Reports
The Reports API is used to retrieve report profiles and data, as well as to create, update, and delete custom reports.
End Points
Get report profiles
Get report data
Create Custom Report
Delete custom report
Update custom report
Get report profiles
This API retrieves the details of report profiles. It supports filtering by module name, category name, group name, and report ID.
⚠️ Note: By default, results are sorted in ascending order by module name, followed by category name, group name, and report ID.
OAuth Scope : reports.READ
Arguments
module_name
array
To filter the report profiles by module name.
Maximum: 20 module names
Maximum: 20 module names
category_name
array
To filter the report profiles by category name.
Maximum: 20 category names
Maximum: 20 category names
group_name
array
To filter the report profiles by group name.
Maximum: 20 group names
Maximum: 20 group names
report_id
array
To filter the report profiles by report ID.
Maximum: 20 report ids
Maximum: 20 report ids
from
integer
Starting range/index, default value is 1.
limit
integer
Total number of report profiles in the response, default value is 50. The user can specify the value to the maximum of 1000.
parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN");
response = invokeUrl
[
url: "http://localhost:8400/api/v2/report/profiles"
type: POST
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
.url("http://localhost:8400/api/v2/report/profiles")
.post(body)
.addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN")
.addHeader("content-type", "application/json")
.build();
Response response = client.newCall(request).execute();
const options = {
method: 'POST',
headers: {
Authorization: 'Bearer REPLACE_BEARER_TOKEN',
'content-type': 'application/json'
},
body: '{"field1":"value1","field2":"value2"}'
};
fetch('http://localhost:8400/api/v2/report/profiles', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import http.client
conn = http.client.HTTPConnection("localhost:8400")
payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"
headers = {
'Authorization': "Bearer REPLACE_BEARER_TOKEN",
'content-type': "application/json"
}
conn.request("POST", "/api/v2/report/profiles", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
const http = require("http");
const options = {
"method": "POST",
"hostname": "localhost",
"port": "8400",
"path": "/api/v2/report/profiles",
"headers": {
"Authorization": "Bearer REPLACE_BEARER_TOKEN",
"content-type": "application/json"
}
};
const req = http.request(options, function (res) {
const chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function () {
const body = Buffer.concat(chunks);
console.log(body.toString());
});
});
req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();
curl --request POST \
--url http://localhost:8400/api/v2/report/profiles \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"field1":"value1","field2":"value2"}'
{
"module_name": [
"Servers and Workstation"
],
"category_name": [
"Windows"
],
"group_name": [
"Windows Events"
],
"report_id": [
501
],
"from": 1,
"limit": 1000
}
{
"data": {
"module": [
{
"name": "Servers And Workstation",
"id": 301,
"category": [
{
"name": "Windows",
"id": 601,
"group": [
{
"reports": [
{
"annotation": "Showing reports for : All Events",
"report_id": 1531,
"unique_key": "Windows_All_Events",
"report_criteria": "(HOSTTYPE = 'windows')",
"report_type": "normal",
"report_name": "All Events"
}
],
"name": "Windows Events"
}
]
}
]
}
]
},
"meta": {
"total": 1
}
}
{
"code": "07001113",
"title": "Unauthorized",
"detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired."
}
{
"error": {
"code": "07001110",
"title": "Bad Request",
"detail": "Something went wrong."
}
}
Get report data
This api used to get report data by specifying its unique report ID which can be obtained via the report profiles API.The first 1,000 logs are shown initially. You can continue requesting the next result set using the cursor provided in the response for a tabular report.
OAuth Scope : reports.READ
Arguments
start_time
string
(Required)
Starting time of the data to be fetched, in ISO 8601 date-time format.
The value must be ≥ 1970-01-01T00:00:00Z. Time zone offsets are supported.
The value must be ≥ 1970-01-01T00:00:00Z. Time zone offsets are supported.
end_time
string
(Required)
Ending time of the data to be fetched, in ISO 8601 date-time format.
The value must be ≥ 1970-01-01T00:00:00Z. Time zone offsets are supported.
The value must be ≥ 1970-01-01T00:00:00Z. Time zone offsets are supported.
log_source_ids
array
To filter the data by hosts/devices. Can be obtained via the log sources API.
Maximum: 500 log source IDs
Maximum: 500 log source IDs
log_source_group_ids
array
To filter the data by device groups. Can be obtained via the log source groups API.
Maximum: 500 log source group IDs
Maximum: 500 log source group IDs
cursor
string
Cursor value received from the previous request used to fetch next set of data for tabular report.
⚠️ Note: The cursor remains valid for 5 minutes if unused.
⚠️ Note: The cursor remains valid for 5 minutes if unused.
Path Parameters
report_id
integer
(Required)
Unique ID of the report.
parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN");
response = invokeUrl
[
url: "http://localhost:8400/api/v2/report/data/300000002100"
type: POST
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
.url("http://localhost:8400/api/v2/report/data/300000002100")
.post(body)
.addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN")
.addHeader("content-type", "application/json")
.build();
Response response = client.newCall(request).execute();
const options = {
method: 'POST',
headers: {
Authorization: 'Bearer REPLACE_BEARER_TOKEN',
'content-type': 'application/json'
},
body: '{"field1":"value1","field2":"value2"}'
};
fetch('http://localhost:8400/api/v2/report/data/300000002100', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import http.client
conn = http.client.HTTPConnection("localhost:8400")
payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"
headers = {
'Authorization': "Bearer REPLACE_BEARER_TOKEN",
'content-type': "application/json"
}
conn.request("POST", "/api/v2/report/data/300000002100", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
const http = require("http");
const options = {
"method": "POST",
"hostname": "localhost",
"port": "8400",
"path": "/api/v2/report/data/300000002100",
"headers": {
"Authorization": "Bearer REPLACE_BEARER_TOKEN",
"content-type": "application/json"
}
};
const req = http.request(options, function (res) {
const chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function () {
const body = Buffer.concat(chunks);
console.log(body.toString());
});
});
req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();
curl --request POST \
--url http://localhost:8400/api/v2/report/data/300000002100 \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"field1":"value1","field2":"value2"}'
{
"start_time": "2025-03-27T14:30:00Z",
"end_time": "2025-03-28T14:30:00Z",
"log_source_ids": [
1,
2
],
"log_source_group_ids": [
1,
6
],
"cursor": "DnF1ZXJ5VGhlbkZldGNoAgAAAAAAAAABFnB2MXRXOHRZU2UtSm1HT0FTZnRaZlEAAAAAAAAAAhZwdjF0Vzh0WVNlLUptR09BU2Z0WmZR"
}
{
"response": {
"Time": "2025-02-10 13:44:30",
"Display Name": "TestMachine",
"Severity": "information",
"Log Source": "mitre",
"User Name": "test user",
"Event Id": "1234"
},
"meta": {
"cursor": "DnF1ZXJ5VGhlbkZldGNoAgAAAAAAAAABFnB2MXRXOHRZU2UtSm1HT0FTZnRaZlEAAAAAAAAAAhZwdjF0Vzh0WVNlLUptR09BU2Z0WmZR",
"total_items": 6098,
"items_in_current_page": 1000
}
}
{
"code": "07001113",
"title": "Unauthorized",
"detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired."
}
{
"error": {
"code": "07001110",
"title": "Bad Request",
"detail": "Something went wrong."
}
}
Create Custom Report
This API creates a new custom report by specifying the report name and type.
OAuth Scope : reports.CREATE
Arguments
report_name
string
(Required)
Name of the custom report.
report_group
string
Group name under which the report is to be created. Default value is "Default Group".
report_type
string
(Required)
Type of the report to be created.
Allowed values are tabular, summary, pivot, multi and custom_widget.
Allowed values are tabular, summary, pivot, multi and custom_widget.
log_source_group_ids
array
List of device groups for creating a custom report. Can be obtained via the log source groups API.
Maximum: 500 log source group IDs
Maximum: 500 log source group IDs
log_source_ids
array
List of devices for creating a custom report. Can be obtained via the log sources API.
Maximum: 500 log source IDs
Maximum: 500 log source IDs
report_criteria
string
Criteria of the report. This parameter is required for 'tabular', 'summary' and 'pivot' report types.
Meta fields are not allowed. Allowed fields can be retrieved using the log fields API
Criteria should follow this pattern:
(field_name comparator 'value')
where,
'()' - represents a group
'comparator' - represents '=', '!=', 'contains',etc.
Example:
Meta fields are not allowed. Allowed fields can be retrieved using the log fields API
Criteria should follow this pattern:
(field_name comparator 'value')
where,
'()' - represents a group
'comparator' - represents '=', '!=', 'contains',etc.
Example:
- (SEVERITY = 'Emergency,Critical' and HOSTTYPE = 'Windows') or (SEVERITY = 'Warning,Error' and HOSTTYPE = 'Windows')
- (HOSTTYPE contains 'Windo')
summary_fields
array
These parameters are required for 'summary' report type.
field_name
string
(Required)
name of the field
field_unit
string
Additional unit used in fields. Default value is "Default".
Allowed values are default, dateOfMonth, monthOfYear, dayOfWeek, hourOfDay and year which are used for Time field.
Allowed values are default, dateOfMonth, monthOfYear, dayOfWeek, hourOfDay and year which are used for Time field.
pivot_fields
object
These parameters are required for 'pivot' report type.
row
object
(Required)
field_name
string
(Required)
Name of the field
field_unit
string
Additional unit used in fields. Default value is "Default".
Allowed values are default, dateOfMonth, monthOfYear and dayOfWeek which are used for Time field.
Allowed values are default, dateOfMonth, monthOfYear and dayOfWeek which are used for Time field.
column
object
(Required)
field_name
string
(Required)
Name of the field
field_unit
string
Additional unit used in fields. Default value is "Default".
Allowed values are default, dateOfMonth, monthOfYear and dayOfWeek which are used for Time field.
Allowed values are default, dateOfMonth, monthOfYear and dayOfWeek which are used for Time field.
type
string
Type of filter used for column values.
Default value is "Top 5". If column_values param is used, "Custom" will be the default value.
Allowed values are Custom, Top 5, Least 5.
Default value is "Top 5". If column_values param is used, "Custom" will be the default value.
Allowed values are Custom, Top 5, Least 5.
column_values
array
Filter based on column values. Required for Type 'Custom'. A maximum of 5 values can be used.
aggregation_fields
object
These parameters are required for 'summary' and 'pivot' report type.
agg_type
string
Aggregation type used to summarize the data by. Default value is "Count".
Allowed values are Count, Count Distinct, Average, Sum, First Value, Last Value.
Allowed values are Count, Count Distinct, Average, Sum, First Value, Last Value.
field_name
string
(Required)
Name of the field. Meta fields are not allowed.
For sum and average, only metric fields are allowed. Metric fields can be retrieved from the log-fields API
For sum and average, only metric fields are allowed. Metric fields can be retrieved from the log-fields API
report_ids
array
List of report IDs used to create a multi-report. This parameter is required for 'multi' report type.
Maximum: 10 report IDs
Maximum: 10 report IDs
widget_id
integer
Used to create a custom widget report. This parameter is required for 'custom_widget' report type.
parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN");
response = invokeUrl
[
url: "http://localhost:8400/api/v2/report"
type: POST
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
.url("http://localhost:8400/api/v2/report")
.post(body)
.addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN")
.addHeader("content-type", "application/json")
.build();
Response response = client.newCall(request).execute();
const options = {
method: 'POST',
headers: {
Authorization: 'Bearer REPLACE_BEARER_TOKEN',
'content-type': 'application/json'
},
body: '{"field1":"value1","field2":"value2"}'
};
fetch('http://localhost:8400/api/v2/report', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import http.client
conn = http.client.HTTPConnection("localhost:8400")
payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"
headers = {
'Authorization': "Bearer REPLACE_BEARER_TOKEN",
'content-type': "application/json"
}
conn.request("POST", "/api/v2/report", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
const http = require("http");
const options = {
"method": "POST",
"hostname": "localhost",
"port": "8400",
"path": "/api/v2/report",
"headers": {
"Authorization": "Bearer REPLACE_BEARER_TOKEN",
"content-type": "application/json"
}
};
const req = http.request(options, function (res) {
const chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function () {
const body = Buffer.concat(chunks);
console.log(body.toString());
});
});
req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();
curl --request POST \
--url http://localhost:8400/api/v2/report \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"field1":"value1","field2":"value2"}'
{
"report_name": "Test report",
"report_group": "Test Group",
"report_type": "tabular",
"log_source_group_ids": [
3000000012292,
3000000013071
],
"log_source_ids": [
30000000251315,
3000000286357
],
"report_criteria": "(HOSTTYPE = 'windows')",
"summary_fields": [
{
"field_name": "severity",
"field_unit": ""
}
],
"pivot_fields": {
"row": {
"field_name": "TIME",
"field_unit": "Default"
},
"column": {
"field_name": "USERNAME",
"field_unit": "",
"type": "Custom",
"column_values": [
"user1",
"user2",
"user3"
]
}
},
"aggregation_fields": {
"agg_type": "First Value",
"field_name": "SEVERITY"
},
"report_ids": [
1538,
1845
],
"widget_id": 201
}
{
"report_id": "2081"
}
{
"code": "07001113",
"title": "Unauthorized",
"detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired."
}
{
"error": {
"code": "07001110",
"title": "Bad Request",
"detail": "Something went wrong."
}
}
Delete custom report
This API deletes one or more custom reports by specifying their unique report IDs
OAuth Scope : reports.DELETE
Arguments
report_ids
array
(Required)
To delete a list of reports.A maximum of 10 reports can be deleted.
parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN");
response = invokeUrl
[
url: "http://localhost:8400/api/v2/report"
type: DELETE
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
.url("http://localhost:8400/api/v2/report")
.delete(body)
.addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN")
.addHeader("content-type", "application/json")
.build();
Response response = client.newCall(request).execute();
const options = {
method: 'DELETE',
headers: {
Authorization: 'Bearer REPLACE_BEARER_TOKEN',
'content-type': 'application/json'
},
body: '{"field1":"value1","field2":"value2"}'
};
fetch('http://localhost:8400/api/v2/report', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import http.client
conn = http.client.HTTPConnection("localhost:8400")
payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"
headers = {
'Authorization': "Bearer REPLACE_BEARER_TOKEN",
'content-type': "application/json"
}
conn.request("DELETE", "/api/v2/report", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
const http = require("http");
const options = {
"method": "DELETE",
"hostname": "localhost",
"port": "8400",
"path": "/api/v2/report",
"headers": {
"Authorization": "Bearer REPLACE_BEARER_TOKEN",
"content-type": "application/json"
}
};
const req = http.request(options, function (res) {
const chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function () {
const body = Buffer.concat(chunks);
console.log(body.toString());
});
});
req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();
curl --request DELETE \
--url http://localhost:8400/api/v2/report \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"field1":"value1","field2":"value2"}'
{
"report_ids": [
2885,
3091
]
}
{
"data": {
"title": "success"
}
}
{
"code": "07001113",
"title": "Unauthorized",
"detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired."
}
{
"error": {
"code": "07001110",
"title": "Bad Request",
"detail": "Something went wrong."
}
}
Update custom report
This API updates an existing custom report by specifying its unique report ID which can be obtained via the report profiles API.
OAuth Scope : reports.UPDATE
Arguments
report_name
string
Name of the custom report.
report_group
string
Group name under which the report is to be created. Default value is "Default Group".
report_type
string
Type of the report to be created.
Allowed values are tabular, summary, pivot, multi and custom_widget.
Allowed values are tabular, summary, pivot, multi and custom_widget.
log_source_group_ids
array
List of device groups for creating a custom report. Can be obtained via the log source groups API.
Maximum: 500 log source group IDs
Maximum: 500 log source group IDs
log_source_ids
array
List of devices for creating a custom report. Can be obtained via the log sources API.
Maximum: 500 log source IDs
Maximum: 500 log source IDs
report_criteria
string
Criteria of the report. This parameter is required for 'tabular', 'summary' and 'pivot' report types.
Meta fields are not allowed. Allowed fields can be retrieved using the log fields API
Criteria should follow this pattern:
(field_name comparator 'value')
where,
'()' - represents a group
'comparator' - represents '=', '!=', 'contains',etc.
Example:
Meta fields are not allowed. Allowed fields can be retrieved using the log fields API
Criteria should follow this pattern:
(field_name comparator 'value')
where,
'()' - represents a group
'comparator' - represents '=', '!=', 'contains',etc.
Example:
- (SEVERITY = 'Emergency,Critical' and HOSTTYPE = 'Windows') or (SEVERITY = 'Warning,Error' and HOSTTYPE = 'Windows')
- (HOSTTYPE contains 'Windo')
summary_fields
array
These parameters are required for 'summary' report type.
field_name
string
(Required)
name of the field
field_unit
string
Additional unit used in fields. Default value is "Default".
Allowed values are default, dateOfMonth, monthOfYear, dayOfWeek, hourOfDay and year which are used for Time field.
Allowed values are default, dateOfMonth, monthOfYear, dayOfWeek, hourOfDay and year which are used for Time field.
pivot_fields
object
These parameters are required for 'pivot' report type.
row
object
(Required)
field_name
string
(Required)
Name of the field
field_unit
string
Additional unit used in fields. Default value is "Default".
Allowed values are default, dateOfMonth, monthOfYear and dayOfWeek which are used for Time field.
Allowed values are default, dateOfMonth, monthOfYear and dayOfWeek which are used for Time field.
column
object
(Required)
field_name
string
(Required)
Name of the field
field_unit
string
Additional unit used in fields. Default value is "Default".
Allowed values are default, dateOfMonth, monthOfYear and dayOfWeek which are used for Time field.
Allowed values are default, dateOfMonth, monthOfYear and dayOfWeek which are used for Time field.
type
string
Type of filter used for column values.
Default value is "Top 5". If column_values param is used, "Custom" will be the default value.
Allowed values are Custom, Top 5, Least 5.
Default value is "Top 5". If column_values param is used, "Custom" will be the default value.
Allowed values are Custom, Top 5, Least 5.
column_values
array
Filter based on column values. Required for Type 'Custom'. A maximum of 5 values can be used.
aggregation_fields
object
These parameters are required for 'summary' and 'pivot' report type.
agg_type
string
Aggregation type used to summarize the data by. Default value is "Count".
Allowed values are Count, Count Distinct, Average, Sum, First Value, Last Value.
Allowed values are Count, Count Distinct, Average, Sum, First Value, Last Value.
field_name
string
(Required)
Name of the field. Meta fields are not allowed.
For sum and average, only metric fields are allowed. Metric fields can be retrieved from the log-fields API
For sum and average, only metric fields are allowed. Metric fields can be retrieved from the log-fields API
report_ids
array
List of report IDs used to create a multi-report. This parameter is required for 'multi' report type.
Maximum: 10 report IDs
Maximum: 10 report IDs
widget_id
integer
Used to create a custom widget report. This parameter is required for 'custom_widget' report type.
Path Parameters
report_id
integer
(Required)
ID of the report to be updated.
parameters_data='{"report_name":"Test report","report_group":"Test Group","report_type":"tabular","log_source_group_ids":[3000000012292,3000000013071],"log_source_ids":[30000000251315,3000000286357],"report_criteria":"(HOSTTYPE = 'windows')","summary_fields":[{"field_name":"severity","field_unit":""}],"pivot_fields":{"row":{"field_name":"TIME","field_unit":"Default"},"column":{"field_name":"USERNAME","field_unit":"","type":"Custom","column_values":["user1","user2","user3"]}},"aggregation_fields":{"agg_type":"First Value","field_name":"SEVERITY"},"report_ids":[1538,1845],"widget_id":201}';
headers_data = Map();
headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN");
response = invokeUrl
[
url: "http://localhost:8400/api/v2/report/1385"
type: PATCH
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"report_name\":\"Test report\",\"report_group\":\"Test Group\",\"report_type\":\"tabular\",\"log_source_group_ids\":[3000000012292,3000000013071],\"log_source_ids\":[30000000251315,3000000286357],\"report_criteria\":\"(HOSTTYPE = 'windows')\",\"summary_fields\":[{\"field_name\":\"severity\",\"field_unit\":\"\"}],\"pivot_fields\":{\"row\":{\"field_name\":\"TIME\",\"field_unit\":\"Default\"},\"column\":{\"field_name\":\"USERNAME\",\"field_unit\":\"\",\"type\":\"Custom\",\"column_values\":[\"user1\",\"user2\",\"user3\"]}},\"aggregation_fields\":{\"agg_type\":\"First Value\",\"field_name\":\"SEVERITY\"},\"report_ids\":[1538,1845],\"widget_id\":201}");
Request request = new Request.Builder()
.url("http://localhost:8400/api/v2/report/1385")
.patch(body)
.addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN")
.addHeader("content-type", "application/json")
.build();
Response response = client.newCall(request).execute();
const options = {
method: 'PATCH',
headers: {
Authorization: 'Bearer REPLACE_BEARER_TOKEN',
'content-type': 'application/json'
},
body: '{"report_name":"Test report","report_group":"Test Group","report_type":"tabular","log_source_group_ids":[3000000012292,3000000013071],"log_source_ids":[30000000251315,3000000286357],"report_criteria":"(HOSTTYPE = \'windows\')","summary_fields":[{"field_name":"severity","field_unit":""}],"pivot_fields":{"row":{"field_name":"TIME","field_unit":"Default"},"column":{"field_name":"USERNAME","field_unit":"","type":"Custom","column_values":["user1","user2","user3"]}},"aggregation_fields":{"agg_type":"First Value","field_name":"SEVERITY"},"report_ids":[1538,1845],"widget_id":201}'
};
fetch('http://localhost:8400/api/v2/report/1385', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import http.client
conn = http.client.HTTPConnection("localhost:8400")
payload = "{\"report_name\":\"Test report\",\"report_group\":\"Test Group\",\"report_type\":\"tabular\",\"log_source_group_ids\":[3000000012292,3000000013071],\"log_source_ids\":[30000000251315,3000000286357],\"report_criteria\":\"(HOSTTYPE = 'windows')\",\"summary_fields\":[{\"field_name\":\"severity\",\"field_unit\":\"\"}],\"pivot_fields\":{\"row\":{\"field_name\":\"TIME\",\"field_unit\":\"Default\"},\"column\":{\"field_name\":\"USERNAME\",\"field_unit\":\"\",\"type\":\"Custom\",\"column_values\":[\"user1\",\"user2\",\"user3\"]}},\"aggregation_fields\":{\"agg_type\":\"First Value\",\"field_name\":\"SEVERITY\"},\"report_ids\":[1538,1845],\"widget_id\":201}"
headers = {
'Authorization': "Bearer REPLACE_BEARER_TOKEN",
'content-type': "application/json"
}
conn.request("PATCH", "/api/v2/report/1385", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
const http = require("http");
const options = {
"method": "PATCH",
"hostname": "localhost",
"port": "8400",
"path": "/api/v2/report/1385",
"headers": {
"Authorization": "Bearer REPLACE_BEARER_TOKEN",
"content-type": "application/json"
}
};
const req = http.request(options, function (res) {
const chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function () {
const body = Buffer.concat(chunks);
console.log(body.toString());
});
});
req.write(JSON.stringify({
report_name: 'Test report',
report_group: 'Test Group',
report_type: 'tabular',
log_source_group_ids: [3000000012292, 3000000013071],
log_source_ids: [30000000251315, 3000000286357],
report_criteria: '(HOSTTYPE = \'windows\')',
summary_fields: [{field_name: 'severity', field_unit: ''}],
pivot_fields: {
row: {field_name: 'TIME', field_unit: 'Default'},
column: {
field_name: 'USERNAME',
field_unit: '',
type: 'Custom',
column_values: ['user1', 'user2', 'user3']
}
},
aggregation_fields: {agg_type: 'First Value', field_name: 'SEVERITY'},
report_ids: [1538, 1845],
widget_id: 201
}));
req.end();
curl --request PATCH \
--url http://localhost:8400/api/v2/report/1385 \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'content-type: application/json' \
--data '{"report_name":"Test report","report_group":"Test Group","report_type":"tabular","log_source_group_ids":[3000000012292,3000000013071],"log_source_ids":[30000000251315,3000000286357],"report_criteria":"(HOSTTYPE = '\''windows'\'')","summary_fields":[{"field_name":"severity","field_unit":""}],"pivot_fields":{"row":{"field_name":"TIME","field_unit":"Default"},"column":{"field_name":"USERNAME","field_unit":"","type":"Custom","column_values":["user1","user2","user3"]}},"aggregation_fields":{"agg_type":"First Value","field_name":"SEVERITY"},"report_ids":[1538,1845],"widget_id":201}'
{
"report_name": "Test report",
"report_group": "Test Group",
"report_type": "tabular",
"log_source_group_ids": [
3000000012292,
3000000013071
],
"log_source_ids": [
30000000251315,
3000000286357
],
"report_criteria": "(HOSTTYPE = 'windows')",
"summary_fields": [
{
"field_name": "severity",
"field_unit": ""
}
],
"pivot_fields": {
"row": {
"field_name": "TIME",
"field_unit": "Default"
},
"column": {
"field_name": "USERNAME",
"field_unit": "",
"type": "Custom",
"column_values": [
"user1",
"user2",
"user3"
]
}
},
"aggregation_fields": {
"agg_type": "First Value",
"field_name": "SEVERITY"
},
"report_ids": [
1538,
1845
],
"widget_id": 201
}
{
"report_id": "2081"
}
{
"code": "07001113",
"title": "Unauthorized",
"detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired."
}
{
"error": {
"code": "07001110",
"title": "Bad Request",
"detail": "Something went wrong."
}
}