Perform Network Search

POST 
/search

Perform a search against flow logs with an RQL query.

This endpoint ignores the body param default.

Download Network Search CSV

In addition to performing a network search, this API can perform the network search and download the results as a CSV file. To download the network search CSV, add the request HTTP header Accept: text/csv.

An example request body is:

{
  "cloudType": "",
  "id":"",
  "name":"",
  "description:"",
  "saved":false,
  "default":false,
  "query": "",
    "timeRange": {
      "type": "",
      "value": ""
    }
}

Request

application/json; charset=UTF-8

Body

required

Search model

filters object[]
View Order
Array [
name string
Name
value string
Value
operator string
Possible values: [=]
Operator
]
cloudType string

Possible values: [aws, azure, gcp, alibaba_cloud, oci]

Cloud Type

id string

Search ID

name string

Search Name

description string

Search Description

saved boolean

Search Exists

timeRange objectrequired

Model for TimeRangeConfig

value object

Model for RelativeTimeDuration

unit string

Possible values: [minute, hour, day, week, month, year]

Time unit

amount int32

Number of time units

query stringrequired

RQL Query

default boolean

Responses

200

success

application/json; charset=UTF-8

Schema

Schema

groupBy string[]

Group By

filters object[]
View Order
Array [
name string
Name
value string
Value
operator string
Possible values: [=]
Operator
]
timeGranularity string

Time Granularity

alertId string

Alert ID

cloudType string

Possible values: [aws, azure, gcp, alibaba_cloud, oci]

Cloud Type

id string

Search ID

name string

Search Name

description string

Search Description

searchType string

Possible values: [network, audit_event, config, asset]

Search Type

asyncResultUrl string

Async Result Url

saved boolean

Search Exists

timeRange objectrequired

Model for TimeRangeConfig

value object

Model for RelativeTimeDuration

unit string

Possible values: [minute, hour, day, week, month, year]

Time unit

amount int32

Number of time units

query stringrequired

RQL Query

cursor int32

Cursor

data object
default boolean
async boolean

true = Is Async

Example (from schema)

{
  "groupBy": [
    "string"
  ],
  "filters": [
    {
      "name": "string",
      "value": "string",
      "operator": "="
    }
  ],
  "timeGranularity": "string",
  "alertId": "string",
  "cloudType": "aws",
  "id": "string",
  "name": "string",
  "description": "string",
  "searchType": "network",
  "asyncResultUrl": "/search/config/jobs/2df49d4f72e842b582b123bc2b7826b3/download",
  "saved": true,
  "timeRange": {
    "type": "relative",
    "value": {
      "unit": "minute",
      "amount": 0
    }
  },
  "query": "string",
  "cursor": 0,
  "data": {},
  "default": true,
  "async": true
}

400

invalid_parameter_value

404

not_found

Loading...