Raw Records Search

Field Values

get

Values that can be used for the field parameter in subsequent search API calls

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
contextstring · enumRequired

Data category or event type to query (e.g., alerts, audit logs, blocked traffic, network flows, DNS queries)

Possible values:
Responses
200

An object which contains response metadata information and a data array of Fields.

application/json
get
/api/v1/search/{context}/fields

Search Records

post

Retrieves a list of individual events or records for the specified context over a given time range. This call takes advantage of the Netography Query Language via the search parameter.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
contextstring · enumRequired

Data category or event type to query (e.g., alerts, audit logs, blocked traffic, network flows, DNS queries)

Possible values:
Body

Search configuration schema for querying data. This schema defines the parameters used to filter and retrieve records from a dataset.

startintegerRequired

When the search should begin. Timestamp or negative number of seconds to look back.

Example: -7200
endintegerRequired

When the search should end. Timestamp, 0 for now or negative number of seconds to look back.

Example: 0
sizeintegerOptional

Number of results to return. To avoid timeouts on large datasets, we recommend setting this value.

Example: 100
fromintegerOptional

Used in pagination. Combination of from + size

includestring[] · max: 100Optional

Array of fields you want returned as part of the records. Default is ALL fields.

searchstringOptional

A NQL search filter for constraining the dataset.

Example: bits > 1000
Responses
200

An object which contains response metadata information and a data array of records

application/json
post
/api/v1/search/{context}
PreviousAnalyticsNextRaw Records Fetch

Last updated