post
/public_api/v1/actions/file_retrieval_details
View the API required to call in order to download the file retrieved by the Retrieve File API request according to the action ID.
Required license: Cortex XDR Prevent, Cortex XDR Pro per Endpoint, or Cortex XDR Pro per GB
The response contains a file hash you need to download and then unzip to view: 1. Download the file.
curl
curl -XPOST "https://api-{fqdn}/public_api/v1/download/<api_value>"
-H "x-xdr-auth-id:{API_KEY_ID}"
-H "Authorization:{API_KEY}"
-H 'Content-Type:application/json'
--output /tmp/file.zip
2. Unzip the file: unzip /tmp/file.zip
Body parameters
request_dataObjectrequired
A dictionary containing the API request fields.
group_action_idString
The action ID of the Retrieve File API response.
REQUEST BODY
{
"request_data": {
"group_action_id": "<action ID>"
}
}
CURL
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
'https://api-yourfqdn/public_api/v1/actions/file_retrieval_details'
-d
''
Responses