About querying access control events by insertion timestamp
Using AccessControlRawEventReportQuery in the platform SDK, you can query access control events by insertion timestamp, event type, position, and Access Manager role.
Requirements
Security Center 5.11.0.0 SDK or later.
How it works
In Security Center 5.11.0.0, the EventStream table was added to the Access Manager database to store event data so that events can be queried by insertion timestamp through the AccessControlRawEventReportQuery in the SDK. By default, events are not added to this table when they are added to the Access Manager database. Manually enable the events to be inserted in the EventStream table by creating an advanced setting in Config Tool.
Samples
For an example of how to use the query, refer to the AccessControlRawEventQuerySample that is included in the standard SDK samples.
Enabling access control events in the EventStream table
For events to be inserted in the EventStream table in the Access Manager database, so that they can be queried by insertion timestamp, you must first create the AccessManagerEventStream advanced setting in Config Tool.