Keystrokes

Quick Navigation

GET Sessions/{sessionId:int}/Keystrokes

Returns a list of Keystrokes by Session ID.

Password Safe Auditor Role, ISA Role, or a member of BeyondInsight Administrators group.

sessionId: ID of recorded RDP/SSH session

Content-Type: application/json

[
    {
        KeystrokeID: long, 
        SessionID: int, 
        TimeMarker: long, 
        Type: byte,
        Data: string
    },
    …
]

200 - Request successful. Keystrokes are in response body.

For more information, please see Common Response Codes.

GET Keystrokes/{id:long}

Returns a Keystroke by ID.

Password Safe Auditor Role, ISA Role, or a member of BeyondInsight Administrators group.

id: ID of a Keystroke.

Content-Type: application/json

{
    KeystrokeID: long, 
    SessionID: int,
    TimeMarker: long, 
    Type: byte ,
    Data: string
}

200 - Request successful. Keystroke in response body.

For more information, please see Common Response Codes.

POST Keystrokes/Search

Search for Keystrokes.

Password Safe Auditor Role, ISA Role, or a member of BeyondInsight Administrators group.

Content-Type: application/json

{
    Data: string,
    Type: byte
}
  • Data: (required) Keyword(s) for which to search.
  • Type: (default: 0) Type of keystrokes: 0 - All, 1 - StdIn, 2 - StdOut, 4 - Window Event, 5 - User Event.

Content-Type: application/json

[
    {
        KeystrokeID: long, 
        SessionID: int, 
        TimeMarker: long, 
        Type: byte,
        Data: string
    },
    …
]

200 - Request successful. Keystrokes are in response body.

For more information, please see Common Response Codes.