watch method
Start receiving notifications for account activities.
For more information, see Receiving Push Notifications.
request
- The metadata request object.
Request parameters:
userKey
- Represents the profile ID or the user email for which the data
should be filtered. Can be all
for all information, or userKey
for a
user's unique Google Workspace profile ID or their primary email address.
Must not be a deleted user. For a deleted user, call users.list
in
Directory API with showDeleted=true
, then use the returned ID
as the
userKey
.
applicationName
- Application name for which the events are to be
retrieved.
Value must have pattern
(access_transparency)|(admin)|(calendar)|(chat)|(chrome)|(context_aware_access)|(data_studio)|(drive)|(gcp)|(gplus)|(groups)|(groups_enterprise)|(jamboard)|(keep)|(login)|(meet)|(mobile)|(rules)|(saml)|(token)|(user_accounts)
.
Possible string values are:
- "access_transparency" : The Google Workspace Access Transparency activity reports return information about different types of Access Transparency activity events.
- "admin" : The Admin console application's activity reports return account information about different types of administrator activity events.
- "calendar" : The Google Calendar application's activity reports return information about various Calendar activity events.
- "chat" : The Chat activity reports return information about various Chat activity events.
- "drive" : The Google Drive application's activity reports return information about various Google Drive activity events. The Drive activity report is only available for Google Workspace Business and Google Workspace Enterprise customers.
- "gcp" : The Google Cloud Platform application's activity reports return information about various GCP activity events.
- "gplus" : The Google+ application's activity reports return information about various Google+ activity events.
- "groups" : The Google Groups application's activity reports return information about various Groups activity events.
- "groups_enterprise" : The Enterprise Groups activity reports return information about various Enterprise group activity events.
- "jamboard" : The Jamboard activity reports return information about various Jamboard activity events.
- "login" : The Login application's activity reports return account information about different types of Login activity events.
- "meet" : The Meet Audit activity report returns information about different types of Meet Audit activity events.
- "mobile" : The Device Audit activity report returns information about different types of Device Audit activity events.
- "rules" : The Rules activity report returns information about different types of Rules activity events.
- "saml" : The SAML activity report returns information about different types of SAML activity events.
- "token" : The Token application's activity reports return account information about different types of Token activity events.
- "user_accounts" : The User Accounts application's activity reports return account information about different types of User Accounts activity events.
- "context_aware_access" : The Context-aware access activity reports return information about users' access denied events due to Context-aware access rules.
- "chrome" : The Chrome activity reports return information about Chrome browser and Chrome OS events.
- "data_studio" : The Data Studio activity reports return information about various types of Data Studio activity events.
- "keep" : The Keep application's activity reports return information about various Google Keep activity events. The Keep activity report is only available for Google Workspace Business and Enterprise customers.
actorIpAddress
- The Internet Protocol (IP) Address of host where the
event was performed. This is an additional way to filter a report's
summary using the IP address of the user whose activity is being reported.
This IP address may or may not reflect the user's physical location. For
example, the IP address can be the user's proxy server's address or a
virtual private network (VPN) address. This parameter supports both IPv4
and IPv6 address versions.
customerId
- The unique ID of the customer to retrieve data for.
Value must have pattern C.+|my_customer
.
endTime
- Sets the end of the range of time shown in the report. The
date is in the RFC 3339 format, for example 2010-10-28T10:26:35.000Z. The
default value is the approximate time of the API request. An API report
has three basic time concepts: - Date of the API's request for a report:
When the API created and retrieved the report. - Report's start time:
The beginning of the timespan shown in the report. The startTime
must be
before the endTime
(if specified) and the current time when the request
is made, or the API returns an error. - Report's end time: The end of
the timespan shown in the report. For example, the timespan of events
summarized in a report can start in April and end in May. The report
itself can be requested in August. If the endTime
is not specified, the
report returns all activities from the startTime
until the current time
or the most recent 180 days if the startTime
is more than 180 days in
the past.
Value must have pattern
(\d\d\d\d)-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)(?:\.(\d+))?(?:(Z)|(\[-+\])(\d\d):(\d\d))
.
eventName
- The name of the event being queried by the API. Each
eventName
is related to a specific Google Workspace service or feature
which the API organizes into types of events. An example is the Google
Calendar events in the Admin console application's reports. The Calendar
Settings type
structure has all of the Calendar eventName
activities
reported by the API. When an administrator changes a Calendar setting, the
API reports this activity in the Calendar Settings type
and eventName
parameters. For more information about eventName
query strings and
parameters, see the list of event names for various applications above in
applicationName
.
filters
- The filters
query string is a comma-separated list composed
of event parameters manipulated by relational operators. Event parameters
are in the form {parameter1 name}{relational operator}{parameter1 value},{parameter2 name}{relational operator}{parameter2 value},...
These
event parameters are associated with a specific eventName
. An empty
report is returned if the request's parameter doesn't belong to the
eventName
. For more information about the available eventName
fields
for each application and their associated parameters, go to the
[ApplicationName](#applicationname) table, then click through to the
Activity Events page in the Appendix for the application you want. In the
following Drive activity examples, the returned list consists of all
edit
events where the doc_id
parameter value matches the conditions
defined by the relational operator. In the first example, the request
returns all edited documents with a doc_id
value equal to 12345
. In
the second example, the report returns any edited documents where the
doc_id
value is not equal to 98765
. The <>
operator is URL-encoded
in the request's query string (%3C%3E
): GET...&eventName=edit&filters=doc_id==12345 GET...&eventName=edit&filters=doc_id%3C%3E98765
A filters
query
supports these relational operators: * ==
—'equal to'. * <>
—'not equal
to'. Must be URL-encoded (%3C%3E). * <
—'less than'. Must be URL-encoded
(%3C). * <=
—'less than or equal to'. Must be URL-encoded (%3C=). *
>
—'greater than'. Must be URL-encoded (%3E). * >=
—'greater than or
equal to'. Must be URL-encoded (%3E=). Note: The API doesn't accept
multiple values of the same parameter. If a parameter is supplied more
than once in the API request, the API only accepts the last value of that
parameter. In addition, if an invalid parameter is supplied in the API
request, the API ignores that parameter and returns the response
corresponding to the remaining valid parameters. If no parameters are
requested, all parameters are returned.
Value must have pattern
(.+\[\<,\<=,==,\>=,\>,\<\>\].+,)*(.+\[\<,\<=,==,\>=,\>,\<\>\].+)
.
groupIdFilter
- Comma separated group ids (obfuscated) on which user
activities are filtered, i.e. the response will contain activities for
only those users that are a part of at least one of the group ids
mentioned here. Format: "id:abc123,id:xyz456"
Value must have pattern (id:\[a-z0-9\]+(,id:\[a-z0-9\]+)*)
.
maxResults
- Determines how many activity records are shown on each
response page. For example, if the request sets maxResults=1
and the
report has two activities, the report has two pages. The response's
nextPageToken
property has the token to the second page. The
maxResults
query string is optional in the request. The default value is
1000.
Value must be between "1" and "1000".
orgUnitID
- Deprecated
. This field is deprecated and is no longer
supported. ID of the organizational unit to report on. Activity records
will be shown only for users who belong to the specified organizational
unit. Data before Dec 17, 2018 doesn't appear in the filtered results.
Value must have pattern (id:\[a-z0-9\]+)
.
pageToken
- The token to specify next page. A report with multiple pages
has a nextPageToken
property in the response. In your follow-on request
getting the next page of the report, enter the nextPageToken
value in
the pageToken
query string.
startTime
- Sets the beginning of the range of time shown in the report.
The date is in the RFC 3339 format, for example 2010-10-28T10:26:35.000Z.
The report returns all activities from startTime
until endTime
. The
startTime
must be before the endTime
(if specified) and the current
time when the request is made, or the API returns an error.
Value must have pattern
(\d\d\d\d)-(\d\d)-(\d\d)T(\d\d):(\d\d):(\d\d)(?:\.(\d+))?(?:(Z)|(\[-+\])(\d\d):(\d\d))
.
$fields
- Selector specifying which fields to include in a partial
response.
Completes with a Channel.
Completes with a commons.ApiRequestError if the API endpoint returned an error.
If the used http.Client
completes with an error when making a REST call,
this method will complete with the same error.
Implementation
async.Future<Channel> watch(
Channel request,
core.String userKey,
core.String applicationName, {
core.String? actorIpAddress,
core.String? customerId,
core.String? endTime,
core.String? eventName,
core.String? filters,
core.String? groupIdFilter,
core.int? maxResults,
core.String? orgUnitID,
core.String? pageToken,
core.String? startTime,
core.String? $fields,
}) async {
final body_ = convert.json.encode(request);
final queryParams_ = <core.String, core.List<core.String>>{
if (actorIpAddress != null) 'actorIpAddress': [actorIpAddress],
if (customerId != null) 'customerId': [customerId],
if (endTime != null) 'endTime': [endTime],
if (eventName != null) 'eventName': [eventName],
if (filters != null) 'filters': [filters],
if (groupIdFilter != null) 'groupIdFilter': [groupIdFilter],
if (maxResults != null) 'maxResults': ['${maxResults}'],
if (orgUnitID != null) 'orgUnitID': [orgUnitID],
if (pageToken != null) 'pageToken': [pageToken],
if (startTime != null) 'startTime': [startTime],
if ($fields != null) 'fields': [$fields],
};
final url_ = 'admin/reports/v1/activity/users/' +
commons.escapeVariable('$userKey') +
'/applications/' +
commons.escapeVariable('$applicationName') +
'/watch';
final response_ = await _requester.request(
url_,
'POST',
body: body_,
queryParams: queryParams_,
);
return Channel.fromJson(response_ as core.Map<core.String, core.dynamic>);
}