The filter
object parameter allows you to specify values of certain data types to include or exclude from your report. You must provide this object as the filter
parameter and not in the body of the request. For example, you can target historical config details for a specific domain while excluding certain actions that are not relevant to the target report data.
Here is an expanded JSON for use as a URL-encoded GET parameter:
{
"action": {
"in": [ "1" ]
},
"isAlert": {
"in": [ "true" ]
},
"site": {
"in": [ "-1" ]
},
"list": {
"in": [ "1" ]
},
"policy": {
"in": [ "164" ]
},
"category": {
"in": [ "1" ]
},
"domain": {
"in": [ "njit.edu." ]
}
}
Object members include:
Member | Type | Description |
---|---|---|
action | String | JSON criteria object representing in and not-in clauses for action. |
category | String | JSON criteria object representing in and not-in clauses for category. |
confidence | String | JSON criteria object representing in and not-in clauses for confidence. |
destinationIp | String | JSON criteria object representing in and not-in clauses for destination IP. |
destinationPort | String | JSON criteria object representing in and not-in clauses for destination port. |
domain | String | JSON criteria object representing in and not-in clauses for detection domain. |
hostname | String | JSON criteria object representing in and not-in clauses for hostname. |
internalIp | String | JSON criteria object representing in and not-in clauses for internal IP. |
isAlert | String | JSON criteria object representing in and not-in clauses for alerts. |
list | String | JSON criteria object representing in and not-in clauses for list. |
machineName | String | JSON criteria object representing in and not-in clauses for machine name. |
policy | String | JSON criteria object representing in and not-in clauses for policy. |
sinkholeId | String | JSON criteria object representing in and not-in clauses for sinkhole ID. |
sinkholeIp | String | JSON criteria object representing in and not-in clauses for sinkhole IP. |
site | String | JSON criteria object representing in and not-in clauses for site. A site ID of -1 points to the roaming location. |
sourcePort | String | JSON criteria object representing in and not-in clauses for source port. |
uuid | String | JSON criteria object representing in and not-in clauses for UUID. |
Each filter specifies a set of terms that are in
or nin
(not in) the report:
Member | Type | Description |
---|---|---|
in | Array | An array of strings containing unique identifiers for any filter parameter to include in the report. |
nin | Array | An array of strings containing unique identifiers for any filter parameter to exclude in the report. |