Get PreConfigured Report‎

POST /Command/GetPreConfiguredReport

Get report by given time range and pre-configured report type id.

Request

Authentication: API keys or JSON web tokens (JWT)

Body Parameters

Parameter Name	Type	Required/Optional	Description
Username	`string`	Required	The username of your D3 SOAR account.
Site	`string`	Required	The D3 SOAR site to run the remote command.
Start Time	`string`	Required	Start time to retrieve the reports.
End Time	`string`	Required	End time to retrieve the reports.
Report Type	`integer`	Optional	The type of the report.
Additional Fields	`JSON Object`	Optional	This function parameter allows for the addition of new fields to the output report, specifically for Events (mapping field), Incidents (dynamic field), and Cases(custom form field). The configuration for these fields must be in JSON format. When adding fields for Incidents and Cases, the section name must be specified. It is important to note that each subject can have a maximum of 20 additional fields.

READER NOTE

For Date/Time parameters Start Time and End Time, all times and timestamps must follow the format: yyyy-mm-dd hh:mm:ss.

e.g. May 15, 2024, 2:32 PM should be written as 2024-05-15 14:32:00.

Body Sample Data

application/json

CODE

{
  "Username": "Admin",
  "Site": "Security Operations",
  "CommandParams": {
    "Start Time": "08/01/2020 03:14 PM",
    "End Time": "08/30/2020 12:14 PM",
    "Report Type": 2,
    "Additional Fields": {
      "Incident": [
        {
          "SectionName": "Malwares",
          "FieldName": "Name"
        },
        {
          "SectionName": "IP",
          "FieldName": "IP Address"
        },
        {
          "SectionName": "Analyst Review",
          "FieldName": "Review Note"
        }
      ],
      "Case": [
        {
          "SectionName": "Additional Infomation",
          "FieldName": "Address"
        },
        {
          "SectionName": "Additional Infomation",
          "FieldName": "Email"
        }
      ],
      "Event": [
        {
          "FieldName": "Event Type"
        },
        {
          "FieldName": "Process ID"
        }
      ]
    }
  }
}

Response

200 OK

application/json

Field Name	Type	Description
error	`string`	The error message if the API request has failed.
returnData	`string`	The return data from the API request.
contextData	`JSON Object`	The context data from the API request.

CODE

{
    "error": "",
    "returnData": "Successful",
    "contextData": {
      "fileName": "IncidentReport_20200801151435.json",
      "fileId": 437,
      "md5": "6619869ed0b148d5312ffbd0b9bc05d6",
      "sha1": "0ab0bf9100b782860f663b7aca51f8a109e7db01",
      "sha256": "422857990699c489e97dbf0559413559777172d487ab48f95de7ebbb76c10294"
  }
}

401 Unauthorized

application/json

Response Fields

Field Name	Type	Description
Error	`string`	A error message when the API request fails.

Sample Data

CODE

{"Error": "Invalid authentication key."}

429 TooManyRequests

application/json

Response Fields

Field Name	Type	Description
Error	`string`	A error message when the API request fails.

Sample Data

CODE

{"Error": "The request exceeds rate limits or is otherwise blocked by rate limiting policies."}

500 InternalServerError

application/json

Response Fields

Field Name	Type	Description
Error	`string`	A error message when the API request fails.

Sample Data

CODE

{"Error": "Unexpected Error."}