Class GetFindingsRequestParameters
Request options for GetFindings
https://docs.opensearch.org/docs/latest/security-analytics/api-tools/alert-finding-api/#get-findings
Implements
Inherited Members
Namespace: OpenSearch .Net.Specification.SecurityAnalyticsApi
Assembly: OpenSearch.Net.dll
Syntax
public class GetFindingsRequestParameters : RequestParameters<GetFindingsRequestParameters>, IRequestParametersProperties
| Edit this page View SourceDefaultHttpMethod
Declaration
public override HttpMethod DefaultHttpMethod { get; }Property Value
| Type | Description |
|---|---|
| Http |
Overrides
| Edit this page View SourceDetectionType
The detection type that dictates the retrieval type for the findings. When the detection type is threat, it fetches threat
intelligence feeds. When the detection type is rule, findings are fetched based on the detector’s rule. Optional.
Declaration
public SecurityAnalyticsFindingsDetectionType? DetectionType { get; set; }Property Value
| Type | Description |
|---|---|
| Security |
DetectorId
The ID of the detector used to fetch alerts. Optional when the detectorType is specified. Otherwise required.
Declaration
public string DetectorId { get; set; }Property Value
| Type | Description |
|---|---|
| string |
DetectorType
The type of detector used to fetch alerts. Optional when the detector_id is specified. Otherwise required.
Declaration
public string DetectorType { get; set; }Property Value
| Type | Description |
|---|---|
| string |
EndTime
The end timestamp (in ms) of the time window in which you want to retrieve findings. Optional.
Declaration
public string EndTime { get; set; }Property Value
| Type | Description |
|---|---|
| string |
FindingIds
The comma-separated id list of findings for which you want retrieve details. Optional.
Declaration
public string FindingIds { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Missing
Used to sort by whether the field missing exists or not in the documents associated with the finding. Optional.
Declaration
public string Missing { get; set; }Property Value
| Type | Description |
|---|---|
| string |
SearchString
The finding attribute you want returned in the search. To search in a specific index, specify the index name in the request path. For example, to search findings in the indexABC index, use `searchString=indexABC’. Optional.
Declaration
public string SearchString { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Severity
The rule severity for which retrieve findings. Severity can be critical, high, medium, or low. Optional.
Declaration
public SecurityAnalyticsFindingsRuleSeverity? Severity { get; set; }Property Value
| Type | Description |
|---|---|
| Security |
Size
The maximum number of results returned in the response. Optional.
Declaration
public long? Size { get; set; }Property Value
| Type | Description |
|---|---|
| long? |
SortOrder
The order used to sort the list of findings. Possible values are asc or desc. Optional.
Declaration
public SortOrder? SortOrder { get; set; }Property Value
| Type | Description |
|---|---|
| Sort |
SortString
The string used by the Alerting plugin to sort the findings. Optional.
Declaration
public string SortString { get; set; }Property Value
| Type | Description |
|---|---|
| string |
StartIndex
The pagination index. Optional.
Declaration
public long? StartIndex { get; set; }Property Value
| Type | Description |
|---|---|
| long? |
StartTime
The beginning timestamp (in ms) of the time window in which you want to retrieve findings. Optional.
Declaration
public long? StartTime { get; set; }Property Value
| Type | Description |
|---|---|
| long? |
SupportsBody
Declaration
public override bool SupportsBody { get; }Property Value
| Type | Description |
|---|---|
| bool |