Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt

Use this file to discover all available pages before exploring further.

Returns all events matches the given query.

Basic Parameters

ParameterDescription
Query IDThe ID of the query.

Advanced Parameters

ParameterDescription
CursorThe cursor token for the next page. Leave blank to get the first page.

Example Output

{
	"data": [
		{
			"processIntegrityLevel": "string",
			"registryPath": "string",
			"loginsBaseType": "string",
			"indicatorMetadata": "string",
			"processDisplayName": "string",
			"agentUuid": "string",
			"processUniqueKey": "string",
			"dstPort": "integer",
			"registryId": "string",
			"dnsRequest": "string",
			"agentIsActive": "boolean",
			"agentOs": "linux",
			"direction": "string",
			"oldFileSha256": "string",
			"srcPort": "integer",
			"agentVersion": "string",
			"loginsUserName": "string",
			"fileSha256": "string",
			"threatStatus": "string",
			"createdAt": "2018-02-27T04:49:26.257525Z",
			"signatureSignedInvalidReason": "string",
			"processIsWow64": "string",
			"signedStatus": "string",
			"agentName": "string",
			"taskName": "string",
			"agentIsDecommissioned": "boolean",
			"processGroupId": "string",
			"processIsRedirectedCommandProcessor": "string",
			"processStartTime": "string",
			"agentId": "string",
			"processCmd": "string",
			"processRoot": "string",
			"publisher": "string",
			"isAgentVersionFullySupportedForPgMessage": "string",
			"fileFullName": "string",
			"fileSha1": "string",
			"processUserName": "string",
			"agentGroupId": "string",
			"agentIp": "string",
			"agentNetworkStatus": "string",
			"sha1": "string",
			"oldFileName": "string",
			"taskPath": "string",
			"processImageSha1Hash": "string",
			"parentProcessGroupId": "string",
			"processSubSystem": "string",
			"processName": "string",
			"srcProcDownloadToken": "string",
			"agentDomain": "string",
			"pid": "string",
			"tid": "string",
			"networkSource": "string",
			"relatedToThreat": "string",
			"networkUrl": "string",
			"parentProcessStartTime": "string",
			"fileType": "string",
			"id": "string",
			"objectType": "string",
			"indicatorCategory": "string",
			"networkMethod": "string",
			"user": "string",
			"parentPid": "string",
			"indicatorName": "string",
			"connectionStatus": "string",
			"verifiedStatus": "string",
			"processImagePath": "string",
			"fileMd5": "string",
			"md5": "string",
			"processSessionId": "string",
			"oldFileSha1": "string",
			"parentProcessIsMalicious": "boolean",
			"forensicUrl": "string",
			"dnsResponse": "string",
			"eventType": "string",
			"fileId": "string",
			"oldFileMd5": "string",
			"parentProcessName": "string",
			"dstIp": "string",
			"processIsMalicious": "boolean",
			"indicatorDescription": "string",
			"agentInfected": "boolean",
			"trueContext": "string",
			"agentMachineType": "string",
			"sha256": "string",
			"isAgentVersionFullySupportedForPg": "boolean",
			"siteName": "string",
			"parentProcessUniqueKey": "string",
			"fileSize": "string",
			"rpid": "string",
			"srcIp": "string"
		}
	],
	"errors": [
		{
			"type": "object"
		}
	],
	"pagination": {
		"totalItems": 580,
		"nextCursor": "YWdlbnRfaWQ6NTgwMjkzODE="
	}
}

Workflow Library Example

Fetch Deep Visibility Query Results with Sentinelone and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop