Get Search Status
Get a search's status by an account and search ID.
Parameters
| Parameter | Description |
|---|---|
| Account ID | The user account ID. |
| Search ID | The search ID. |
Example Output
{
"account_id": "10110100",
"details": {
"request": "SELECT message, parsed.rule_id FROM logmsgs WHERE time_recv BETWEEN 1541030399 AND 1541030461 AND EXISTS(message) ORDER by time_recv DESC LIMIT 10000",
"search_type": "interactive",
"submit_ts": 1581070840,
"stats": {
"fetchers_executed": 10,
"filter_process_time": 514,
"filtered_batches": 1,
"filtered_bytes": 27638,
"filtered_compressed_bytes": 27638,
"filtered_records": 1177,
"filters_executed": 1,
"filters_scheduled": 1,
"input_scanned_bytes": 517718,
"input_scanned_packets": 9,
"input_scanned_records": 13152,
"intervals_requested": 2,
"libalalgo_gaps_parse_call_count": 13152,
"libalalgo_json_parse_call_count": 487,
"libalalgo_kv_parse_call_count": 0,
"messages_parse_error": 0,
"messages_parsed": 2623,
"messages_unparsed": 10529,
"output_records": 1177,
"recurse_sorts": 1,
"sort_recurse_time": 300,
"sorts_executed": 2
},
"update_ts": 1581070843
},
"search_progress": {
"input_scanned_bytes": 517718,
"input_scanned_records": 13152,
"estimated_output_records": 1177
},
"search_start": 1111111111,
"search_end": 1234567890,
"search_status": "complete",
"search_uuid": "C4CBB079-7C4A-4A26-908A-79BEC9EA394B",
"status_details": "complete",
"total_found": 1177
}
Workflow Library Example
Get Search Status with Alert Logic and Send Results Via Email
Preview this Workflow on desktop