Get Events
GET {{baseUrl}}/web/api/v2.1/dv/events?sortBy=ex&limit=ex&skip=ex&sortOrder=ex&subQuery=ex&cursor=ex&queryId=ex
Get all Deep Visibility events from a queryId. You can use this command to send a sub-query, a new query to run on these events. Get the ID from init-query
. See Create Query and get QueryId
.
For complete documentation, see Query Syntax in the Knowledge Base (support.sentinelone.com) or the Console Help.
Request Params
| Key | Datatype | Required | Description |
|---|---|---|---|
sortBy | string | Events sorted by field. Example: "createdAt". | |
limit | string | Limit number of returned items (1-1000). Example: "10". | |
skip | string | Skip first number of items (0-1000). To iterate over more than 1000 items, use "cursor". Example: "150". | |
sortOrder | string | Event sorting order. Example: "asc". | |
subQuery | string | Create a sub query to run on the data that was already pulled | |
cursor | string | Cursor position returned by the last request. Should be used instead of skip. cursor currently supports sort by with createdAt, pid, processStartTime | |
queryId | string | (Required) QueryId obtained when creating a query under Create Query. Example: "q1xx2xx3". |
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Content-Type | null |