactDataMatch, msdeResponseActions, msdeGeneralSettings, msdeIndicatorsSettings, ms365DCustomDetection, msdeRolesSettings, mapgAlerts, mapgPolicy, mapgRemediation, privacyRemediationAction, privacyDigestEmail, mipAutoLabelSimulationProgress, mipAutoLabelSimulationCompletion, mipAutoLabelProgressFeedback, dlpSensitiveInformationType, mipAutoLabelSimulationStatistics, largeContentMetadata, microsoft365Group, cdpMlInferencingResult, filteringMailMetadata, cdpClassificationMailItem, cdpClassificationDocument, officeScriptsRunAction, filteringPostMailDeliveryAction, cdpUnifiedFeedback, tenantAllowBlockList, consumptionResource, healthcareSignal, dlpImportResult, cdpCompliancePolicyExecution, multiStageDisposition, privacyDataMatch, filteringDocMetadata, filteringEmailFeatures, powerBIDlp, filteringUrlInfo, filteringAttachmentInfo, coreReportingSettings, complianceConnector, powerPlatformLockboxResourceAccessRequest, powerPlatformLockboxResourceCommand, cdpPredictiveCodingLabel, cdpCompliancePolicyUserFeedback, webpageActivityEndpoint, omePortal, cmImprovementActionChange, filteringUrlClick, mipLabelAnalyticsAuditRecord, filteringEntityEvent, filteringRuleHits, filteringMailSubmission, labelExplorer, microsoftManagedServicePlatform, powerPlatformServiceActivity, scorePlatformGenericAuditRecord, filteringTimeTravelDocMetadata, alert, alertStatus, alertIncident, incidentStatus, case, caseInvestigation, recordsManagement, privacyRemediation, dataShareOperation, cdpDlpSensitive, ehrConnector, filteringMailGradingResult, publicFolder, privacyTenantAuditHistoryRecord, aipScannerDiscoverEvent, eduDataLakeDownloadOperation, m365ComplianceConnector, microsoftGraphDataConnectOperation, microsoftPurview, filteringEmailContentFeatures, powerPagesSite, powerAppsResource, plannerPlan, plannerCopyPlan, plannerTask, plannerRoster, plannerPlanList, plannerTaskList, plannerTenantSettings, projectForTheWebProject, projectForTheWebTask, projectForTheWebRoadmap, projectForTheWebRoadmapItem, projectForTheWebProjectSettings, projectForTheWebRoadmapSettings, quarantineMetadata, microsoftTodoAudit, timeTravelFilteringDocMetadata, teamsQuarantineMetadata, sharePointAppPermissionOperation, microsoftTeamsSensitivityLabelAction, filteringTeamsMetadata, filteringTeamsUrlInfo, filteringTeamsPostDeliveryAction, mdcAssessments, mdcRegulatoryComplianceStandards, mdcRegulatoryComplianceControls, mdcRegulatoryComplianceAssessments, mdcSecurityConnectors, mdaDataSecuritySignal, vivaGoals, filteringRuntimeInfo, attackSimAdmin, microsoftGraphDataConnectConsent, filteringAtpDetonationInfo, privacyPortal, managedTenants, unifiedSimulationMatchedItem, unifiedSimulationSummary, updateQuarantineMetadata, ms365DSuppressionRule, purviewDataMapOperation, filteringUrlPostClickAction, irmUserDefinedDetectionSignal, teamsUpdates, plannerRosterSensitivityLabel, ms365DIncident, filteringDelistingMetadata, complianceDLPSharePointClassificationExtended, microsoftDefenderForIdentityAudit, supervisoryReviewDayXInsight, defenderExpertsforXDRAdmin, cdpEdgeBlockedMessage, hostedRpa, cdpContentExplorerAggregateRecord, cdpHygieneAttachmentInfo, cdpHygieneSummary, cdpPostMailDeliveryAction, cdpEmailFeatures, cdpHygieneUrlInfo, cdpUrlClick, cdpPackageManagerHygieneEvent, filteringDocScan, timeTravelFilteringDocScan, mapgOnboard, unknownFutureValue.
      Parameters:
      value - Value to set for the recordTypeFilters property.

    • setServiceFilters

      public void setServiceFilters(@Nullable List<String> value)
      Sets the serviceFilters property value. The serviceFilters property
      Parameters:
      value - Value to set for the serviceFilters property.

    • setStatus

      public void setStatus(@Nullable AuditLogQueryStatus value)
      Sets the status property value. Describes the current status of the query. The possible values are: notStarted, running, succeeded, failed, cancelled, unknownFutureValue.
      Parameters:
      value - Value to set for the status property.

    • setUserPrincipalNameFilters

      public void setUserPrincipalNameFilters(@Nullable List<String> value)
      Sets the userPrincipalNameFilters property value. The UPN (user principal name) of the user who performed the action (specified in the operation property) that resulted in the record being logged; for example, myname@mydomain_name.
      Parameters:
      value - Value to set for the userPrincipalNameFilters property.