Get Results

GET {{cb_url}}/api/investigate/v2/orgs/{{cb_org_key}}/observations/search_jobs/{{cb_job_id}}/results?start=&rows=

Retrieves the observations search results for a given job ID. Results will be sorted based on the sort parameter used when starting the search.

RBAC Permissions Required

API Documentation

Information on Fields

Request Params

RESPONSES

status: OK

{"approximate_unaggregated":1,"completed":4,"contacted":4,"num_aggregated":1,"num_available":1,"num_found":1,"results":[{"alert_category":["OBSERVED"],"alert_id":["be6ff259-88e3-6286-789f-74defa192d2e"],"backend_timestamp":"2023-02-08T03:22:59.196Z","device_group_id":0,"device_id":17482451,"device_name":"dev01-39x-1","device_policy_id":20792247,"device_timestamp":"2023-02-08T03:20:33.751Z","enriched":true,"enriched_event_type":["NETWORK"],"event_description":"The script","event_id":"8fbccc2da75f11ed937ae3cb089984c6","event_network_inbound":false,"event_network_local_ipv4":"10.203.105.21","event_network_location":"Santa Clara,CA,United States","event_network_protocol":"TCP","event_network_remote_ipv4":"23.44.229.234","event_network_remote_port":80,"event_type":["netconn"],"ingress_time":1675826462036,"legacy":true,"observation_description":"The application firefox.exe invoked ","observation_id":"8fbccc2da75f11ed937ae3cb089984c6:be6ff259-88e3-6286-789f-74defa192d2e","observation_type":"CB_ANALYTICS","org_id":"ABCD123456","parent_guid":"ABCD123456-010ac2d3-00001c68-00000000-1d93b6c4d1f20ad","parent_pid":7272,"process_guid":"ABCD123456-010ac2d3-00001cf8-00000000-1d93b6c4d2b16a4","process_hash":["9df1ec5e25919660a1b0b85d3965d55797b9aac81e028008428106c4dcda7b29"],"process_name":"c:\\programdata\\mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\\updates\\308046b0af4a39cb\\backgroundupdate.moz_log","process_pid":[7416],"process_username":["DEV01-39X-1\\bit9qa"]}]}