Skip to main content
Skip table of contents

Get Data Ingestion Schedule Running Results

LAST UPDATED: FEB 27, 2024

Returns data ingestion schedule running results

Implementation

Python

Command Category

System Utility

Tags

EVENT EVENT INGESTION

Inputs

Parameter Name

Required/Optional

Description

Sample Data

Integration Name

Required

Specify the integration name

Gmail

Data Type

Optional

Specify the type of record to fetch

Event Intake

Connection Name

Optional

Specify the connection name

connection1

Site Name

Optional

Specify the name of the site

Security Operations

Start Time

Optional

The start of the date range (UTC). Note: The start time of the fetched records will be converted from PST time zone to UTC time zone.

2022-08-01 00:00:00

End Time

Optional

The end of the date range (UTC). Note: The end time of the fetched records will be converted from PST time zone to UTC time zone.

2022-08-31 00:00:00

Record Limit

Optional

Specify the maximum number of records per schedule to be fetched. Using a positive value will order the records by newest first and using a negative value will order by oldest first. Note: A default of 100 maximum records will be returned if no value is specified.

3

Error Only

Optional

Only fetch the records with error results

No

Include Raw Data

Optional

Specify whether to include raw data in the output

Yes

Output

Raw Data

The response data from the utility command.

SAMPLE DATA

JSON
[
    {
        "Data Type": "Event Intake",
        "Integration Name": "Gmail",
        "Connection Name": "connection1",
        "Site Name": "Security Operations",
        "Records": [
            {
                "UTCStarttime": "2022-08-04 22:46:36.873000",
                "UTCEndtime": "2022-08-04 22:46:37.113000",
                "ExecutionDurationInSec": "0.240",
                "IntervalDurationInMinute": "",
                "State": "Successful",
                "Input Data": [
                    {
                        "Command Name": "Fetch Event",
                        "Parameter 1: User Email": "phishing@d3cyberlab.com",
                        "Parameter 2: Start Time": "2022-08-04 00:00:00",
                        "Parameter 3: End Time": "2022-08-04 01:00:00",
                        "Parameter 4: Top Recent Event Number": "5",
                        "Parameter 5: Search Condition": ""
                    }
                ],
                "Output Data": {
                    "EventCount": 0,
                    "NotifyChanges": false,
                    "CompositeId": null,
                    "ConnectionId": 1038,
                    "SiteId": 2,
                    "Error": null,
                    "DataSourceId": 1093,
                    "Result": {
                        "Result": "0 event(s) are created.",
                        "Events": []
                    },
                    "OutputModel": {
                        "result": {
                            "description": "<table class='cc-table'><tr><th>Result</th></tr><tr><td>No result</td></tr></table>",
                            "actions": [],
                            "references": [],
                            "resultFormatType": 9
                        },
                        "error": "",
                        "returnData": "Successful",
                        "rawData": "[]",
                        "contextData": "[]",
                        "outputData": {
                            "MessageIDs": "[]"
                        },
                        "passdownData": null,
                        "testingDetailData": null,
                        "customLog": null,
                        "others": {}
                    }
                },
                "Raw Data": [],
                "Error Message": null
            },
            {
                "UTCStarttime": "2022-08-04 22:46:41.890000",
                "UTCEndtime": "2022-08-04 22:46:42.150000",
                "ExecutionDurationInSec": "0.260",
                "IntervalDurationInMinute": "0.080",
                "State": "Successful",
                "Input Data": [
                    {
                        "Command Name": "Fetch Event",
                        "Parameter 1: User Email": "phishing@d3cyberlab.com",
                        "Parameter 2: Start Time": "2022-08-04 01:00:00",
                        "Parameter 3: End Time": "2022-08-04 02:00:00",
                        "Parameter 4: Top Recent Event Number": "5",
                        "Parameter 5: Search Condition": ""
                    }
                ],
                "Output Data": {
                    "EventCount": 0,
                    "NotifyChanges": false,
                    "CompositeId": null,
                    "ConnectionId": 1038,
                    "SiteId": 2,
                    "Error": null,
                    "DataSourceId": 1093,
                    "Result": {
                        "Result": "0 event(s) are created.",
                        "Events": []
                    },
                    "OutputModel": {
                        "result": {
                            "description": "<table class='cc-table'><tr><th>Result</th></tr><tr><td>No result</td></tr></table>",
                            "actions": [],
                            "references": [],
                            "resultFormatType": 9
                        },
                        "error": "",
                        "returnData": "Successful",
                        "rawData": "[]",
                        "contextData": "[]",
                        "outputData": {
                            "MessageIDs": "[]"
                        },
                        "passdownData": null,
                        "testingDetailData": null,
                        "customLog": null,
                        "others": {}
                    }
                },
                "Raw Data": [],
                "Error Message": null
            },
            {
                "UTCStarttime": "2022-08-04 22:46:46.913000",
                "UTCEndtime": "2022-08-04 22:46:47.143000",
                "ExecutionDurationInSec": "0.230",
                "IntervalDurationInMinute": "0.079",
                "State": "Successful",
                "Input Data": [
                    {
                        "Command Name": "Fetch Event",
                        "Parameter 1: User Email": "phishing@d3cyberlab.com",
                        "Parameter 2: Start Time": "2022-08-04 02:00:00",
                        "Parameter 3: End Time": "2022-08-04 03:00:00",
                        "Parameter 4: Top Recent Event Number": "5",
                        "Parameter 5: Search Condition": ""
                    }
                ],
                "Output Data": {
                    "EventCount": 0,
                    "NotifyChanges": false,
                    "CompositeId": null,
                    "ConnectionId": 1038,
                    "SiteId": 2,
                    "Error": null,
                    "DataSourceId": 1093,
                    "Result": {
                        "Result": "0 event(s) are created.",
                        "Events": []
                    },
                    "OutputModel": {
                        "result": {
                            "description": "<table class='cc-table'><tr><th>Result</th></tr><tr><td>No result</td></tr></table>",
                            "actions": [],
                            "references": [],
                            "resultFormatType": 9
                        },
                        "error": "",
                        "returnData": "Successful",
                        "rawData": "[]",
                        "contextData": "[]",
                        "outputData": {
                            "MessageIDs": "[]"
                        },
                        "passdownData": null,
                        "testingDetailData": null,
                        "customLog": null,
                        "others": {}
                    }
                },
                "Raw Data": [],
                "Error Message": null
            }
        ]
    }
]

Remote Command API

The D3 command API allows you to send requests to D3 SOAR to execute this utility command via REST API.

Request

POST

CODE
https:/{base_url}/{api_namespace}/api/Command/GetDataIngestionScheduleRunningResults

Headers

Please refer to the page Webhook Configuration Guide - Authentication Method: API Keys for more details.

Request Body

JSON
{
  "Username": <Username here>,
  "Site": <Site here>,
  "CommandParams": {
    "Integration Name": <Integration Name here>,
    "Data Type": <Data Type here>,
    "Connection Name": <Connection Name here>,
    "Site Name": <Site Name here>,
    "Start Time": <Start Time here>,
    "End Time": <End Time here>,
    "Record Limit": <Record Limit here>,
    "Error Only": <Error Only here>,
    "Include Raw Data": <Include Raw Data here>
  }
}

Body Parameters

Parameter Name

Type

Required/Optional

Description

Username

String

Required

The username of your D3 SOAR account.

Site

String

Required

The D3 SOAR site to run the remote command.

Integration Name

Text

Required

Specify the integration name

Data Type

Text

Optional

Specify the type of record to fetch

Connection Name

Text

Optional

Specify the connection name

Site Name

Text

Optional

Specify the name of the site

Start Time

DateTime

Optional

The start of the date range (UTC). Note: The start time of the fetched records will be converted from PST time zone to UTC time zone.

End Time

DateTime

Optional

The end of the date range (UTC). Note: The end time of the fetched records will be converted from PST time zone to UTC time zone.

Record Limit

Number

Optional

Specify the maximum number of records per schedule to be fetched. Using a positive value will order the records by newest first and using a negative value will order by oldest first. Note: A default of 100 maximum records will be returned if no value is specified.

Error Only

Boolean

Optional

Only fetch the records with error results

Include Raw Data

Boolean

Optional

Specify whether to include raw data in the output

Sample Request

SAMPLE DATA

JSON
{
  "Username": "Admin",
  "Site": "Security Operations",
  "CommandParams": {
    "Integration Name": "Gmail",
    "Data Type": "Event Intake",
    "Connection Name": "connection1",
    "Site Name": "Security Operations",
    "Start Time": "2022-08-01 00:00:00",
    "End Time": "2022-08-31 00:00:00",
    "Record Limit": 3,
    "Error Only": "No",
    "Include Raw Data": "Yes"
  }
}

Response

Response Fields

Field Name

Type

Description

error

Text

The error message if the API request has failed.

rawData

JSON Array

The raw data from the API request.

Sample Response

JSON
{
    "error": "",
    "returnData": "Successful",
    "rawData": {
        "Data Type": "Event Intake",
        "Integration Name": "Gmail",
        "Connection Name": "connection1",
        "Site Name": "Security Operations",
        "Records": [
            {
                "UTCStarttime": "2022-08-04 22:46:36.873000",
                "UTCEndtime": "2022-08-04 22:46:37.113000",
                "ExecutionDurationInSec": "0.240",
                "IntervalDurationInMinute": "",
                "State": "Successful",
                "Input Data": [
                    {
                        "Command Name": "Fetch Event",
                        "Parameter 1: User Email": "phishing@d3cyberlab.com",
                        "Parameter 2: Start Time": "2022-08-04 00:00:00",
                        "Parameter 3: End Time": "2022-08-04 01:00:00",
                        "Parameter 4: Top Recent Event Number": "5",
                        "Parameter 5: Search Condition": ""
                    }
                ],
                "Output Data": {
                    "EventCount": 0,
                    "NotifyChanges": false,
                    "CompositeId": null,
                    "ConnectionId": 1038,
                    "SiteId": 2,
                    "Error": null,
                    "DataSourceId": 1093,
                    "Result": {
                        "Result": "0 event(s) are created.",
                        "Events": []
                    },
                    "OutputModel": {
                        "result": {
                            "description": "<table class='cc-table'><tr><th>Result</th></tr><tr><td>No result</td></tr></table>",
                            "actions": [],
                            "references": [],
                            "resultFormatType": 9
                        },
                        "error": "",
                        "returnData": "Successful",
                        "rawData": "[]",
                        "contextData": "[]",
                        "outputData": {
                            "MessageIDs": "[]"
                        },
                        "passdownData": null,
                        "testingDetailData": null,
                        "customLog": null,
                        "others": {}
                    }
                },
                "Raw Data": [],
                "Error Message": null
            },
            {
                "UTCStarttime": "2022-08-04 22:46:41.890000",
                "UTCEndtime": "2022-08-04 22:46:42.150000",
                "ExecutionDurationInSec": "0.260",
                "IntervalDurationInMinute": "0.080",
                "State": "Successful",
                "Input Data": [
                    {
                        "Command Name": "Fetch Event",
                        "Parameter 1: User Email": "phishing@d3cyberlab.com",
                        "Parameter 2: Start Time": "2022-08-04 01:00:00",
                        "Parameter 3: End Time": "2022-08-04 02:00:00",
                        "Parameter 4: Top Recent Event Number": "5",
                        "Parameter 5: Search Condition": ""
                    }
                ],
                "Output Data": {
                    "EventCount": 0,
                    "NotifyChanges": false,
                    "CompositeId": null,
                    "ConnectionId": 1038,
                    "SiteId": 2,
                    "Error": null,
                    "DataSourceId": 1093,
                    "Result": {
                        "Result": "0 event(s) are created.",
                        "Events": []
                    },
                    "OutputModel": {
                        "result": {
                            "description": "<table class='cc-table'><tr><th>Result</th></tr><tr><td>No result</td></tr></table>",
                            "actions": [],
                            "references": [],
                            "resultFormatType": 9
                        },
                        "error": "",
                        "returnData": "Successful",
                        "rawData": "[]",
                        "contextData": "[]",
                        "outputData": {
                            "MessageIDs": "[]"
                        },
                        "passdownData": null,
                        "testingDetailData": null,
                        "customLog": null,
                        "others": {}
                    }
                },
                "Raw Data": [],
                "Error Message": null
            },
            {
                "UTCStarttime": "2022-08-04 22:46:46.913000",
                "UTCEndtime": "2022-08-04 22:46:47.143000",
                "ExecutionDurationInSec": "0.230",
                "IntervalDurationInMinute": "0.079",
                "State": "Successful",
                "Input Data": [
                    {
                        "Command Name": "Fetch Event",
                        "Parameter 1: User Email": "phishing@d3cyberlab.com",
                        "Parameter 2: Start Time": "2022-08-04 02:00:00",
                        "Parameter 3: End Time": "2022-08-04 03:00:00",
                        "Parameter 4: Top Recent Event Number": "5",
                        "Parameter 5: Search Condition": ""
                    }
                ],
                "Output Data": {
                    "EventCount": 0,
                    "NotifyChanges": false,
                    "CompositeId": null,
                    "ConnectionId": 1038,
                    "SiteId": 2,
                    "Error": null,
                    "DataSourceId": 1093,
                    "Result": {
                        "Result": "0 event(s) are created.",
                        "Events": []
                    },
                    "OutputModel": {
                        "result": {
                            "description": "<table class='cc-table'><tr><th>Result</th></tr><tr><td>No result</td></tr></table>",
                            "actions": [],
                            "references": [],
                            "resultFormatType": 9
                        },
                        "error": "",
                        "returnData": "Successful",
                        "rawData": "[]",
                        "contextData": "[]",
                        "outputData": {
                            "MessageIDs": "[]"
                        },
                        "passdownData": null,
                        "testingDetailData": null,
                        "customLog": null,
                        "others": {}
                    }
                },
                "Raw Data": [],
                "Error Message": null
            }
        ]
    }
}
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.