How to export specific field values for all Cloud SWG Admin users
search cancel

How to export specific field values for all Cloud SWG Admin users

book

Article ID: 265158

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

Cloud SWG tenant has more than 100 administrators defined to manage the service.

For compliance reasons, SOC team needs to provide a report of all admins accessing the Cloud SWG Portal, with the following information:

  1. Full Name
  2. Email Address
  3. Role
  4. Enabled Status

Can go through each administrator manually and gather the information needed, but very cumbersome.


Is it possible to generate such a report?

Environment

Cloud SWG Portal.

Resolution

Although no report is available that will do this, there is an easy way of pulling this information out of Cloud SWG using the following approach:

- From Cloud SWG Portal, go to Account Configuration/Administrators/Admins and Users

- Start developer tools and click the highlighted refresh button to generate a request to read the admin info

 

- Highlight the POST request to directprovider endpoint and browse to the 'Response' tab to view the JSON output that includes all the administrator information for this tenant. Save this JSON file as results.json.

 

- Using the following Python script, we can readin the results.json file from previous step and output the needed fields:

import json

# Opening JSON file
f = open('results.json',)

# returns JSON object as
# a dictionary
data = json.load(f)

# Iterating through the json
# list

# Iterate through the "users" array and print the desired variables
for user in data["result"]:
    print("Name:", user["firstName"])
    print("Email:", user["email"])
    print("Enabled:", user["enabled"])
    print("Roles:", user["roles"])
    print()

# Closing file
f.close()

 

Additional Information

Sample output after saving results.json file

 

$ python.exe dump-user.py

Name: User One
Email: [email protected]
Enabled: True
Roles: ['ROLE_ADMIN', 'ROLE_REPORT_USER']

Name: User Two
Email: [email protected]
Enabled: True
Roles: ['ROLE_REPORT_USER']

Name: User Three
Email: [email protected]
Enabled: True
Roles: ['ROLE_ADMIN', 'ROLE_REPORT_USER', 'ROLE_REVIEWER']