如需检索网域的所有服务的所有登录记录,请使用以下 GET HTTP 请求,并添加授权文档中所述的授权令牌。如需详细了解请求查询字符串和响应属性,请参阅 API 参考文档。为了方便阅读,以下示例采用了回车断行格式:
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all
/applications/login?endTime=end date&startTime=start date
&maxResults=maximum number of events returned on a response page
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?customerId=C03az79cb
按事件名称检索 Google Workspace 登录事件
在某些情况下,您可能需要检索特定事件,例如可疑的成功登录。为此,请使用以下格式的 GET HTTP 请求:
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all
/applications/login?maxResults=maximum number of events returned on a response page
&eventName=name of the login event
&filters=event parameterrelational operatorparameter value
以下示例展示了如何检索某个网域的所有可疑成功登录:
GET https://admin.googleapis.com/admin/reports/v1/activity/users/all/applications/login?eventName=login_success&filters=is_suspicious==true&maxResults=25
[null,null,["最后更新时间 (UTC):2024-11-28。"],[[["The login activity report provides insights into the login activities of all users within your Google Workspace account for the past 180 days, including password and SAML-based SSO logins."],["You can retrieve login event data for your entire domain or for specific events like suspicious logins using the provided API endpoints."],["The report utilizes the basic report endpoint request with specific parameters like user email, start and end dates, and maximum results per page."],["Reports can be further filtered by event name and parameters to pinpoint specific login activities, such as suspicious successful logins, using designated filters."],["Ensure usage of the login activity report adheres to the terms outlined in your Customer Agreement and is for lawful purposes only."]]],["The login activity report tracks user login events, including password and SAML-based SSO logins, for up to 180 days. It's accessed via `GET` HTTP requests to `admin.googleapis.com`. You can retrieve all logins for a domain or specify a customer ID. You can also filter by specific event names and parameters, such as \"login_success\" and \"is_suspicious.\" Results can be paginated using the `maxResults` parameter, and reports must be used lawfully.\n"]]