Api 1102 Latest Edition Of Microsoft
Applies to. Windows 10 Learn about an approach to collect events from devices in your organization. This article talks about events in both normal operations and when an intrusion is suspected. Windows Event Forwarding (WEF) reads any operational or administrative event log on a device in your organization and forwards the events you choose to a Windows Event Collector (WEC) server.
To accomplish this, there are two different of subscriptions published to client devices - the Baseline subscription and the suspect subscription. The Baseline subscription enrolls all devices in your organization, and a Suspect subscription only includes devices that have been added by you. The Suspect subscription collects additional events to help build context for system activity and can quickly be updated to accommodate new events and/or scenarios as needed without impacting baseline operations. This implementation helps differentiate where events are ultimately stored. Baseline events can be sent to devices with online analytical capability, such as Security Event Manager (SEM), while also sending events to a MapReduce system, such as HDInsight or Hadoop, for long-term storage and deeper analysis.
Events from the Suspect subscription are sent directly to a MapReduce system due to volume and lower signal/noise ratio, they are largely used for host forensic analysis. An SEM’s strength lies in being able to inspect, correlate events, and generate alerts for known patterns manner and alert security staff at machine speed. A MapReduce system has a longer retention time (years versus months for an SEM), larger ingress ability (hundreds of terabytes per day), and the ability to perform more complex operations on the data like statistical and trend analysis, pattern clustering analysis, or apply Machine Learning algorithms.
Here's an approximate scaling guide for WEF events: Events/second range Data store 0 - 5,000 SQL or SEM 5,000 - 50,000 SEM 50,000+ Hadoop/HDInsight/Data Lake Event generation on a device must be enabled either separately or as part of the GPO for the baseline WEF implementation, including enabling of disabled event logs and setting channel permissions. For more info, see.
API Reference Guide. Document Relevance and Accuracy. This document is considered relevant to the Release stated on this title page and the. Remember to always view and download the latest. Are trademarks of Kony, Inc. Microsoft, the Microsoft logo, Internet Explorer, Windows, and Windows Vista. Microsoft® Windows. Continued from page 1 There has been a lot of talk of a PC market slowdown, what's your take? I think it's going to be another good year. Model1 RAM ppm2 Low High Average Apple LaserWriter 12/640 PS 4MB 12 $995 $1,599 $1,159 -11% Brother HL-1660N 4MB 17 $945 $1,399 $1,102 N/A3 HP. Embed stunning, interactive data visualizations in applications, websites, portals, SharePoint, Microsoft Teams, and more, to showcase your business data in context. Using Power BI REST APIs and the Power BI SDK, you can easily embed interactive reports and dashboards, so your users can enjoy consistent, high-fidelity experiences across devices.
This is because WEF is a passive system with regards to the event log. It cannot change the size of event log files, enable disabled event channels, change channel permissions, or adjust a security audit policy. WEF only queries event channels for existing events.
Additionally, having event generation already occurring on a device allows for more complete event collection building a complete history of system activity. Otherwise, you'll be limited to the speed of GPO and WEF subscription refresh cycles to make changes to what is being generated on the device.
On modern devices, enabling additional event channels and expanding the size of event log files has not resulted in noticeable performance differences. For the minimum recommended audit policy and registry system ACL settings, see and. Note: These are only minimum values need to meet what the WEF subscription selects. From a WEF subscription management perspective, the event queries provided should be used in two separate subscriptions for ease of maintenance; only machines meeting specific criteria would be allowed access to the targeted subscription, this access would be determined by an algorithm or an analysts’ direction.
All devices should have access to the Baseline subscription. This means you would create two base subscriptions:. Baseline WEF subscription.
Events collected from all hosts, this includes some role-specific events, which will only be emitted by those machines. Targeted WEF subscription. Events collected from a limited set of hosts due to unusual activity and/or heightened awareness for those systems. Each using the respective event query below. Note that for the Targeted subscription enabling the “read existing events” option should be set to true to allow collection of existing events from systems. By default, WEF subscriptions will only forward events generated after the WEF subscription was received by the client. In and, the event query XML is included when creating WEF subscriptions.
These are annotated for query purpose and clarity. Individual element can be removed or edited without affecting the rest of the query. Common WEF questions This section addresses common questions from IT pros and customers. Will the user notice if their machine is enabled for WEF or if WEF encounters an error? The short answer is: No. The longer answer is: The Eventlog-forwardingPlugin/Operational event channel logs the success, warning, and error events related to WEF subscriptions present on the device. Unless the user opens Event Viewer and navigates to that channel, they will not notice WEF either through resource consumption or Graphical User Interface pop-ups.
Even if there is an issue with the WEF subscription, there is no user interaction or performance degradation. All success, warning, and failure events are logged to this operational event channel.
Is WEF Push or Pull? A WEF subscription can be configured to be push or pull, but not both. The simplest, most flexible IT deployment with the greatest scalability can be achieved by using a push, or source initiated, subscription. WEF clients are configured by using a GPO and the built-in forwarding client is activated.
For pull, collector initiated, the subscription on the WEC server is pre-configured with the names of the WEF Client devices from which events are to be selected. Those clients also have to be configured ahead of time to allow the credentials used in the subscription to access their event logs remotely (normally by adding the credential to the Event Log Readers built-in local security group.) A useful scenario: closely monitoring a specific set of machines. Will WEF work over VPN or RAS? WEF handles VPN, RAS, and DirectAccess scenarios well and will reconnect and send any accumulated backlog of events when the connection to the WEF Collector is re-established.
How is client progress tracked? The WEC server maintains in its registry the bookmark information and last heartbeat time for each event source for each WEF subscription. When an event source re-connects to a WEC server, the last bookmark position is sent to the device to use as a starting point to resume forwarding events. If a WEF client has no events to send, the WEF client will connect periodically to send a Heartbeat to the WEC server to indicate it is active.
This heartbeat value can be individually configured for each subscription. Will WEF work in an IPv4, IPv6, or mixed IPv4/IPv6 environment?
WEF is transport agnostic and will work over IPv4 or IPv6. Are WEF events encrypted?
I see an HTTP/HTTPS option! In a domain setting, the connection used to transmit WEF events is encrypted using Kerberos, by default (with NTLM as a fallback option, which can be disabled by using a GPO). Only the WEF collector can decrypt the connection. Additionally, the connection between WEF client and WEC server is mutually authenticated regardless of authentication type (Kerberos or NTLM.) There are GPO options to force Authentication to use Kerberos Only. This authentication and encryption is performed regardless if HTTP or HTTPS is selected.
The HTTPS option is available if certificate based authentication is used, in cases where the Kerberos based mutual authentication is not an option. The SSL certificate and provisioned client certificates are used to provide mutual authentication. Do WEF Clients have a separate buffer for events? The WEF client machines local event log is the buffer for WEF for when the connection to the WEC server is lost. To increase the “buffer size”, increase the maximum file size of the specific event log file where events are being selected.
For more info, see. When the event log overwrites existing events (resulting in data loss if the device is not connected to the Event Collector), there is no notification sent to the WEF collector that events are lost from the client. Neither is there an indicator that there was a gap encountered in the event stream. What format is used for forwarded events?
WEF has two modes for forwarded events. The default is “Rendered Text” which includes the textual description of the event as you would see it in Event Viewer. This means that the event size is effectively doubled or tripled depending on the size of the rendered description. The alternative mode is “Events” (also sometimes referred to as “Binary” format) – which is just the event XML itself sent in binary XML format (as it would be written to the evtx file.) This is very compact and can more than double the event volume a single WEC server can accommodate. A subscription “testSubscription” can be configured to use the Events format through the WECUTIL utility: @rem required to set the DeliveryMaxItems or DeliveryMaxLatencyTime Wecutil ss “testSubscription” /cf:Events How frequently are WEF events delivered? Event delivery options are part of the WEF subscription configuration parameters – There are three built-in subscription delivery options: Normal, Minimize Bandwidth, and Minimize Latency.
A fourth, catch-all called “Custom” is available but cannot be selected or configured through the WEF UI by using Event Ciewer. The Custom delivery option must be selected and configured using the WECUTIL.EXE command-line application. All subscription options define a maximum event count and maximum event age, if either limit is exceeded then the accumulated events are sent to the event collector. This table outlines the built-in delivery options: Event delivery optimization options Description Normal This option ensures reliable delivery of events and does not attempt to conserve bandwidth. It is the appropriate choice unless you need tighter control over bandwidth usage or need forwarded events delivered as quickly as possible.
It uses pull delivery mode, batches 5 items at a time and sets a batch timeout of 15 minutes. Minimize bandwidth This option ensures that the use of network bandwidth for event delivery is strictly controlled. It is an appropriate choice if you want to limit the frequency of network connections made to deliver events. It uses push delivery mode and sets a batch timeout of 6 hours. In addition, it uses a heartbeat interval of 6 hours. Minimize latency This option ensures that events are delivered with minimal delay. It is an appropriate choice if you are collecting alerts or critical events.
It uses push delivery mode and sets a batch timeout of 30 seconds. For more info about delivery options, see. The primary difference is in the latency which events are sent from the client.
If none of the built-in options meet your requirements you can set Custom event delivery options for a given subscription from an elevated command prompt: @rem required to set the DeliveryMaxItems or DeliveryMaxLatencyTime Wecutil ss “SubscriptionNameGoesHere” /cm:Custom @rem set DeliveryMaxItems to 1 event Wecutil ss “SubscriptionNameGoesHere” /dmi:1 @rem set DeliveryMaxLatencyTime to 10 ms Wecutil ss “SubscriptionNameGoesHere” /dmlt:10 How do I control which devices have access to a WEF Subscription? For source initiated subscriptions: Each WEF subscription on a WEC server has its own ACL for machine accounts or security groups containing machine accounts (not user accounts) that are explicitly allowed to participate in that subscription or are explicitly denied access. This ACL applies to only a single WEF subscription (since there can be multiple WEF subscriptions on a given WEC server), other WEF Subscriptions have their own separate ACL. For collector initiated subscriptions: The subscription contains the list of machines from which the WEC server is to collect events. This list is managed at the WEC server, and the credentials used for the subscription must have access to read event logs from the WEF Clients – the credentials can be either the machine account or a domain account. Can a client communicate to multiple WEF Event Collectors?
If you desire a High-Availability environment, simply configure multiple WEC servers with the same subscription configuration and publish both WEC Server URIs to WEF clients. WEF Clients will forward events simultaneously to the configured subscriptions on the WEC servers, if they have the appropriate access. What are the WEC server’s limitations? There are three factors that limit the scalability of WEC servers. The general rule for a stable WEC server on commodity hardware is “10k x 10k” – meaning, no more than 10,000 concurrently active WEF Clients per WEC server and no more than 10,000 events/second average event volume. The WEC server does not process or validate the received event, but rather buffers the received event and then logs it to a local event log file (EVTX file).
The speed of logging to the EVTX file is limited by the disk write speed. Isolating the EVTX file to its own array or using high speed disks can increase the number of events per second that a single WEC server can receive. Network Connections. While a WEF source does not maintain a permanent, persistent connection to the WEC server, it does not immediately disconnect after sending its events. This means that the number of WEF sources that can simultaneously connect to the WEC server is limited to the open TCP ports available on the WEC server. Registry size.
For each unique device that connects to a WEF subscription, there is a registry key (corresponding to the FQDN of the WEF Client) created to store bookmark and source heartbeat information. If this is not pruned to remove inactive clients this set of registry keys can grow to an unmanageable size over time. When a subscription has 1000 WEF sources connect to it over its operational lifetime, also known as lifetime WEF sources, Event Viewer can become unresponsive for a few minutes when selecting the Subscriptions node in the left-navigation, but will function normally afterwards. At 50,000 lifetime WEF sources, Event Viewer is no longer an option and wecutil.exe (included with Windows) must be used to configure and manage subscriptions. At 100,000 lifetime WEF sources, the registry will not be readable and the WEC server will likely have to be rebuilt. Subscription information Below lists all of the items that each subscription collects, the actual subscription XML is available in an Appendix. These are separated out into Baseline and Targeted.
The intent is to subscribe all hosts to Baseline, and then enroll (and remove) hosts on an as needed basis to the Targeted subscription. Baseline subscription While this appears to be the largest subscription, it really is the lowest volume on a per-device basis. (Exceptions should be allowed for unusual devices – a device performing complex developer related tasks can be expected to create an unusually high volume of process create and AppLocker events.) This subscription does not require special configuration on client devices to enable event channels or modify channel permissions.
The subscription is essentially a collection of query statements applied to the Event Log. This means that it is modular in nature and a given query statement can be removed or changed without impacting other query statement in the subscription. Additionally, suppress statements which filter out specific events, only apply within that query statement and are not to the entire subscription. Baseline subscription requirements To gain the most value out of the baseline subscription we recommend to have the following requirements set on the device to ensure that the clients are already generating the required events to be forwarded off the system. Apply a security audit policy that is a super-set of the recommended minimum audit policy.
For more info, see. This ensures that the security event log is generating the required events.
Apply at least an Audit-Only AppLocker policy to devices. If you are already whitelisting or blacklisting events by using AppLocker, then this requirement is met. AppLocker events contain extremely useful information, such as file hash and digital signature information for executables and scripts. Enable disabled event channels and set the minimum size for modern event files. Currently, there is no GPO template for enabling or setting the maximum size for the modern event files. This must be done by using a GPO. For more info, see.
The annotated event query can be found in the following. For more info, see. Anti-malware events from Microsoft Antimalware or Windows Defender. This can be configured for any given anti-malware product easily if it writes to the Windows event log. Security event log Process Create events. AppLocker Process Create events (EXE, script, packaged App installation and execution). Registry modification events.
For more info, see. OS startup and shutdown. Startup event include operating system version, service pack level, QFE version, and boot mode. Service install. Includes what the name of the service, the image path, and who installed the service. Certificate Authority audit events.
This is only applicable on systems with the Certificate Authority role installed. Logs certificate requests and responses. User profile events. Use of a temporary profile or unable to create a user profile may indicate an intruder is interactively logging into a device but not wanting to leave a persistent profile behind. Service start failure.
Failure codes are localized, so you have to check the message DLL for values. Network share access events. Filter out IPC$ and /NetLogon file shares, which are expected and noisy.
System shutdown initiate requests. Find out what initiated the restart of a device. User initiated interactive logoff event. Remote Desktop Services session connect, reconnect, or disconnect. EMET events, if EMET is installed. Event forwarding plugin events.
For monitoring WEF subscription operations, particularly Partial Success events. This is useful for diagnosing deployment issues. Network share create and delete.
Enables detection of unauthorized share creation. Note: All shares are re-created when the device starts.
Logon sessions. Logon success for interactive (local and Remote Interactive/Remote Desktop). Logon success for services for non-built-in accounts, such as LocalSystem, LocalNetwork, and so on. Logon success for batch sessions. Logon session close, which are logoff events for non-network sessions. Windows Error Reporting (Application crash events only).
This can help detect early signs of intruder not familiar with enterprise environment using targeted malware. Event log service events. Errors, start events, and stop events for the Windows Event Log service. Event log cleared (including the Security Event Log). This could indicate an intruder that are covering their tracks. Special privileges assigned to new logon.
This indicates that at the time of logon a user is either an Administrator or has the sufficient access to make themselves Administrator. Outbound Remote Desktop Services session attempts. Visibility into potential beachhead for intruder. System time changed. SMB Client (mapped drive connections). Account credential validation.
Local accounts or domain accounts on domain controllers. A user was added or removed from the local Administrators security group. Crypto API private key accessed. Associated with signing objects using the locally stored private key. Task Scheduler task creation and delete. Task Scheduler allows intruders to run code at specified times as LocalSystem. Logon with explicit credentials.
Detect credential use changes by intruders to access additional resources. Smartcard card holder verification events. This detects when a smartcard is being used. Suspect subscription This adds some possible intruder-related activity to help analyst further refine their determinations about the state of the device. Logon session creation for network sessions.
Enables time-series analysis of network graphs. RADIUS and VPN events. Useful if you use a Microsoft IAS RADIUS/VPN implementation. It shows user- IP address assignment with remote IP address connecting to the enterprise. Crypto API X509 object and build chain events. Detects known bad certificate, CA, or sub-CA. Detects unusual process use of CAPI.
Groups assigned to local logon. Gives visibility to groups which enable account wide access. Allows better planning for remediation efforts. Excludes well known, built-in system accounts.
Logon session exit. Specific for network logon sessions. Client DNS lookup events. Returns what process performed a DNS query and the results returned from the DNS server. Process exit. Enables checking for processes terminating unexpectedly.
Local credential validation or logon with explicit credentials. Generated when the local SAM is authoritative for the account credentials being authenticated. Noisy on domain controllers. On client devices this is only generated when local accounts log on. Registry modification audit events.
Only when a registry value is being created, modified, or deleted. Wireless 802.1x authentication. Detect wireless connection with a peer MAC address. Windows PowerShell logging. Covers Windows PowerShell 2.0 and later and includes the Windows PowerShell 5.0 logging improvements for in-memory attacks using Windows PowerShell. Includes Windows PowerShell remoting logging.
User Mode Driver Framework “Driver Loaded” event. Can possibly detect a USB device loading multiple device drivers. For example, a USBSTOR device loading the keyboard or network driver. Appendix A - Minimum recommended minimum audit policy If your organizational audit policy enables additional auditing to meet its needs, that is fine. The policy below is the minimum audit policy settings needed to enable events collected by both baseline and targeted subscriptions.
If I had to pick one development platform as the most awkward for working with the Omniture web services it has to be Microsoft’s.NET. With Visual Studio 2005 it wasn’t too bad.
You could simply leverage the WSE 3.0 extension and you were in business. But in Visual Studio 2010, WSE has been deprecated in favor of WCF, and unfortunately WCF doesn’t play nicely with the Password Digest authentication method used by the Omniture web services.
Microsoft declares “B1102 WCF never emits Nonce and Created sub-elements of the UsernameToken.” This is a problem since the Omniture authentication requires both the Nonce and Created elements. Luckily, talented Microsoft developers, like ASzego, have come to the rescue and have tweaked the WCF stack to solve the problem.
See ASzego’s description of the problem and his solution here. I’ve taken this code and packaged it up into a DLL file.
I’ve also generated a second DLL file that contains the code produced from.NETs digestion of the Omniture WSDL. This code also needed a bit of tweaking which I won’t go into here. Both of these DLL files have been added to the code gallery here.
What we have below is a getting started guide for putting together a quick VS2010 (C#) project that utilizes these two DLL files to make a successful request with the Omniture APIs. Step 1: Create new Console application Step 2: Copy the UsernameTokenLibrary.dll and OmnitureAPI.dll into the project. Step 3: Add each dll file as a reference. Step 4: Add “System.ServiceModel” as a reference under the “.NET” tab.
Step 5: Add the following code into the Main method OmnitureWebServicePortTypeClient client = OmnitureWebServicePortTypeClient.getClient('api username', 'api secret', 'int tokenCount = client.CompanyGetTokenCount; Console.WriteLine(tokenCount); Console.ReadLine; //this is just to pause and observe the result when debugging Step 6: Replace the first to arguments to the “getClient” method with your actual API username and API secret. Also, the third (endpoint) parameter may need to be adjusted based on which data center your account is tied to. Step 7: Add the following “using” statements to the top of the file using System.ServiceModel; using System.ServiceModel.Description; using System.ServiceModel.Channels; using Microsoft.ServiceModel.Samples.CustomToken; using Adobe.OmnitureAPI; Step 8: Run the application – observe the token count in the console window.
Finally, I must admit that I have very little experience with.NET and Visual Studio. The time I have spent is only due to the several desperate pleas I’ve seen for help in this area. If you have a better solution for using the Omniture APIs in VS 2010 I would love to hear it. Please post your feedback.
Thanks, Sean. Hi,sgubler you are so enthusiastic! I am the pre-sale analysis man for my organization and responsible for assess the integration between our system and Omniture SiteCatalyst. When i test the Web service Enterprise API through the sanbox and i have two questions as below: 1.
Api 1102 Latest Edition Of Microsoft Word
Can we set up a web service user account that only can access few report suite? Report element: searchEngineKeyword,searchEngine, eVar# report metric: visits,averageTimeSpentOnSite, Single Access,Entries. Bounce Rate =Single Access/Entries, so we can get the avg time on site and bounce rate just from SiteCatalyst now? We need to know these results before we decide to use Omniture service.
Since we can not get the confirm from our consultant. I am really appreciate any assistance you can provide us on this, Many thanks.
Hi, Has anyone got this working with a larger number of rows? How did you make it work? When I increase intResultsToGet to, say, 1000 I get this error 'The maximum message size quota for incoming messages (65536) has been exceeded.
To increase the quota, use the MaxReceivedMessageSize property on the appropriate binding element'. As the Binding class (in the getClient method in Reference.cs) has no MaxReceivedMessageSize property I have tried substituting it for BasicHttpBinding but can't get that to authenticate with the API. Great work sgubler, this has been really helpful so far. Hi, i try to use Omniture wsdl with WCF and VS2010. The link for using wcf is really usefull, but i found some problems. I download wsdl from web, because ( i think ) wsdl used in seems to be different and problem start: i try to convert wsdl with vs tool, svcutil.exe and also with wsdl.exe, but with no success, i always get rpc error.
Analizing the output i saw this warning // CODEGEN: Generating message contract since the wrapper name CodeManager.DeleteCodeArchive) of message CodeManager.DeleteCodeArchiveRequest does not match the default value (CodeManagerDeleteCodeArchive) for all entries. So i try to modify the wsdl to bypass this conversion problem and it works, i also add some line of code to use it throught proxy that requires authentication, but now i have a problem with buffer size, like Whiteleyn. I try to modify settings in app.config (maxReceivedMessageSize ecc. ), but when i try to retrive data from DataWarehouseGet.GeportData (wsdl entry) always receive error about 'The maximum message size quota for incoming messages (65536). Do anyone have some suggestion? Hi, excuse me, i read with attention Chris.Lee answer about buffer problem, and your snippet work, great, thank you. But i have another problem, the same that i got same time ago using old reference method ( wsdl.exe instead of wcf ) After send DataWarehouse.GetReportData, the program tries to parse response and return this error: The specified type was not recognized: name='datawarehousereportrow', namespace='at.
Api 1102 Pdf
If you have some advice, please let me know. Hi Sean, I have Followed the Instruction which is given above but while running my programme i met the exception below Exception: There was no endpoint listening at that could accept the message.
This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
My code: OmnitureWebServicePortTypeClient client = OmnitureWebServicePortTypeClient.getClient('username', 'secret', 'int tokenCount = client.CompanyGetTokenCount; Console.WriteLine(tokenCount); Console.ReadLine; can you help me to resolve this issue. Thanks: Suresh. Hi Matt, I very sure this is will be another exception. Sorry I don't know the problem much without any details,but i suggest you try to modify the encoding setting in BindingHelper.cs 'TextMessageEncodingBindingElement textBindingElement = new TextMessageEncodingBindingElement ( MessageVersion.Soap11, new UTF8Encoding ( false, false ) );' WCF is very powerful. You can extend the IClientMessageFormatter,IDispatchMessageFormatter,MessageEncoder,EndpointBehavior.so on.That will very convenient on value monitor and debug. I suggest starting a forum thread to chat about this library.
Hi sgubler, I have been creating an application to consume the Omniture API and I have been getting the same error as the first comment. After using a packet monitoring program I received the error 'Could not establish trust relationship for the SSL/TLS secure channel with authority 'api.omniture.com'.' Along with this the certificate validation method receives the status information as 'A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.' My guess it has something to with my credentials however, when I look into the marketing suite portal the username and shared secret is correct. Am I missing something is setting up something? Hi, we are upgrading from SQL 2005 to 2012 and trying to convert my API calls to WCF.
I have registered both dll's to GAC using strong name (adding it as reference was giving me error for some reason) and i can even see using gacutil -v that they are strongly named yet i am getting error on 'UsernameTokenLibrary' complaining that it not strongly named. Below is the error that i am getting 'Could not load file or assembly 'UsernameTokenLibrary, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' or one of its dependencies.
A strongly-named assembly is required. (Exception from HRESULT: 0x80131044)' i have windows 7 64 bit installed and using.NET framework 4 any ides how i can resolve this issue? Sean, Thanks for this, you've saved me a lot of frustration with getting this to work for a BI project we're starting to work on. Hi, I am new to Omniture and have been assigned to create a client that we can somehow schedule to to send request to Omniture Datawarehouse to run the report and FTP the results to us.
I am trying to figure out how to do this using C# and also wondering the reason behind using WCF. I was thinking of creating a console application that will send the request and also setup a SQL Agent job to run the console application once a week. Your help in understanding the role of WCF and also getting started with console application will be really appreciated. Thanks Syed Zaidi. Following up on the first comment for the error 'Element 'faultstring' with namespace name ' was not found'. Why doesn't the API library throw an exception with the actual faulstring message? It sounds more like the library doesn't know how to handle error responses from the server.
With automated processes we need to be able to log the specific error messages. Right now it appears the only way to get the real error message is to open up Fiddler and recreate the issue to monitor the traffic going back and forth to capture the server response. Hi Sean, We have been using SSIS 2012(Visual studio) to make API calls and everything works fine with API 1.3. But now we need to migrate to API 1.4 since the segments created after the update release doesn't appear in API 1.3.
I have converted API 1.4 wsdl to dll file and also successfully registered it using Gacutil.exe. But I am not able to figure out that how do I authenticate myself in API 1.4? For example we are using the following code to authenticate in API 1.3. OmnitureWebServicePortTypeClient client = OmnitureWebServicePortTypeClient.getClient('api username', 'api secret', 'But I couldn't find OmnitureWebServicePortTypeClient class in API 1.4. Do you know how do I resolve this? Thanks, Gopal.