Difference between revisions of "Forensic Data Using the API Request Fields"
From Observer GigaFlow Support | VIAVI Solutions Inc.
Kevin Wilkie (Talk | contribs) |
Kevin Wilkie (Talk | contribs) |
||
| Line 49: | Line 49: | ||
| "endtime":1578992400000 or "endtime":"2 hours" or "endtime":"20 minutes" | | "endtime":1578992400000 or "endtime":"2 hours" or "endtime":"20 minutes" | ||
|- | |- | ||
| − | | | + | | reportName |
| − | | | + | | String |
| − | | | + | | The name of the forensics report to run. Can be any name from the list in the Gigaglow->Configuration->Reporting->Forensics Reports->Reports list. |
| − | | | + | | "reportName":"Application Flows" |
|- | |- | ||
| − | | | + | | appid |
| − | | | + | | Array of Strings |
| − | | | + | | The gigaflow appid assigned to traffic |
| − | | | + | | "appid":["1114273","1116267","393659"] |
|- | |- | ||
| − | | | + | | add |
| − | | | + | | Array of Strings |
| − | | | + | | IP Addresses (source or destination) to filter data for |
| − | | | + | | "add":["172.21.21.1","172.21.21.14"] |
|- | |- | ||
| | | | ||
Revision as of 10:20, 14 January 2020
URL Format can be found Forensic_Data_Using_the_API
When querying forensics data you can pass the following params
| Field Name | Field Type | Field Description | Exampless |
|---|---|---|---|
| graphRows | Integer | Specify how many rows should be grouped by and returned in the graph data | "graphRows":20 |
| type | String | Output type, can be Graph or Table | "type:"Graph" |
| reportName | String | Name of any available forensics report | "reportName":"Application Flows" |
| length | Integer | Number of table rows to return, should be used with the start parameter | "length":20,"start":0 |
| start | Integer | Which row count to start from when returning a table, should be used with the length parameter | "length":20,"start":0 |
| device | Array of Strings | Selects which infrastructure devices data to include in this report, always recommended. | "device":["172.21.40.199","172.21.40.254,"172.21.21,254"] |
| starttime | Long or String | The start time of the period for which data should be included. Either utc in milliseconds or relative time | "starttime":1578992400000 or "starttime":"2 hours" or "starttime":"2 days" |
| endtime | Long or String | The end time of the period for which data should be included. Either utc in milliseconds or relative time | "endtime":1578992400000 or "endtime":"2 hours" or "endtime":"20 minutes" |
| reportName | String | The name of the forensics report to run. Can be any name from the list in the Gigaglow->Configuration->Reporting->Forensics Reports->Reports list. | "reportName":"Application Flows" |
| appid | Array of Strings | The gigaflow appid assigned to traffic | "appid":["1114273","1116267","393659"] |
| add | Array of Strings | IP Addresses (source or destination) to filter data for | "add":["172.21.21.1","172.21.21.14"] |
|
} |
