post
/public_api/v2/alerts/get_alerts_multi_events
Get a list of alerts with multiple events.
- The response is concatenated using AND condition (OR is not supported).
- The maximum result set size is 100.
- Offset is the zero-based number of alerts from the start of the result set.
Cortex XDR displays in the API response whether a PAN NGFW type alert contains a PCAP triggering packet. Use the Retrieve PCAP Packet API to retrieve a list of alert IDs and their associated PCAP data.
Note: You can send a request to retrieve either all or filtered results.
Required license: Cortex XDR Prevent, Cortex XDR Pro per Endpoint, or Cortex XDR Pro per GB
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
authorization_example
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
xXdrAuthId_example
Accept-Encoding
String
For retrieving a compressed gzipped response
For retrieving a compressed gzipped response
Example:
acceptEncoding_example
Default:
gzip
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'Authorization: authorization_example'
-H
'x-xdr-auth-id: xXdrAuthId_example'
-H
'Accept-Encoding: acceptEncoding_example'
'https://api-yourfqdn/public_api/v2/alerts/get_alerts_multi_events'
-d
''
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
payload = "{\"request_data\":{\"filters\":[{\"field\":\"alert_id_list\",\"operator\":\"in\",\"value\":[\"low\"]}]}}"
headers = {
'Authorization': "SOME_STRING_VALUE",
'x-xdr-auth-id': "SOME_STRING_VALUE",
'Accept-Encoding': "SOME_STRING_VALUE",
'content-type': "application/json"
}
conn.request("POST", "/public_api/v2/alerts/get_alerts_multi_events", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v2/alerts/get_alerts_multi_events")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'SOME_STRING_VALUE'
request["x-xdr-auth-id"] = 'SOME_STRING_VALUE'
request["Accept-Encoding"] = 'SOME_STRING_VALUE'
request["content-type"] = 'application/json'
request.body = "{\"request_data\":{\"filters\":[{\"field\":\"alert_id_list\",\"operator\":\"in\",\"value\":[\"low\"]}]}}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"request_data": {
"filters": [
{
"field": "alert_id_list",
"operator": "in",
"value": [
"low"
]
}
]
}
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/v2/alerts/get_alerts_multi_events");
xhr.setRequestHeader("Authorization", "SOME_STRING_VALUE");
xhr.setRequestHeader("x-xdr-auth-id", "SOME_STRING_VALUE");
xhr.setRequestHeader("Accept-Encoding", "SOME_STRING_VALUE");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v2/alerts/get_alerts_multi_events")
.header("Authorization", "SOME_STRING_VALUE")
.header("x-xdr-auth-id", "SOME_STRING_VALUE")
.header("Accept-Encoding", "SOME_STRING_VALUE")
.header("content-type", "application/json")
.body("{\"request_data\":{\"filters\":[{\"field\":\"alert_id_list\",\"operator\":\"in\",\"value\":[\"low\"]}]}}")
.asString();import Foundation
let headers = [
"Authorization": "SOME_STRING_VALUE",
"x-xdr-auth-id": "SOME_STRING_VALUE",
"Accept-Encoding": "SOME_STRING_VALUE",
"content-type": "application/json"
]
let parameters = ["request_data": ["filters": [
[
"field": "alert_id_list",
"operator": "in",
"value": ["low"]
]
]]] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v2/alerts/get_alerts_multi_events")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v2/alerts/get_alerts_multi_events",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"request_data\":{\"filters\":[{\"field\":\"alert_id_list\",\"operator\":\"in\",\"value\":[\"low\"]}]}}",
CURLOPT_HTTPHEADER => [
"Accept-Encoding: SOME_STRING_VALUE",
"Authorization: SOME_STRING_VALUE",
"content-type: application/json",
"x-xdr-auth-id: SOME_STRING_VALUE"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v2/alerts/get_alerts_multi_events");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "x-xdr-auth-id: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "Accept-Encoding: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"filters\":[{\"field\":\"alert_id_list\",\"operator\":\"in\",\"value\":[\"low\"]}]}}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v2/alerts/get_alerts_multi_events");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "SOME_STRING_VALUE");
request.AddHeader("x-xdr-auth-id", "SOME_STRING_VALUE");
request.AddHeader("Accept-Encoding", "SOME_STRING_VALUE");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"request_data\":{\"filters\":[{\"field\":\"alert_id_list\",\"operator\":\"in\",\"value\":[\"low\"]}]}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Body parameters
application/json
request_dataobjectA dictionary containing the API request fields.
An empty dictionary returns all results.
A dictionary containing the API request fields.
An empty dictionary returns all results.
filtersarrayArray of filter fields.
Array of filter fields.
[fieldstring (Enum)
operatorstring (Enum)
valueinteger or array[['integer', 'string']]
]
fieldstring (Enum)Alert field the filter is matching. Filters are based on the following keywords:
alert_id_list: List of integers of the alert IDalert_source: List of strings of the alert sourceseverity: List of strings of the alert severityceation_time: Timestamp of the creation timeserver_creation_time: Timestamp of when Cortex XDR created the alert
Alert field the filter is matching. Filters are based on the following keywords:
alert_id_list: List of integers of the alert IDalert_source: List of strings of the alert sourceseverity: List of strings of the alert severityceation_time: Timestamp of the creation timeserver_creation_time: Timestamp of when Cortex XDR created the alert
Allowed values:"alert_id_list""alert_source""severity""creation_time""server_creation_time"
operatorstring (Enum)Identifies the comparison operator you want to use for this filter. Possible values:
in
- permitted for
alert_id, alert_source, and severity
gte / lte- Permitted only for `creation_time'
Identifies the comparison operator you want to use for this filter. Possible values:
in
- permitted for
alert_id,alert_source, andseverity gte/lte- Permitted only for `creation_time'
Allowed values:"in""gte""lte"
valueinteger or array[['integer', 'string']]Value that the filter must match. The contents of this field differ depending on the alert field that you specified for this filter.
Value that the filter must match. The contents of this field differ depending on the alert field that you specified for this filter.
REQUEST
{
"request_data": {
"filters": [
{
"field": "severity",
"operator": "in",
"value": [
"medium",
"high"
]
}
]
}
}Responses
OK
Body
application/json
replyobjectJSON object containing the query result.
JSON object containing the query result.
total_countintegerThe number of total results returned by this filter without paging. If the filter returns more than 9,999 the total_count value returned will be 9.999. You can use paging to view the entire set of data.
The number of total results returned by this filter without paging. If the filter returns more than 9,999 the total_count value returned will be 9.999. You can use paging to view the entire set of data.
result_countintegerThe number of alerts actually returned as results.
The number of alerts actually returned as results.
alertsarrayA list of alerts.
A list of alerts.
[agent_os_sub_typestring
fw_app_categoryobject
fw_app_idobject
fw_app_subcategoryobject
fw_app_technologyobject
categorystring
causality_actor_process_command_linearray[string]
causality_actor_process_image_md5array[string]
causality_actor_process_image_namearray[string]
causality_actor_process_image_patharray[string]
causality_actor_process_image_sha256array[string]
causality_actor_process_signature_statusarray[string]
causality_actor_process_signature_vendorarray[string]
causality_actor_causality_idarray[string]
identity_sub_typeobject
identity_typeobject
operation_nameobject
projectobject
cloud_providerobject
referenced_resourceobject
resource_sub_typeobject
resource_typeobject
cluster_nameobject
container_idobject
contains_featured_hostarray[string]
contains_featured_iparray[string]
contains_featured_userarray[string]
action_countryarray[string]
descriptionstring
fw_interface_toobject
dns_query_nameobject
agent_device_domainobject
fw_email_recipientobject
fw_email_senderobject
fw_email_subjectobject
event_typearray[string]
is_whitelistedboolean
action_file_macro_sha256object
action_file_md5object
action_file_nameobject
action_file_pathobject
action_file_sha256object
fw_device_nameobject
fw_rule_idobject
fw_ruleobject
fw_serial_numberobject
agent_fqdnobject
agent_os_typestring
image_nameobject
actor_process_image_namearray[string]
actor_process_command_linearray[string]
actor_process_image_md5array[string]
actor_process_image_patharray[string]
actor_process_os_pidarray[integer]
actor_process_image_sha256array[string]
actor_process_signature_statusarray[string]
actor_process_signature_vendorarray[string]
actor_thread_thread_idarray[integer]
fw_is_phishingarray[string]
action_local_ipobject
action_local_portobject
fw_miscobject
mitre_tactic_id_and_namearray[string]
mitre_technique_id_and_namearray[string]
module_idobject
fw_vsysobject
os_actor_process_command_linearray[string]
os_actor_thread_thread_idarray[integer]
os_actor_process_image_namearray[string]
os_actor_process_os_pidarray[integer]
os_actor_process_image_sha256array[string]
os_actor_process_signature_statusarray[string]
os_actor_process_signature_vendorarray[string]
os_actor_effective_usernameobject
action_process_signature_statusarray[string]
action_process_signature_vendorobject
action_registry_dataobject
action_registry_full_keyobject
action_external_hostnameobject
action_remote_ipobject
action_remote_portobject
matching_service_rule_idstring
fw_interface_fromobject
starredboolean
action_process_image_command_lineobject
action_process_image_nameobject
action_process_image_sha256object
fw_url_domainobject
user_agentobject
fw_xffobject
external_idstring
severitystring
matching_statusstring
end_match_attempt_tsobject
local_insert_tsinteger
last_modified_tsobject
bioc_indicatorobject
attempt_counterinteger
bioc_category_enum_keyobject
case_idinteger
deduplicate_tokensobject
filter_rule_idobject
agent_versionstring
agent_ip_addresses_v6object
agent_data_collection_statusobject
agent_is_vdiboolean
agent_install_typestring
agent_host_boot_timearray[integer]
event_sub_typearray[integer]
association_strengtharray[integer]
dst_association_strengthobject
story_idobject
event_idarray[string]
event_timestamparray[integer]
actor_process_instance_idarray[string]
actor_process_causality_idarray[string]
actor_causality_idarray[string]
causality_actor_process_execution_timearray[integer]
action_registry_key_nameobject
action_registry_value_nameobject
action_local_ip_v6object
action_remote_ip_v6object
action_process_instance_idobject
action_process_causality_idobject
os_actor_process_instance_idarray[string]
os_actor_process_image_patharray[string]
os_actor_process_causality_idarray[string]
os_actor_causality_idobject
dst_agent_idarray[string]
dst_causality_actor_process_execution_timeobject
dst_action_external_hostnameobject
dst_action_countryobject
dst_action_external_portobject
is_pcapboolean
alert_typestring
resolution_statusstring
resolution_commentobject
dynamic_fieldsobject
tagsarray[string]
alert_idstring
detection_timestampinteger
namestring
endpoint_idstring
host_iparray[string]
host_namestring
actionstring
original_tagsarray[string]
user_namearray[string]
mac_addressesobject
sourceobject
action_prettystring
]
agent_os_sub_typestring
fw_app_categoryobject
fw_app_idobject
fw_app_subcategoryobject
fw_app_technologyobject
categorystring
causality_actor_process_command_linearray[string]
causality_actor_process_image_md5array[string]
causality_actor_process_image_namearray[string]
causality_actor_process_image_patharray[string]
causality_actor_process_image_sha256array[string]
causality_actor_process_signature_statusarray[string]
causality_actor_process_signature_vendorarray[string]
causality_actor_causality_idarray[string]
identity_sub_typeobject
identity_typeobject
operation_nameobject
projectobject
cloud_providerobject
referenced_resourceobject
resource_sub_typeobject
resource_typeobject
cluster_nameobject
container_idobject
contains_featured_hostarray[string]
contains_featured_iparray[string]
contains_featured_userarray[string]
action_countryarray[string]
descriptionstring
fw_interface_toobject
dns_query_nameobject
agent_device_domainobject
fw_email_recipientobject
fw_email_senderobject
fw_email_subjectobject
event_typearray[string]
is_whitelistedboolean
action_file_macro_sha256object
action_file_md5object
action_file_nameobject
action_file_pathobject
action_file_sha256object
fw_device_nameobject
fw_rule_idobject
fw_ruleobject
fw_serial_numberobject
agent_fqdnobject
agent_os_typestring
image_nameobject
actor_process_image_namearray[string]
actor_process_command_linearray[string]
actor_process_image_md5array[string]
actor_process_image_patharray[string]
actor_process_os_pidarray[integer]
actor_process_image_sha256array[string]
actor_process_signature_statusarray[string]
actor_process_signature_vendorarray[string]
actor_thread_thread_idarray[integer]
fw_is_phishingarray[string]
action_local_ipobject
action_local_portobject
fw_miscobject
mitre_tactic_id_and_namearray[string]
mitre_technique_id_and_namearray[string]
module_idobject
fw_vsysobject
os_actor_process_command_linearray[string]
os_actor_thread_thread_idarray[integer]
os_actor_process_image_namearray[string]
os_actor_process_os_pidarray[integer]
os_actor_process_image_sha256array[string]
os_actor_process_signature_statusarray[string]
os_actor_process_signature_vendorarray[string]
os_actor_effective_usernameobject
action_process_signature_statusarray[string]
action_process_signature_vendorobject
action_registry_dataobject
action_registry_full_keyobject
action_external_hostnameobject
action_remote_ipobject
action_remote_portobject
matching_service_rule_idstring
fw_interface_fromobject
starredboolean
action_process_image_command_lineobject
action_process_image_nameobject
action_process_image_sha256object
fw_url_domainobject
user_agentobject
fw_xffobject
external_idstring
severitystring
matching_statusstring
end_match_attempt_tsobject
local_insert_tsinteger
last_modified_tsobject
bioc_indicatorobject
attempt_counterinteger
bioc_category_enum_keyobject
case_idinteger
deduplicate_tokensobject
filter_rule_idobject
agent_versionstring
agent_ip_addresses_v6object
agent_data_collection_statusobject
agent_is_vdiboolean
agent_install_typestring
agent_host_boot_timearray[integer]
event_sub_typearray[integer]
association_strengtharray[integer]
dst_association_strengthobject
story_idobject
event_idarray[string]
event_timestamparray[integer]
actor_process_instance_idarray[string]
actor_process_causality_idarray[string]
actor_causality_idarray[string]
causality_actor_process_execution_timearray[integer]
action_registry_key_nameobject
action_registry_value_nameobject
action_local_ip_v6object
action_remote_ip_v6object
action_process_instance_idobject
action_process_causality_idobject
os_actor_process_instance_idarray[string]
os_actor_process_image_patharray[string]
os_actor_process_causality_idarray[string]
os_actor_causality_idobject
dst_agent_idarray[string]
dst_causality_actor_process_execution_timeobject
dst_action_external_hostnameobject
dst_action_countryobject
dst_action_external_portobject
is_pcapboolean
alert_typestring
resolution_statusstring
resolution_commentobject
dynamic_fieldsobject
tagsarray[string]
alert_idstring
detection_timestampinteger
namestring
endpoint_idstring
host_iparray[string]
host_namestring
actionstring
original_tagsarray[string]
user_namearray[string]
mac_addressesobject
sourceobject
action_prettystring
RESPONSE
{
"reply": {
"total_count": 0,
"result_count": 0,
"alerts": [
{
"agent_os_sub_type": "example",
"fw_app_category": {},
"fw_app_id": {},
"fw_app_subcategory": {},
"fw_app_technology": {},
"category": "example",
"causality_actor_process_command_line": [
"example"
],
"causality_actor_process_image_md5": [
"example"
],
"causality_actor_process_image_name": [
"example"
],
"causality_actor_process_image_path": [
"example"
],
"causality_actor_process_image_sha256": [
"example"
],
"causality_actor_process_signature_status": [
"example"
],
"causality_actor_process_signature_vendor": [
"example"
],
"causality_actor_causality_id": [
"example"
],
"identity_sub_type": {},
"identity_type": {},
"operation_name": {},
"project": {},
"cloud_provider": {},
"referenced_resource": {},
"resource_sub_type": {},
"resource_type": {},
"cluster_name": {},
"container_id": {},
"contains_featured_host": [
"example"
],
"contains_featured_ip": [
"example"
],
"contains_featured_user": [
"example"
],
"action_country": [
"example"
],
"description": "example",
"fw_interface_to": {},
"dns_query_name": {},
"agent_device_domain": {},
"fw_email_recipient": {},
"fw_email_sender": {},
"fw_email_subject": {},
"event_type": [
"example"
],
"is_whitelisted": false,
"action_file_macro_sha256": {},
"action_file_md5": {},
"action_file_name": {},
"action_file_path": {},
"action_file_sha256": {},
"fw_device_name": {},
"fw_rule_id": {},
"fw_rule": {},
"fw_serial_number": {},
"agent_fqdn": {},
"agent_os_type": "example",
"image_name": {},
"actor_process_image_name": [
"example"
],
"actor_process_command_line": [
"example"
],
"actor_process_image_md5": [
"example"
],
"actor_process_image_path": [
"example"
],
"actor_process_os_pid": [
0
],
"actor_process_image_sha256": [
"example"
],
"actor_process_signature_status": [
"example"
],
"actor_process_signature_vendor": [
"example"
],
"actor_thread_thread_id": [
0
],
"fw_is_phishing": [
"example"
],
"action_local_ip": {},
"action_local_port": {},
"fw_misc": {},
"mitre_tactic_id_and_name": [
"example"
],
"mitre_technique_id_and_name": [
"example"
],
"module_id": {},
"fw_vsys": {},
"os_actor_process_command_line": [
"example"
],
"os_actor_thread_thread_id": [
0
],
"os_actor_process_image_name": [
"example"
],
"os_actor_process_os_pid": [
0
],
"os_actor_process_image_sha256": [
"example"
],
"os_actor_process_signature_status": [
"example"
],
"os_actor_process_signature_vendor": [
"example"
],
"os_actor_effective_username": {},
"action_process_signature_status": [
"example"
],
"action_process_signature_vendor": {},
"action_registry_data": {},
"action_registry_full_key": {},
"action_external_hostname": {},
"action_remote_ip": {},
"action_remote_port": {},
"matching_service_rule_id": "example",
"fw_interface_from": {},
"starred": false,
"action_process_image_command_line": {},
"action_process_image_name": {},
"action_process_image_sha256": {},
"fw_url_domain": {},
"user_agent": {},
"fw_xff": {},
"external_id": "example",
"severity": "example",
"matching_status": "example",
"end_match_attempt_ts": {},
"local_insert_ts": 0,
"last_modified_ts": {},
"bioc_indicator": {},
"attempt_counter": 0,
"bioc_category_enum_key": {},
"case_id": 0,
"deduplicate_tokens": {},
"filter_rule_id": {},
"agent_version": "example",
"agent_ip_addresses_v6": {},
"agent_data_collection_status": {},
"agent_is_vdi": false,
"agent_install_type": "example",
"agent_host_boot_time": [
0
],
"event_sub_type": [
0
],
"association_strength": [
0
],
"dst_association_strength": {},
"story_id": {},
"event_id": [
"example"
],
"event_timestamp": [
0
],
"actor_process_instance_id": [
"example"
],
"actor_process_causality_id": [
"example"
],
"actor_causality_id": [
"example"
],
"causality_actor_process_execution_time": [
0
],
"action_registry_key_name": {},
"action_registry_value_name": {},
"action_local_ip_v6": {},
"action_remote_ip_v6": {},
"action_process_instance_id": {},
"action_process_causality_id": {},
"os_actor_process_instance_id": [
"example"
],
"os_actor_process_image_path": [
"example"
],
"os_actor_process_causality_id": [
"example"
],
"os_actor_causality_id": {},
"dst_agent_id": [
"example"
],
"dst_causality_actor_process_execution_time": {},
"dst_action_external_hostname": {},
"dst_action_country": {},
"dst_action_external_port": {},
"is_pcap": false,
"alert_type": "example",
"resolution_status": "example",
"resolution_comment": {},
"dynamic_fields": {},
"tags": [
"example"
],
"alert_id": "example",
"detection_timestamp": 0,
"name": "example",
"endpoint_id": "example",
"host_ip": [
"example"
],
"host_name": "example",
"action": "example",
"original_tags": [
"example"
],
"user_name": [
"example"
],
"mac_addresses": {},
"source": {},
"action_pretty": "example"
}
]
}
}Bad Request. Got an invalid JSON.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Unauthorized access. User does not have the required license type to run this API.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Internal server error. A unified status for API communication type errors.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}