create_ad_hoc_audit_and_run_once

This command creates a new audit process report.

You can invoke this command automatically from any report.

When this command is invoked, it creates and runs a new audit process report. If such process for the user exists, then the parameters are updated and the same process is used. The behavior of this API is as follows:

  • For a new process:
    1. The API creates one receiver per email in the sendToEmails list of the content type indicated in emailContentType.
    2. If includeUserReceiver parameter is set to true, the API also creates a user receiver for the user that is logged in
  • For an existing process:
    1. All email receivers are removed and replaced with the emails from the new sendToEmails list (if any).
    2. If the list is empty, it removes all email receivers.
    3. If there is already a receiver for the user, it is not removed even if the includeUserreceiver is set to false. However if the parameter is true and there is no such receiver then it is added.

Once the audit process is generated, it is automatically executed (similar to a Run Once Now) and users should expect an item on their to-do list for that audit process.

This API is available in Guardium V9.5 and later.

REST API syntax

This API is available as a REST service with the POST method. Call this API as follows:
POST https://[Guardium hostname or IP address]:8443/restAPI/ad_hoc_audit_and_run_once

GuardAPI syntax

create_ad_hoc_audit_and_run_once parameter=value

Parameters

Parameter Value type Description
changeParIfExist Boolean Required. Indicates whether to update the task parameters if the process exists. Valid values:
  • 0 (false)
  • 1 (true)
emailContentType Integer The type of content to send to users on the sendToEmails list. Valid values:
  • 0: PDF
  • 1: CSV
includeUserReceiver Boolean Create a receiver for the logged-in user. Valid values:
  • 0 (false)
  • 1 (true)
isForReportRunOnce Boolean Required. Run the report once after it is created. Valid values:
  • 0 (false)
  • 1 (true)
processNamePar String If not blank, create a process with the specified name.
reportId Integer Required. The ID on the report to use for the only task in the Audit process.
sendToEmails String The email addresses of users to receive this report. A comma-separated list of email addresses.
taskParameter String All task parameters and their values concatenated with the characters ^^.

For example:

PAR1=Val1^^PAR2=Val2^^

You can leave a parameter empty. For example, to leave PAR2 empty: PAR1=VAL1^^PAR2=^^PAR3=VAL3^^

templateName String For valid values, call create_ad_hoc_audit_and_run_once from the command line with --help=true.
ticketAssignToGroup String If ticketReceiver is set to 1 (true), create an external ticket, assign the ticket to the specified group name or ID, and send the ticket to the external ticketing system (ServiceNow).
ticketAssignToMember String If ticketReceiver is set to 1 (true), create an external ticket, assign the ticket to the specified member name or ID, and send the ticket to the external ticketing system (IBM Resilient).
ticketAssignToUser String If ticketReceiver is set to 1 (true), create an external ticket, assign the ticket to the specified user name or ID, and send the ticket to the external ticketing system (ServiceNow).
ticketReceiver Boolean If set to 1, add a receiver of type Ticket to the audit process result. When the audit process runs, Guardium creates a ticket and attaches the audit process result (as a PDF). Valid values:
  • 0 (false)
  • 1 (true)

Default = 0 (false)

writeToSyslog Boolean Valid values:
  • 0 (false)
  • 1 (true)

Default = 0 (false)