List Signals - BlinkOps Documentation

Retrieve a list of signals highlighting interesting user or system behaviors for cyber investigations.

External DocumentationTo learn more, visit the Huntress documentation.

Basic Parameters

Parameter	Description
Entity ID	The entity ID to filter the signals by. Must be sent with the `Entity Type` parameter.
Entity Type	Select the entity type to filter the signals by.
Investigated At - Before	Return only signals investigated on or before this date and time. This value must be later than `Investigation Date - Start`.
Investigation Date - Start	Return only signals investigated on or after this date and time. This value must be earlier than `Investigation Date - End`.
Limit	The maximum number of results to return per page. Defaults to `10`, with a minimum of `1` and a maximum of `500`.
Page Token	The token used to retrieve the next page of results.
Return All Pages	Automatically fetch all resources, page by page.
Sort Direction	Select the sort direction for the results.
Sort Field	Select the field to sort the results by.

Advanced Parameters

Parameter	Description
Organization ID	The ID of the organization to filter the results by.
Statuses	Select the statuses of signals to filter by.
Types	Select the types of signals to filter by.

Example Output

{
	"signals": [
		{
			"id": 1,
			"created_at": "2025-06-26T18:57:03Z",
			"details": {
				"rule_name": "Firewall Disabled via Netsh",
				"username": "admin22",
				"process_name": "C:\\WINDOWS\\system32\\netsh.exe",
				"command_line": "NetSh.exe  Advfirewall set allprofiles state off",
				"registry_key": "",
				"file_path": "",
				"file_rename_target": "",
				"cleartext": ""
			},
			"entity": {
				"id": 72183,
				"name": "Laptop 52",
				"type": "agent"
			},
			"investigated_at": "2025-06-26T18:57:03Z",
			"investigation_context": "False Positive, Business Accepted Risk",
			"name": "Firewall Disabled via Netsh",
			"organization": {
				"id": 232,
				"name": "Huntress"
			},
			"status": "closed",
			"type": "Process Insights",
			"updated_at": "2025-06-26T18:57:03Z"
		}
	],
	"pagination": {
		"next_page_url": "string",
		"next_page_token": "string"
	}
}