Resource
There is no persistent data associated with this resource.
Methods |
|
|---|---|
|
RPC for fetching cases for the given caseNames. |
|
Legacy streaming endpoint for getting alerts (and in some cases, non-alerting detections) along with aggregated fields that match the query. |
|
Legacy endpoint for fetching csv rows for matching UDM search. |
|
Legacy endpoint for fetching events, filters, and histograms matching UDM search. |
|
Legacy endpoint for getting events for an asset indicator. |
|
Legacy endpoint for getting events for a raw log search query. |
|
Legacy endpoint for finding UDM/entity events using tokens or ids. |
|
RPC for fetching an alert based on its Alert Id. |
|
Legacy RPC for listing detection counts and last detection timestamp for a list of Curated Rule ids. |
|
Legacy endpoint for fetching a Detection. |
|
Legacy endpoint for getting event for curated detection. |
|
RPC to get rule counts. |
|
Legacy RPC for listing detection counts and last detection timestamp for a list of user-defined rule ids. |
|
Legacy RPC to test a rule and stream back the responses. |
|
Legacy endpoint for getting events for a given artifact. |
|
Rpc to search for IoC details for a particular artifact. |
|
Legacy endpoint for getting events for a given asset. |
|
Legacy endpoint for searcing detections for a Curated Rule. |
|
LegacySearchCustomerStats gets data collection stats about a customer, e.g., the first time data was seen from a customer, the last time, etc. |
|
Legacy endpoint for searching detections for a rule version. |
|
Given a list of domain names and a time, returns only the domains that were recently registered relative to that time. |
|
Given a list of domain names, returns time-related statistics for those domains (ex: the first seen in the enterprise time). |
|
RPC for getting all alerts in a time range in legacy page site. |
|
RPC for listing IoC matches against ingested events. |
|
Legacy endpoint for listing Findings. |
|
LegacySearchIngestionStats gets data ingestion stats about a given customer, e.g. |
|
Rpc to list IoC insights on given artifacts. |
|
Legacy endpoint for getting events for a raw log search. |
|
Legacy endpoint for listing detection count buckets for a Rules Engine rule. |
|
Legacy RPC for listing events associated with a particular Detection generated by a Rules Engine rule. |
|
Legacy endpoint for listing aggregated results for a Rules Engine rule. |
|
RPC to get the list of Rules Enginer generated alerts for a customer. |
|
Legacy endpoint for getting events for a given user. |
|
Legacy StreamDetectionAlerts continuously streams new detection alerts as they are discovered. |
|
LegacyTestRuleStreaming tests the given rule text over a specified time range and streams detections/errors back without persisting them. |
|
Legacy endpoint for updating an alert. |