List threat count
Retrieve an aggregated count of threats across tenants.
Query Parameters
Must be tenant
. Using the query parameter returns all the aggregated responses for the current parent tenant and its child tenants. If not used, the results for just the current tenant are returned.
Header Parameters
Must be one of the following: de
, americas
, europe
, uk
, sg
, ca
, jp
, au
, in
. Returns details from the Cortex Data Lake (CDL) region specified. If no region is specified, the default response is americas
CDL region.
Request Body
- Array [
- ]
filter object
Resource count filter. Consists of a required operator and an array of rules objects.
Must be AND
.
rules object[]
See UrlLogsRule and TimeFilter.
Filter operator that is one of the example values and is run on the property field
Filter property field that is one of the example values
Filter property value
Filter operator that is one of the example values and is run on the property field
Filter property field that is one of the example values
Filter property values
properties object[] required
List of property json objects
App summary property. See ResourceProperty.
- 200
- 400
- 500
Success
Schema
- any
[
{
"threat_count": 10,
"threat_sub_type": "<threat_sub_type>",
"unique_threat_count": 5
}
]
[
{
"count": 10,
"event_time": "<event_time_ms>"
}
]
[
{
"source_user": "<source-user>",
"source_user_info_name": "<source-user-info-name>",
"total_threat_count": 3999,
"unique_threat_count": 3924
}
]
Bad Request
Server Error