Skip to main content

List threats



Retrieve an aggregated list of all threats across tenants.


Query Parameters

    agg_by string

    Must be tenant. Using the query parameter returns all the aggregated responses for the current parent tenant and its child tenants. If not used, the results for just the current tenant are returned.

    Example: tenant

Header Parameters

    X-PANW-Region string

    Must be one of the following: de, americas, europe, uk, sg, ca, jp, au, in. Returns details from the Cortex Data Lake (CDL) region specified. If no region is specified, the default response is americas CDL region.

    Example: americas


    filter object

    Threats list filter. Consists of a required operator and an array of rules objects.

    operator stringrequired

    Must be AND.

    rules object[]
  • Array [
  • operator string

    Must be AND.

    property string

    Filter property field that is one of the example values

    values string[]

    Filter property value

  • ]
  • properties object[]required

    List of property json objects

  • Array [
  • alias string
    function string

    Operations that need to be run on the property field. Operations can be run only on number properties.

    property string

    Threat list property. See ThreatProperty.

    sort object
    order string

    Sort Order for the property

  • ]