Run an open query.
External DocumentationTo learn more, visit the Nozomi Networks documentation.

Parameters

ParameterDescription
CountThe amount of results to return per page.
Page NumberThe page number to return.
QueryThe query to apply.

Example Output

{
	"result": [
		{
			"id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
			"ack": true,
			"risk": 0,
			"time": 0,
			"id_dst": "198.51.100.42",
			"id_src": "198.51.100.42",
			"status": "string",
			"properties": {},
			"closed_time": 0,
			"is_incident": true,
			"created_time": 0,
			"appliance_host": "string",
			"name": "string",
			"type_name": "string",
			"threat_name": "string",
			"description": "string",
			"note": "string",
			"ip_src": "198.51.100.42",
			"ip_dst": "198.51.100.42",
			"mac_src": "string",
			"mac_dst": "string",
			"port_dst": "string",
			"port_src": "string",
			"protocol": "string",
			"transport_protocol": "string",
			"severity": "string",
			"zone_dst": "string",
			"zone_src": "string",
			"dst_roles": "string",
			"src_roles": "string",
			"label_dst": "string",
			"label_src": "string",
			"bpf_filter": "string",
			"close_option": "string",
			"is_security": true,
			"trigger_type": "string",
			"capture_device": "string",
			"appliance_ip": "string",
			"custom_fields_src": "string",
			"custom_fields_dst": "string",
			"playbook_contents": "string",
			"trace_status": "string",
			"trace_sha1": "string",
			"record_created_at": 0,
			"type_id": "string",
			"trigger_id": "string"
		}
	],
	"header": [
		"string"
	],
	"total": 0
}

Workflow Library Example

Run Open Query with Nozomi Networks and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop