Initiate Search - BlinkOps Documentation

Initiate a search for logs or events and retrieve a task ID that can be used in the Get Search Results action to retrieve the search results.

External DocumentationTo learn more, visit the LogRhythm documentation.

Basic Parameters

Parameter	Description
Maximum Messages To Index	The amount of results to be indexed.
Query Event Manager	Select to search events or logs.
Query Log Sources	A comma-separated list of message source IDs to filter results by.
Query Timeout	The time interval for the search to time-out.
Search Mode	The grouping and sort order.

Parameter	Description
Date Criteria Last Interval Value	The numeric amount for the selected time unit.
End Date	The end of the timeframe to search results from.
Filter - Field Operator	The condition to put amongst the field filters.
Filter - Group Operator	The operator to be applied among multiple filter groups.
Filter - Items	The items to filter by. For more information about using this parameter, refer to Logrhythm’s documentation.
Filter - Message Filter Type	The format of the search results.
Filter - Mode	Select whether to filter in or filter out the results.
Filter - Type	The type of the filter.
Last Interval Unit	The time unit used to define the search period.
Log Source IDs	A comma-separated list of log source IDs to filter results by.
Start Date	The start of the timeframe to search results from.
Use Inserted Date	Choose whether to filter the results by time, or leave both options unselected to disable time filtering.

{
	"taksId": 0,
	"taskStatus": "string",
	"responseMessage": "string",
	"statusMessage": "string",
	"statusCode": 0
}

Preview this Workflow on desktop