Saviynt Forums

As mentioned above used : 

{"analyticsname": "TESTCONTROL",
"analyticsid":"1483","attributes": {"timeFrame": "60"}}

Response as below :

Hello , 

As mentioned in the SIEM documentation we have created custom SAV role and added 

• webservice_api_authenticateUser

• api_v5_fetchRuntimeControlsData

• webservice_api_v5_authenticateUser

• api_v5_fetchRuntimeControlsDataV2

accesses to it and tagged it to the user. Apart from this we have tested with ROLE_ADMIN users also . Same output . And in UI its running perfectly fine no error just that its not printing in API response

HI @Diptansu1 

Can you add the analytics to the particular sav role in Analytics section, Also make analytics id is correct . if you can send the screenshot of the analytics query and body of the Api call that would be helpfull.

Thanks

Darshan

Please find the query as below :

select ua.TYPEOFACCESS as 'Object Type',ua.ActionType as 'Action Taken',u.username as 'Accessed By', ua.IPADDRESS as 'IP Address',ua.ACCESSTIME as 'Event Time',ua.DETAIL as 'Message' from users u , userlogin_access ua, userlogins l where l.loginkey = ua.LOGINKEY and l.USERKEY = u.userkey and ua.AccessTime >= (NOW() - INTERVAL ${timeFrame} Minute) and ua.Detail is not NULL

API request Body :

{"analyticsname": "TESTCONTROL",
"analyticsid":"1483","attributes": {"timeFrame": "60"}}

ID is correct :

Thanks, Also did you add the analytics to the savrole as asked above?

Thanks its working after adding analytics under SAV ROLE

if you have added the analytics to the custom savrole as well then the data should appear, Please check and let me know

Hello , Below accesses are tagged with custom role:

If you are still facing this issue then try

• Copy ROLE_ADMIN sav role 

• Remove uncessary access from new sav role. 
• Assign new custom Sav role to a user you are using to run fetchRuntimeControlsDataV2 API
• Add analytics under new SAV role
  

No our main goal is to not grant ROLE_ADMIN to this user . Giving ROLE_ADMIN it will work we tested. Coming to your other points Analytics is added under this custom role . And unnecessary access are not present in new SAV role , all are mentioned in document itself. Initially we have added this 4 (which is present in Saviynt documentation)

• webservice_api_authenticateUser

• api_v5_fetchRuntimeControlsData

• webservice_api_v5_authenticateUser

• api_v5_fetchRuntimeControlsDataV2

later as its not working added some accesses . Even after adding those still not working so that should not be the issue it seems.

Hi @Diptansu1 

Yes feature access are fine, only those mentioned in document are good enough, but my question is still unanswered? for the custom savrole did you add the analytics?

Thanks

Darshan

Yes I have added the analytics under custom SAV role . One thing I have noticed while doing debug even if we create a custom SAV role inheriting ROLE_ADMIN and add analytics and tag user there also same issue . Only if we provide the ROLE_ADMIN directly then only it is working . Hope this will info will help in your analysis.

Okay then it should work as expected, you may need to raise a FD and provide this forum link, may need to check the issue in detail.

Thanks

Darshan

Hi,

We are experience the same issue.   Any progress made on this?

Cheers,
Gabe

Hi @Diptansu1 ,

Is this issue is resolved for you? Please post the resolution here so that it will be helpful for others

Thanks,
Smitha

Hi @Alex 

The above Url is for V1 analytics and at the end if v2 is mentioned in the url then its Analytics v2 .

You need to check with what analytics you have created and then use it accordingly 

Thanks

Darshan

Hi @Darshanjain,
yes I'm aware of that, but whenever I'm creating a Runtime Analytics report it is not shown to me, if it is v1 or v2. There is simply no option to differentiate on creation. I know about the global configuration setting, but besides that, there is no indicator. Also in the analyticsconfig table, I'm not able to see that information. So if you can provide input for this, I would be happy.

Coming back to the issue, this is just what I found out working, so I see two possible issues:
1. Wrong URL for reports using v1
2. Product issue for api calls to reports created as v2.

Regards
Alex

Hi @Alex 

In the Analytics config page, you can select the column analytics version where you will be able to see which version it is created.

If the Above url is working then its created as v1 analytics, there are no issues around this.

Just make sure which analytics version it is created and use it accordingly.

Note: Also for runtime analytics when you are trying to create there is an option of save data if you click on it then its a v2 analytics , if not then its a v1 analytics.

Thanks

Darshan

Hi @Alex,

To clarify Darshanjain's point about checking the 'Save Data' checkbox. 

By checking the 'Save Data' checkbox saves the analytic to the database which creates your analytic as v2 or an elasticsearch analytic which is what you need.

I feel that there is a gap in the documentation, because this pertinent information is not present in the Creating Elasticsearch-based Analytics Controls (Version 2) using SQL Query (saviyntcloud.com) documentation.

Regards,

Gabe