This is the API that is used for searching. This call takes advantage of the Netography Query Language via the search parameter.

External Documentation

To learn more, visit the Netography documentation.

Basic Parameters

ParameterDescription
ContextContext of the Search Request.
EndWhen the search should end. Timestamp, 0 for now or negative number of seconds to look back. For example: 0.
FromUsed in pagination. Combination of from + size.
SizeNumber of results to return. Default to 20.
StartWhen the search should begin. Timestamp or negative number of seconds to look back.For example: -7200.

Advanced Parameters

ParameterDescription
IncludeArray of fields you want returned as part of the records. Default is ALL fields.
SearchNQL search filter string.

Example Output

{
	"meta": {
		"code": 200,
		"count": 1
	},
	"data": [
		{
			"alerttype": "start",
			"description": "Srcip reputation is a known phisher",
			"severity": "medium",
			"start": 1618246683,
			"summary": "Knownphisher alert has started to dstip 10.0.0.1",
			"tags": [
				"aws"
			],
			"timestamp": 1618246748,
			"track_by": [
				"srcip",
				"dstip"
			]
		},
		{
			"bits": 624,
			"dstip": "192.168.2.1",
			"duration": 140006,
			"end": 1618433146,
			"flowsrcip": "172.16.1.1",
			"inputname": "ge-0/0/0.0",
			"output": 0,
			"protocol": "tcp",
			"srcip": "10.0.0.1",
			"start": 1618423146,
			"tags": [
				"edge"
			],
			"timestamp": 1618433146,
			"tcpflagsint": 16
		}
	]
}

Workflow Library Example

Search Records with Netography and Send Results Via Email

Preview this Workflow on desktop