UsageLogEvent
import type { UsageLogEvent } from "https://googleapis.deno.dev/v1/androidmanagement:v1.ts";
An event logged on the device.
§Properties
A shell command was issued over ADB via “adb shell command”. Part of SECURITY_LOGS.
An ADB interactive shell was opened via “adb shell”. Part of SECURITY_LOGS.
An app process was started. Part of SECURITY_LOGS.
A new root certificate was installed into the system's trusted credential storage. Part of SECURITY_LOGS.
A root certificate was removed from the system's trusted credential storage. Part of SECURITY_LOGS.
An X.509v3 certificate failed to validate, currently this validation is performed on the Wi-FI access point and failure may be due to a mismatch upon server certificate validation. However it may in the future include other validation events of an X.509v3 certificate. Part of SECURITY_LOGS.
A TCP connect event was initiated through the standard network stack. Part of NETWORK_ACTIVITY_LOGS.
Validates whether Android’s built-in cryptographic library (BoringSSL) is valid. Should always succeed on device boot, if it fails, the device should be considered untrusted. Part of SECURITY_LOGS.
Device has completed enrollment. Part of AMAPI_LOGS.
The particular usage log event type that was reported on the device. Use this to determine which event field to access.
A file was downloaded from the device. Part of SECURITY_LOGS.
A file was uploaded onto the device. Part of SECURITY_LOGS.
A cryptographic key including user installed, admin installed and system maintained private key is removed from the device either by the user or management. Part of SECURITY_LOGS.
A cryptographic key including user installed, admin installed and system maintained private key is installed on the device either by the user or management. Part of SECURITY_LOGS.
An attempt was made to unlock the device. Part of SECURITY_LOGS.
The keyguard was dismissed. Part of SECURITY_LOGS.
The device was locked either by user or timeout. Part of SECURITY_LOGS.
A cryptographic key including user installed, admin installed and system maintained private key is imported on the device either by the user or management. Part of SECURITY_LOGS.
A cryptographic key including user installed, admin installed and system maintained private key is determined to be corrupted due to storage corruption, hardware failure or some OS issue. Part of SECURITY_LOGS.
The audit log buffer has reached 90% of its capacity, therefore older events may be dropped. Part of SECURITY_LOGS.
usageLog policy has been enabled. Part of SECURITY_LOGS.
usageLog policy has been disabled. Part of SECURITY_LOGS.
A lost mode location update when a device in lost mode.
An outgoing phone call has been made when a device in lost mode.
Removable media was mounted. Part of SECURITY_LOGS.
Removable media was unmounted. Part of SECURITY_LOGS.
Device was shutdown. Part of SECURITY_LOGS.
Device was started. Part of SECURITY_LOGS.
The device or profile has been remotely locked via the LOCK command. Part of SECURITY_LOGS.
An attempt to take a device out of lost mode.
The work profile or company-owned device failed to wipe when requested. This could be user initiated or admin initiated e.g. delete was received. Part of SECURITY_LOGS.