Report threat event totals
GET https://{{host}}/etp-report/v3/configs/:configId/threat-events/aggregate?dimension={{dimension}}&startTimeSec={{startTimeSec}}&endTimeSec={{endTimeSec}}&filters={{filters}}
Lists the count of threat events, grouped by the chosen query aggregation.
Request Params
| Key | Datatype | Required | Description |
|---|---|---|---|
dimension | string | (Required) Enum Optionally filter by a dimension of data. Refer to Filters for a complete list. | |
cardinality | string | (Optional) The number of records to fetch for the aggregation. | |
startTimeSec | string | (Required) The start time for report data, in epoch seconds. | |
endTimeSec | string | (Required) The end time for report data, in epoch seconds. | |
filters | string | (Required) Filters report data using the Filters JSON object. You supply this object as the value after you define the filter parameters. | |
accountSwitchKey | string | (Optional) For customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys. |
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Accept | string |
RESPONSES
status: OK
{"aggregations":[{"id":"564","name":"BOS-HQ-Corp","total":26},{"id":"1220","name":"BOS-15S-Corp","total":10},{"id":"-1","name":"Roaming","total":7},{"id":"841","name":"DUB-1DL-Corp+Guest","total":7},{"id":"840","name":"BOS-HQ-Guest","total":2}],"dimension":{"id":"site","name":"site","total":5}}