post
/public_api/v1/scheduled_queries/list
Return a list of scheduled queries. You can return all scheduled queries or filter results. You can also return extended results with all details included.
You must have Instance Administrator permissions to run this endpoint.
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
authorization_example
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
xXdrAuthId_example
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json,Retrieve all scheduled queries,Retrieve all scheduled queries with extended view'
-H
'Content-Type: application/json'
-H
'Authorization: authorization_example'
-H
'x-xdr-auth-id: xXdrAuthId_example'
'https://api-yourfqdn/public_api/v1/scheduled_queries/list'
-d
''
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
payload = "{\"request_data\":{\"filters\":[{\"field\":\"query_def_id\",\"operator\":\"EQ\",\"value\":\"string\"}],\"extended_view\":false,\"list_ids\":[\"string\"]}}"
headers = {
'Authorization': "SOME_STRING_VALUE",
'x-xdr-auth-id': "SOME_STRING_VALUE",
'content-type': "application/json"
}
conn.request("POST", "/public_api/v1/scheduled_queries/list", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v1/scheduled_queries/list")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'SOME_STRING_VALUE'
request["x-xdr-auth-id"] = 'SOME_STRING_VALUE'
request["content-type"] = 'application/json'
request.body = "{\"request_data\":{\"filters\":[{\"field\":\"query_def_id\",\"operator\":\"EQ\",\"value\":\"string\"}],\"extended_view\":false,\"list_ids\":[\"string\"]}}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"request_data": {
"filters": [
{
"field": "query_def_id",
"operator": "EQ",
"value": "string"
}
],
"extended_view": false,
"list_ids": [
"string"
]
}
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/v1/scheduled_queries/list");
xhr.setRequestHeader("Authorization", "SOME_STRING_VALUE");
xhr.setRequestHeader("x-xdr-auth-id", "SOME_STRING_VALUE");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/scheduled_queries/list")
.header("Authorization", "SOME_STRING_VALUE")
.header("x-xdr-auth-id", "SOME_STRING_VALUE")
.header("content-type", "application/json")
.body("{\"request_data\":{\"filters\":[{\"field\":\"query_def_id\",\"operator\":\"EQ\",\"value\":\"string\"}],\"extended_view\":false,\"list_ids\":[\"string\"]}}")
.asString();import Foundation
let headers = [
"Authorization": "SOME_STRING_VALUE",
"x-xdr-auth-id": "SOME_STRING_VALUE",
"content-type": "application/json"
]
let parameters = ["request_data": [
"filters": [
[
"field": "query_def_id",
"operator": "EQ",
"value": "string"
]
],
"extended_view": false,
"list_ids": ["string"]
]] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/scheduled_queries/list")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v1/scheduled_queries/list",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"request_data\":{\"filters\":[{\"field\":\"query_def_id\",\"operator\":\"EQ\",\"value\":\"string\"}],\"extended_view\":false,\"list_ids\":[\"string\"]}}",
CURLOPT_HTTPHEADER => [
"Authorization: SOME_STRING_VALUE",
"content-type: application/json",
"x-xdr-auth-id: SOME_STRING_VALUE"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/scheduled_queries/list");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "x-xdr-auth-id: SOME_STRING_VALUE");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"filters\":[{\"field\":\"query_def_id\",\"operator\":\"EQ\",\"value\":\"string\"}],\"extended_view\":false,\"list_ids\":[\"string\"]}}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v1/scheduled_queries/list");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "SOME_STRING_VALUE");
request.AddHeader("x-xdr-auth-id", "SOME_STRING_VALUE");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"request_data\":{\"filters\":[{\"field\":\"query_def_id\",\"operator\":\"EQ\",\"value\":\"string\"}],\"extended_view\":false,\"list_ids\":[\"string\"]}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Body parameters
application/json
request_dataobject
filtersarrayAn array of filter fields.
An array of filter fields.
[fieldstring (Enum)
operatorstring (Enum)
valuestring
]
fieldstring (Enum)Identifies the query field the filter is matching. Filters are based on the following keywords:
query_def_idtimestamp
Identifies the query field the filter is matching. Filters are based on the following keywords:
query_def_idtimestamp
Allowed values:"query_def_id""timestamp"
operatorstring (Enum)
Allowed values:"EQ""NEQ"
valuestring
extended_viewbooleanDisplay the extended view of the queries, which includes additional fields. If this is false, the response does not include total_count or result_count. Extended fields may change in future versions.
Display the extended view of the queries, which includes additional fields. If this is false, the response does not include total_count or result_count. Extended fields may change in future versions.
list_idsarray[string]List of scheduled query IDs to retrieve.
List of scheduled query IDs to retrieve.
REQUEST
{
"request_data": {
"extended_view": "True"
}
}{
"request_data": {}
}{
"request_data": {
"list_ids": [
"qc_1683029855_18777",
"qc_1678276807_6621"
]
}
}{
"request_data": {
"filters": [
{
"field": "query_def_id",
"operator": "EQ",
"value": "qc_1683029855_18777"
}
]
}
}Responses
OK
Body
replyobject
dataarray
[query_def_idstring
query_definition_namestring
xqlstring
timeframeobject
relativeTimestring
scheduleobject
run_dateinteger
trigger_typestring
tenantsobject
enableboolean
]
query_def_idstring
query_definition_namestring
xqlstring
timeframeobject
relativeTimestring
scheduleobject
run_dateinteger
trigger_typestring
tenantsobject
enableboolean
filter_countinteger
total_countinteger
RESPONSE
{
"reply": {
"data": [
{
"query_def_id": "example",
"query_definition_name": "example",
"xql": "example",
"timeframe": {
"relativeTime": "example"
},
"schedule": {
"run_date": 0,
"trigger_type": "example"
},
"tenants": {},
"enable": false
}
],
"filter_count": 0,
"total_count": 0
}
}RESPONSE
[Retrieve all scheduled queries content]RESPONSE
[Retrieve all scheduled queries with extended view content]Bad Request. Got an invalid JSON.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Unauthorized access. User does not have the required license type to run this API.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}Internal server error. A unified status for API communication type errors.
Body
application/json
The query result upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
Example:
"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"err_code": "example",
"err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}",
"err_extra": "example"
}