Skip to main content
McAfee Enterprise MVISION Cloud

Anomalies

The Anomalies Report returns information about all detected anomalies for a tenant within a specified timeframe. This report is equivalent to the one available on the Shadow IT Services Anomalies page.

Endpoint Name

https://{{fabric}}/shnapi/rest/reporting/csv/queryAnomalies

Required Headers

  • Authorization: User name and password used to access the MVISION Cloud Cloud Manager.
  • Content-Type: Application/json

Required Parameters

  • templateId : Must always be set to 10 (integer)

Optional Parameters

  • eventFilter
  • serviceidentifiers
  • anomalyidentifiers
  • userIdentifiers
  • userOrIP

Sample Request

{
    "templateId": 10,
    "tableVisbilityMap": {
        "Severity": true,
        "Service Name": true,
        "Date / Time": true,
        "Anomaly Type": true,
        "Activity Type": true,
        "Response": true,
        "User Risk Level": true,
        "User / IP Address": true,
        "Anomaly Value": true,
        "Threshold": true,
        "Destination Host": true
    }
}

Sample Response

Severity,ID,Service Name,Date / Time,Anomaly Type,Activity Type,Response,User Risk Level,User / IP Address,Anomaly Value,
Threshold Medium,365900209,Yandex.disk,21-Aug-2014 13:59:59,Data Transfer,Download,Allowed,Medium,
74411485CE2CB0C1167A71664B5F76ED8EADF338,54883903,2000185 Medium,365887884,Yandex.disk,
21-Aug-2014 20:16:35,Data Transfer,Download,Allowed,Medium,74411485CE2CB0C1167A71664B5F76ED8EADF338,54883902,2000185
High,365900189,Yandex.disk,22-Aug-2014 14:13:04,Unsupported Device,Download,Allowed,Medium,
7CE1813E3C7EB692C3D95811519954FE6C923795,, Low,365900213,Yandex.disk,22-Aug-2014 17:27:36,Data Transfer,Download,
Allowed,Medium,DD11A1F44CCA6FFE08C2AC9AEC4AFAA41728A7C3,20900493,2000185
  • Was this article helpful?