Get Facet Results
GET {{cb_url}}/api/investigate/v2/orgs/{{cb_org_key}}/observations/facet_jobs/{{cb_job_id}}/results?limit=
Retrieves the observations facet results for a given Job ID.
RBAC Permissions Required
| Permission (.notation name) | Operation(s) |
|---|---|
| org.search.events | READ, CREATE |
Request Params
| Key | Datatype | Required | Description |
|---|---|---|---|
limit | null | Maximum number of facets per category (i.e Any Process Search Fields listed in terms.fields) |
RESPONSES
status: OK
{"ranges":[{"start":"2020-08-04T08:01:32.077Z","end":"2020-08-05T08:01:32.077Z","bucket_size":"+1HOUR","field":"device_timestamp","values":[{"total":456,"name":"2020-08-04T08:01:32.077Z"},{"total":374,"name":"2020-08-04T20:01:32.077Z"}]}],"terms":[{"values":[{"total":414,"id":"NT AUTHORITY\\SYSTEM","name":"NT AUTHORITY\\SYSTEM"},{"total":323,"id":"NT AUTHORITY\\NETWORK SERVICE","name":"NT AUTHORITY\\NETWORK SERVICE"},{"total":71,"id":"NT AUTHORITY\\LOCAL SERVICE","name":"NT AUTHORITY\\LOCAL SERVICE"}],"field":"process_username"}],"num_found":808,"contacted":6,"completed":6}