Get Security Threat Logs

🔒 `getSecurityThreatLogs` API

💡 Overview

The getSecurityThreatLogs API allows mobile applications to retrieve historical threat data detected by the Ditto ID SDK. This is useful for security auditing, threat resolution, or providing users with transparency around security activities on their device.

🔍 Purpose

This API fetches logs of previously detected security threats. These can be analyzed to understand patterns or respond to security incidents reported by end users.

🗓 User Experience: Recommended UI Screen

A Security Logs screen should be presented to the user listing all historical threats.
Each entry should show:
- 🔎 Threat Name
- ⚠️ Severity (e.g. LOW, MEDIUM, HIGH)
- 🗓️ Timestamp (based on log order)
- 📅 Category (SYSTEM, NETWORK, APPLICATION)
- ✉️ Description/message
Optionally, allow users to view expanded details for appInfo or networkInfo if present.

📁 API Reference

✅ Platforms

React Native

RdnaClient.getSecurityThreatLogs(startIndex, totalCount, (syncResponse) => {});

Flutter

rdnaClient.getSecurityThreatLogs(<int startIndex, int count>);

Cordova

com.uniken.rdnaplugin.RdnaClient.getSecurityThreatLogs(
  successCallback(responseString),
  errorCallback,
  [<int startIndex, int count>]
);

Native iOS

(RDNAError *)getSecurityThreatLogs:(int)startIndex withCount:(int)count 
  withThreatLogs:(RDNAThreatLogDetails **)threatLogs;

Native Android

RDNAStatus<RDNAThreatLogDetails> getSecurityThreatLogs(Context context, int startIndex, int count);

🔎 Parameters

Parameter	Type	Description
startIndex	Integer	Index from which to begin fetching logs
totalCount	Integer	Number of records to fetch (-1 for all)

↪️ Return Type

Success: List of RDNAThreatLogDetails
Failure: Error object

🔢 Response Payload Fields

Field	Type	Description
threatId	int	Unique identifier for the threat
threatName	string	Name of the detected threat
threatMsg	string	Detailed description of the threat
threatReason	string	Additional context or reason if applicable
threatCategory	string	SYSTEM, NETWORK, APPLICATION
threatSeverity	string	LOW, MEDIUM, HIGH
configuredAction	string	Default action (REPORT, TERMINATE, etc.)
appInfo	object	`{appName, appSha256, packageName}` if app threat
networkInfo	object	`{ssid, bssid, maliciousAddress, maliciousMacAddress}` if network threat
shouldProceedWithThreats	bool	User action to proceed
rememberActionForSession	bool	Remember this action for the session

🔢 Possible Values

threatSeverity

Value	Description
LOW	Minimal risk threat
MEDIUM	Moderate threat
HIGH	Critical threat

configuredAction

Value	Meaning
REPORT	Report to user
TERMINATE	SDK should terminate session

❌ Error Codes and Actions

Error Code	Description	Action Required
1000	Invalid parameters	Validate and retry with correct values
1001	No threat logs found	Show empty state screen
1002	SDK not initialized	Initialize SDK first
1003	Internal SDK error	Retry or contact support
1004	Unauthorized access	Re-authenticate or logout

Updated 4 months ago

What’s Next

onUserConsentThreats