Carbon Black Cloud (CBC)-Enterprise EDR API (EDR) π-Auth Events-Events Search
Number of APIs: 5
-
Get Auth Events Search Suggestions GET {{cb_url}}/api/investigate/v2/orgs/{org_key}/auth_events/search_suggestions?suggest.q=auth
-
Start Auth Events Search Job POST {{cb_url}}/api/investigate/v2/orgs/{{cb_org_key}}/auth_events/search_jobs
-
Get Auth Events Search Job Results GET {{cb_url}}/api/investigate/v2/orgs/{{cb_org_key}}/auth_events/search_jobs/{{cb_job_id}}/results
-
Get Auth Events Search Validation GET {{cb_url}}/api/investigate/v2/orgs/{{cb_org_key}}/auth_events/search_validation?q="(auth_username:Administrator)AND(device_name:test)"
-
Get Auth Events Search Group Results POST {{cb_url}}/api/investigate/v2/orgs/{{cb_org_key}}/auth_events/search_jobs/{{cb_job_id}}/group_results