List threats by source
Retrieve an aggregated count of critical threats by source across tenants, such as: remote networks, mobile users, or proxy nodes.
Query Parameters
- agg_by string
Must be
tenant. Using the query parameter returns all the aggregated responses for the current parent tenant and its child tenants. If not used, the results for just the current tenant are returned.Example: tenant
Header Parameters
- X-PANW-Region string
Must be one of the following:
de,americas,europe,uk,sg,ca,jp,au,in. Returns details from the Cortex Data Lake (CDL) region specified. If no region is specified, the default response isamericasCDL region.Example: americas
- application/json
Request Body
filter object
Threats by source filter. Consists of a required operator and an array of rules objects.
operator string requiredMust be
AND.rules object[]
See ThreatSrcRule and TimeFilter.
- anyOf
- ThreatSrcRule
- TimeFilter
Array [operator stringFilter operator that is one of the example values and is run on the property field
property stringFilter property field that is one of the example values
values string[]Filter property values
]Array [operator stringFilter operator that is one of the example values and is run on the property field
property stringFilter property field that is one of the example values
values string[]Filter property value
]Array [object]properties object[] required
List of property json objects
Array [alias stringproperty stringThreats by source property. See ThreatSrcProperty.
]
- 200
- 400
- 500
Success
- application/json
- Schema
- Threat Count by Source
- Threat Count by Source per Tenant
Schema
- any
[
{
"total_mobile_users": 10,
"total_proxy_nodes": 10,
"total_remote_network": 10,
"total_threats": 10
}
]
[
{
"sub_tenant_id": "<sub_tenant_id>",
"total_mobile_users": 10,
"total_proxy_nodes": 10,
"total_remote_network": 10,
"total_threats": 10
}
]
Bad Request
Server Error