Search Lookup Data
Search for lookup data.
Parameters
Parameter | Description |
---|---|
Collection Type | The collection type to query data for. |
Query | The query data to search for.For each collection type there will be a different set of queries.For example:For the asset collection type, the query will look like the following - entityname = "QUALYSTEST|30489654_42428" For the geolocation collection type, the query will look like the following - location = "City:Paris Region:A8 Country:FR" and longitude = "2.3488" |
Example Output
{
"available": "false",
"error": "false",
"events": [{
"directImport": "false",
"hour": "0",
"ignored": "false",
"invalid": "false",
"invalidEventAction": "0",
"tenantid": "1",
"tenantname": "Securonix",
"u_id": "-1",
"u_userid": "-1",
"result": {
"entry": [{
"key": "value_u_customfield4",
"value": "allows attackers to obtain sensitive information"
},
{
"key": "value_u_customfield11",
"value": "CVE-2014-2212"
},
{
"key": "lookupname",
"value": "VulnerableHostLookUpTable"
},
{
"key": "key",
"value": "WW9452"
}
]
}
}]
"from": "1533838272825",
"offset": "1000",
"query": "index=lookup and lookupname = \"VulnerableHostLookUpTable\"",
"searchViolations": "false",
"to": "1536516672825",
"totalDocuments": "1"
}
Workflow Library Example
Search Lookup Data with Securonix and Send Results Via Email
Preview this Workflow on desktop