Served Data List REST Service
Use Served Data List REST Service to query the database and list the served key data. For example, you might list which devices were served a specific key, or list the keys that were served to a specific device.
offset
and
count
. The offset
value specifies the page number from which the
records are displayed. The count
value specifies the number of records to display
on a page, which you specify in the offset
value. For example, to retrieve the
first 10 records for the list, set offset = 1 and count =
10. To retrieve the next 10 records, set offset = 2 and
count = 10. If you do not specify values for pagination parameters, the first
2000 records are returned.- Operation
GET
- URL
-
- Retrieve all the served key data:
- https://<host>:<port>/SKLM/rest/v1/servedDataNote: Returns 2000 records.
- Retrieve all the served key data when you specify a few parameters:
https://<host>:<port>/SKLM/rest/v1/ servedData?kmipClientCertUUID=<clientCertUUID>&dateBefore=<date> &dateAfter=<date>
Note: Returns 2000 records.- Retrieve all the served key data when you specify all the parameters:
-
https://<host>:<port>/SKLM/rest/v1/ servedData?volser=<VolumeSerialNumber>&attributeName=<attrName> &attributeValue=<attrvalue>&dateBefore=<date>&dateAfter=<date>&usage =<devicetype>&serialNumber=<deviceSerialNumber>&kmipClientCertUUID =<clientCertUUID>
Note: Returns 2000 records. - To retrieve a specific list with pagination:
-
https://<host>:<port>/SKLM/rest/v1/ servedData?volser=<VolumeSerialNumber>&attributeName=<attrName> &attributeValue=<attrvalue>&dateBefore=<date>&dateAfter=<date>&usage= <devicetype>&serialNumber=<deviceSerialNumber>&kmipClientCertUUID= <clientCertUUID>&offset=<offset>&count=<count>
By default, Guardium® Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM® Security Guardium Key Lifecycle Manager installation, you can modify this default port.
Request
Parameter | Description |
---|---|
host | Specify the IP address or hostname of the IBM Security Guardium Key Lifecycle Manager server. |
port | Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests. |
Header name | Value |
---|---|
Content-Type | application/json |
Accept | application/json |
Authorization | SKLMAuth userAuthId=<authIdValue> |
Accept-Language | Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or de. |
Parameter name | Description |
---|---|
attributeName | Optional.
|
attributeValue | Optional. Identifies the served data. For example,
if attributeName is alias1 , then attributeValue might
be cert1 . |
dateBefore | Optional. If you specify only this date, list
the audits that are made before this date. Hyphens are required in
the date value. To list audits that are made between the before and after dates, specify both values. Format for the date is |
dateAfter | Optional. If you specify only this date, list
the audits that are made after this date. Hyphens are required in
the date value. To list audits that are made between the before and after dates, specify both values. Format for the date is |
usage | Optional. Specify one of the following values:
|
volser | Optional. Specify the volume and serial number of a tape cartridge. |
kmipClientCertUUID | Optional. Specify UUID of the KMIP client certificate. |
serialNumber | Optional. Specify the device serial number. |
offset | Optional. Specify the page number from which the records are displayed based on the value that you specify for count. |
count | Optional. Specify the number of records to display on the page that you specified with offset. The count must not exceed 2000 records. |
Response
Header name | Value and description |
---|---|
Status Code |
|
Content-Type | application/json |
Content-Language | Locale for the response message. |
JSON array that contains JSON objects with the following specification
JSON property name | Description |
---|---|
Device uuid | Returns the universal unique identifier of the device. |
Serial Number | Returns the serial number of the device as an ASCII string. |
Volume Serial Number | Returns the volume and serial number of the tape cartridge. |
World wide name | Returns the name of a device. |
Key alias 1 | Returns the default key alias. |
Key alias 2 | Returns the alias of the key served. |
TimeStamp | Returns the time stamp when the key was last served. |
Data Key Identifier (dki) | Returns the data key identifier. |
Attributes | Returns one or more device attributes. |
Device Group Name | Returns the device type. |
Kmip Client Certificate UUID | Returns the universal unique identifier of KMIP client certificate. |
JSON object with the following specification.
JSON property name | Description |
---|---|
code | Returns the application error code. |
message | Returns a message that describes the error. |
Examples
- Service request to list key served data information
GET https://localhost:<port>/SKLM/rest/v1/servedData?offset=1&count=2 Content-Type: application/json Accept : application/json Authorization : SKLMAuth userAuthId=37ea1939-1374-4db7-84cd-14e399be2d20 Accept-Language : en
- Success response
Status Code : 200 OK Content-Language: en [ { "Device uuid" : "uuid103", "Serial Number": "null", "Volume Serial Number": "TEST", "World wide name": "null", "Key alias 1": "null", "Key alias 2": "null", "TimeStamp": "Thursday, January 26, 2016 5:44:19 AM Eastern Daylight Time", "Data Key Identifier (dki)": "null" "Attributes": "Attributes": "null", "Device Group Name": "UNSET" }, { "Device uuid" : "uuid101", "Serial Number": "null", "Volume Serial Number": "null", "World wide name": "null", "Key alias 1": "dsk00000000000000000e", "Key alias 2": "null", "TimeStamp": "Thursday, January 26, 2016 5:44:19 PM Eastern Daylight Time", "Data Key Identifier (dki)": "null", "Attributes": "null", "Device Group Name": "UNSET" } ]
- Error response
Status Code : 400 Bad Request Content-Language: en {"code":"CTGKM6002E","message":"CTGKM6002E Bad Request: Invalid user authentication ID or invalid request format."}