Get Script Execution Result Files

post /public_api/v1/scripts/get_script_execution_results_files

Get the files retrieved from a specific endpoint during a script execution.

Required license: Cortex XDR Pro per Endpoint or Cortex XDR Pro per GB

CURL

  curl -X POST \

-H "Accept: application/json" \
 -H "Content-Type: application/json" \
"https://api-yourfqdn/public_api/v1/scripts/get_script_execution_results_files" \
 -d '{
  "request_data" : {
    "action_id" : "action_id",
    "endpoint_id" : "endpoint_id"
  }
}'
  

Response

                {
    "reply": {
        "DATA": "https://example-link"
    }
}
              

Request

Body

optional

request_data

required

A dictionary containing the API request fields.

action_id

required

String

Identifier of the action, can be found in Cortex XDR console Response > Action Center > Action ID field.

endpoint_id

required

String

Endpoint ID.

Responses

Successful response

Body

optional

JSON object containing the query result.

data

optional

String

A signed public link to a zip file containing the retrieved files. Link expires after 10 minutes.

Bad Request. Got an invalid JSON.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.

Unauthorized access. User does not have the required license type to run this API.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.

Internal server error. A unified status for API communication type errors.

Body

The query result upon error.

err_code

optional

String

HTTP response code.

err_msg

optional

String

Error message.

Example: {"line": 1, "column": 19, "message": "no viable alternative at input '|alter2'"}

err_extra

optional

String

Additional information describing the error.