list method

Future<Activities> list(
  1. String userKey,
  2. String applicationName, {
  3. String? actorIpAddress,
  4. String? customerId,
  5. String? endTime,
  6. String? eventName,
  7. String? filters,
  8. String? groupIdFilter,
  9. int? maxResults,
  10. String? orgUnitID,
  11. String? pageToken,
  12. String? startTime,
  13. String? $fields,
})

Retrieves a list of activities for a specific customer's account and application such as the Admin console application or the Google Drive application.

For more information, see the guides for administrator and Google Drive activity reports. For more information about the activity report's parameters, see the activity parameters reference guides.

Request parameters:

userKey - Represents the profile ID or the user email for which the data should be filtered. Can be all for all information, or userKey for a user's unique Google Workspace profile ID or their primary email address. Must not be a deleted user. For a deleted user, call users.list in Directory API with showDeleted=true, then use the returned ID as the userKey.

applicationName - Application name for which the events are to be retrieved. Value must have pattern (access_transparency)|(admin)|(calendar)|(chat)|(chrome)|(context_aware_access)|(data_studio)|(drive)|(gcp)|(gplus)|(groups)|(groups_enterprise)|(jamboard)|(keep)|(login)|(meet)|(mobile)|(rules)|(saml)|(token)|(user_accounts)|(vault). Possible string values are:

  • "access_transparency" : The Google Workspace Access Transparency activity reports return information about different types of Access Transparency activity events.
  • "admin" : The Admin console application's activity reports return account information about different types of administrator activity events.
  • "calendar" : The Google Calendar application's activity reports return information about various Calendar activity events.
  • "chat" : The Chat activity reports return information about various Chat activity events.
  • "drive" : The Google Drive application's activity reports return information about various Google Drive activity events. The Drive activity report is only available for Google Workspace Business and Enterprise customers.
  • "gcp" : The Google Cloud Platform application's activity reports return information about various GCP activity events.
  • "gplus" : The Google+ application's activity reports return information about various Google+ activity events.
  • "groups" : The Google Groups application's activity reports return information about various Groups activity events.
  • "groups_enterprise" : The Enterprise Groups activity reports return information about various Enterprise group activity events.
  • "jamboard" : The Jamboard activity reports return information about various Jamboard activity events.
  • "login" : The Login application's activity reports return account information about different types of Login activity events.
  • "meet" : The Meet Audit activity report returns information about different types of Meet Audit activity events.
  • "mobile" : The Device Audit activity report returns information about different types of Device Audit activity events.
  • "rules" : The Rules activity report returns information about different types of Rules activity events.
  • "saml" : The SAML activity report returns information about different types of SAML activity events.
  • "token" : The Token application's activity reports return account information about different types of Token activity events.
  • "user_accounts" : The User Accounts application's activity reports return account information about different types of User Accounts activity events.
  • "context_aware_access" : The Context-aware access activity reports return information about users' access denied events due to Context-aware access rules.
  • "chrome" : The Chrome activity reports return information about Chrome browser and Chrome OS events.
  • "data_studio" : The Data Studio activity reports return information about various types of Data Studio activity events.
  • "keep" : The Keep application's activity reports return information about various Google Keep activity events. The Keep activity report is only available for Google Workspace Business and Enterprise customers.
  • "vault" : The Vault activity reports return information about various types of Vault activity events.

actorIpAddress - The Internet Protocol (IP) Address of host where the event was performed. This is an additional way to filter a report's summary using the IP address of the user whose activity is being reported. This IP address may or may not reflect the user's physical location. For example, the IP address can be the user's proxy server's address or a virtual private network (VPN) address. This parameter supports both IPv4 and IPv6 address versions.

customerId - The unique ID of the customer to retrieve data for. Value must have pattern C.+|my_customer.

endTime - Sets the end of the range of time shown in the report. The date is in the RFC 3339 format, for example 2010-10-28T10:26:35.000Z. The default value is the approximate time of the API request. An API report has three basic time concepts: - Date of the API's request for a report: When the API created and retrieved the report. - Report's start time: The beginning of the timespan shown in the report. The startTime must be before the endTime (if specified) and the current time when the request is made, or the API returns an error. - Report's end time: The end of the timespan shown in the report. For example, the timespan of events summarized in a report can start in April and end in May. The report itself can be requested in August. If the endTime is not specified, the report returns all activities from the startTime until the current time or the most recent 180 days if the startTime is more than 180 days in the past. Value must have pattern (\d\d\d\d)-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)(?:\.(\d+))?(?:(Z)|(\[-+\])(\d\d):(\d\d)).

eventName - The name of the event being queried by the API. Each eventName is related to a specific Google Workspace service or feature which the API organizes into types of events. An example is the Google Calendar events in the Admin console application's reports. The Calendar Settings type structure has all of the Calendar eventName activities reported by the API. When an administrator changes a Calendar setting, the API reports this activity in the Calendar Settings type and eventName parameters. For more information about eventName query strings and parameters, see the list of event names for various applications above in applicationName.

filters - The filters query string is a comma-separated list composed of event parameters manipulated by relational operators. Event parameters are in the form {parameter1 name}{relational operator}{parameter1 value},{parameter2 name}{relational operator}{parameter2 value},... These event parameters are associated with a specific eventName. An empty report is returned if the request's parameter doesn't belong to the eventName. For more information about the available eventName fields for each application and their associated parameters, go to the [ApplicationName](#applicationname) table, then click through to the Activity Events page in the Appendix for the application you want. In the following Drive activity examples, the returned list consists of all edit events where the doc_id parameter value matches the conditions defined by the relational operator. In the first example, the request returns all edited documents with a doc_id value equal to 12345. In the second example, the report returns any edited documents where the doc_id value is not equal to 98765. The <> operator is URL-encoded in the request's query string (%3C%3E): GET...&eventName=edit&filters=doc_id==12345 GET...&eventName=edit&filters=doc_id%3C%3E98765 A filters query supports these relational operators: * ==—'equal to'. * <>—'not equal to'. Must be URL-encoded (%3C%3E). * <—'less than'. Must be URL-encoded (%3C). * <=—'less than or equal to'. Must be URL-encoded (%3C=). * >—'greater than'. Must be URL-encoded (%3E). * >=—'greater than or equal to'. Must be URL-encoded (%3E=). Note: The API doesn't accept multiple values of the same parameter. If a parameter is supplied more than once in the API request, the API only accepts the last value of that parameter. In addition, if an invalid parameter is supplied in the API request, the API ignores that parameter and returns the response corresponding to the remaining valid parameters. If no parameters are requested, all parameters are returned. Value must have pattern (.+\[\<,\<=,==,\>=,\>,\<\>\].+,)*(.+\[\<,\<=,==,\>=,\>,\<\>\].+).

groupIdFilter - Comma separated group ids (obfuscated) on which user activities are filtered, i.e. the response will contain activities for only those users that are a part of at least one of the group ids mentioned here. Format: "id:abc123,id:xyz456" Value must have pattern (id:\[a-z0-9\]+(,id:\[a-z0-9\]+)*).

maxResults - Determines how many activity records are shown on each response page. For example, if the request sets maxResults=1 and the report has two activities, the report has two pages. The response's nextPageToken property has the token to the second page. The maxResults query string is optional in the request. The default value is 1000. Value must be between "1" and "1000".

orgUnitID - ID of the organizational unit to report on. Activity records will be shown only for users who belong to the specified organizational unit. Data before Dec 17, 2018 doesn't appear in the filtered results. Value must have pattern (id:\[a-z0-9\]+).

pageToken - The token to specify next page. A report with multiple pages has a nextPageToken property in the response. In your follow-on request getting the next page of the report, enter the nextPageToken value in the pageToken query string.

startTime - Sets the beginning of the range of time shown in the report. The date is in the RFC 3339 format, for example 2010-10-28T10:26:35.000Z. The report returns all activities from startTime until endTime. The startTime must be before the endTime (if specified) and the current time when the request is made, or the API returns an error. Value must have pattern (\d\d\d\d)-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)(?:\.(\d+))?(?:(Z)|(\[-+\])(\d\d):(\d\d)).

$fields - Selector specifying which fields to include in a partial response.

Completes with a Activities.

Completes with a commons.ApiRequestError if the API endpoint returned an error.

If the used http.Client completes with an error when making a REST call, this method will complete with the same error.

Implementation

async.Future<Activities> list(
  core.String userKey,
  core.String applicationName, {
  core.String? actorIpAddress,
  core.String? customerId,
  core.String? endTime,
  core.String? eventName,
  core.String? filters,
  core.String? groupIdFilter,
  core.int? maxResults,
  core.String? orgUnitID,
  core.String? pageToken,
  core.String? startTime,
  core.String? $fields,
}) async {
  final queryParams_ = <core.String, core.List<core.String>>{
    if (actorIpAddress != null) 'actorIpAddress': [actorIpAddress],
    if (customerId != null) 'customerId': [customerId],
    if (endTime != null) 'endTime': [endTime],
    if (eventName != null) 'eventName': [eventName],
    if (filters != null) 'filters': [filters],
    if (groupIdFilter != null) 'groupIdFilter': [groupIdFilter],
    if (maxResults != null) 'maxResults': ['${maxResults}'],
    if (orgUnitID != null) 'orgUnitID': [orgUnitID],
    if (pageToken != null) 'pageToken': [pageToken],
    if (startTime != null) 'startTime': [startTime],
    if ($fields != null) 'fields': [$fields],
  };

  final url_ = 'admin/reports/v1/activity/users/' +
      commons.escapeVariable('$userKey') +
      '/applications/' +
      commons.escapeVariable('$applicationName');

  final response_ = await _requester.request(
    url_,
    'GET',
    queryParams: queryParams_,
  );
  return Activities.fromJson(
      response_ as core.Map<core.String, core.dynamic>);
}