Monitor an active session

This method enables you to monitor an active PSM session using a connection method defined in the PVWA. For details on configuration, see Active session monitoring settings.

A response header defines which connection method is returned.

For details, see Privileged Session Management Interface.

URL

  • Make sure there are no spaces in the URL.

  • The following characters are not supported in URL values: + & %

  • If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/

 

 

 
https://<IIS_Server_Ip>/PasswordVault/API/LiveSessions/{liveSessionId}/Monitor/

The following mandatory value is required in the URL:

Parameter

liveSessionID

Type

String

Description

The unique ID of the PSM session to monitor.

Resource information

HTTP method

GET

Content type

application/json

Header parameter

Parameter

Description

Authorization

The token that identifies the session, encoded in BASE 64. See Authentication.

Type: String

Mandatory: Yes

Default value: None

 

Parameter

Accept

Type

String

Description

The table below describes the expected response format depending on the value of the Accept header in the request, per connection method configuration (RDP File or PSM Gateway).

 
PVWA configuration Optional values Connection method
RDP

application/json

application/octet-stream (default)

*/ *

RDPFile (JSON)

RDPFile (octet-stream raw)

PSMGW * / *

PSMGW (JSON)

Returns the HTML5 connection data.

PSMGW must be configured before using this REST API in order to receive a PSMGW response.

Body parameters

None

Result

Response header

Parameter

ConnectionMethod

Type

Boolean

Description

The method set in ConnectionType in the body parameters.

Values

PSMGW

RDPFile

Response body

There are two possible responses, depending on the connection method.

  
full address:s:<address>
server port:i:<port>

username:s:<username>
alternate shell:s:<username>

desktopwidth:i:<number>
desktopheight:i:<number>

screen mode id:i:<number>
redirectdrives:i:<number>

drivestoredirect:s:<string>
redirectsmartcards:i:<number>

EnableCredSspSupport:i:<number>
redirectcomports:i:<number>

remoteapplicationmode:i:<number>
use multimon:i:<number>

span monitors:i:<number>
  
{
"PSMGWURL": "<URL>",
"PSMGWRequest": "<Base64 Encoded Data>"
}

Parameter

PSMGWURL

Type

String

Description

The full URL of the HTML5 gateway web server.

Parameter

PSMGWRequest

Type

String

Description

Base64 encoded data passed to the web server, essential for the actual web server HTML5 connection. This data is passed through the web server HTTP Post request.

After receiving the PSMGW response, you can start a monitoring session via the PSM Gateway by sending a POST request to the URL specified in the response, in the PSMGWURL field.

Template:

  
{
"PSMGWRequest":"<Base64Response>"
}

The body of the POST request must contain the PSMGWRequest field obtained from the response.

Example:

 

  1. After obtaining the following response from PSMMonitor,

      
    {
"PSMGWURL":"https://<PSM gateway FQDN>:8443/guac/direct", "PSMGWRequest":"eyJ1k2VybmFtZSI6IlBTTUkb...00tUkRQIn0=" }


  2. The following POST request to https://<PSM gateway FQDN>:8443/guac/direct can be used to start a monitoring session via the PSM Gateway.

      
    {
"PSMGWRequest":"eyJ1k2VybmFtZSI6IlBTTUkb...00tUkRQIn0=" }

Return codes

For a complete list of return codes, see Return Codes.