Search Suggestions for Observations

GET {{cb_url}}/api/investigate/v2/orgs/{{cb_org_key}}/observations/search_suggestions?suggest.q=device_id&suggest.count=2

Returns suggestions for the observations search based on fields in the organization’s system. Will return field names if the “suggest.q” parameter does not yet contain a colon and will return no suggestion otherwise.

RBAC Permissions Required

Permission (.notation name)	Operation(s)
org.search.events	READ, CREATE

API Documentation

Information on Fields

Request Params

Key	Datatype	Required	Description
`suggest.q`	string		The query to generate suggestions for
`suggest.count`	number		The number of suggestions to return

RESPONSES

status: OK

{&quot;suggestions&quot;:[{&quot;term&quot;:&quot;device_id&quot;,&quot;weight&quot;:500,&quot;required_skus_all&quot;:[],&quot;required_skus_some&quot;:[&quot;threathunter&quot;,&quot;defense&quot;]},{&quot;term&quot;:&quot;netconn_remote_device_id&quot;,&quot;weight&quot;:350,&quot;required_skus_all&quot;:[&quot;xdr&quot;],&quot;required_skus_some&quot;:[]}]}