.png)
Get Data Ingestion Schedule Running Results
LAST UPDATED: FEB 27, 2024
Returns data ingestion schedule running results
Implementation | Python |
Command Category | System Utility |
Tags | EVENT EVENT INGESTION |
Inputs
Parameter Name | Required/Optional | Description | Sample Data |
|---|---|---|---|
Integration Name | Required | Specify the integration name | Gmail |
Data Type | Optional | Specify the type of record to fetch | Event Intake |
Connection Name | Optional | Specify the connection name | connection1 |
Site Name | Optional | Specify the name of the site | Security Operations |
Start Time | Optional | The start of the date range (UTC). Note: The start time of the fetched records will be converted from PST time zone to UTC time zone. | 2022-08-01 00:00:00 |
End Time | Optional | The end of the date range (UTC). Note: The end time of the fetched records will be converted from PST time zone to UTC time zone. | 2022-08-31 00:00:00 |
Record Limit | Optional | Specify the maximum number of records per schedule to be fetched. Using a positive value will order the records by newest first and using a negative value will order by oldest first. Note: A default of 100 maximum records will be returned if no value is specified. | 3 |
Error Only | Optional | Only fetch the records with error results | No |
Include Raw Data | Optional | Specify whether to include raw data in the output | Yes |
Output
Remote Command API
The D3 command API allows you to send requests to D3 SOAR to execute this utility command via REST API.
Request
POST
https:/{base_url}/{api_namespace}/api/Command/GetDataIngestionScheduleRunningResultsHeaders
Please refer to the page Webhook Configuration Guide - Authentication Method: API Keys for more details.
Request Body
{
"Username": <Username here>,
"Site": <Site here>,
"CommandParams": {
"Integration Name": <Integration Name here>,
"Data Type": <Data Type here>,
"Connection Name": <Connection Name here>,
"Site Name": <Site Name here>,
"Start Time": <Start Time here>,
"End Time": <End Time here>,
"Record Limit": <Record Limit here>,
"Error Only": <Error Only here>,
"Include Raw Data": <Include Raw Data here>
}
}Body Parameters
Parameter Name | Type | Required/Optional | Description |
|---|---|---|---|
Username |
| Required | The username of your D3 SOAR account. |
Site |
| Required | The D3 SOAR site to run the remote command. |
Integration Name |
| Required | Specify the integration name |
Data Type |
| Optional | Specify the type of record to fetch |
Connection Name |
| Optional | Specify the connection name |
Site Name |
| Optional | Specify the name of the site |
Start Time |
| Optional | The start of the date range (UTC). Note: The start time of the fetched records will be converted from PST time zone to UTC time zone. |
End Time |
| Optional | The end of the date range (UTC). Note: The end time of the fetched records will be converted from PST time zone to UTC time zone. |
Record Limit |
| Optional | Specify the maximum number of records per schedule to be fetched. Using a positive value will order the records by newest first and using a negative value will order by oldest first. Note: A default of 100 maximum records will be returned if no value is specified. |
Error Only |
| Optional | Only fetch the records with error results |
Include Raw Data |
| Optional | Specify whether to include raw data in the output |
Sample Request
SAMPLE DATA
{
"Username": "Admin",
"Site": "Security Operations",
"CommandParams": {
"Integration Name": "Gmail",
"Data Type": "Event Intake",
"Connection Name": "connection1",
"Site Name": "Security Operations",
"Start Time": "2022-08-01 00:00:00",
"End Time": "2022-08-31 00:00:00",
"Record Limit": 3,
"Error Only": "No",
"Include Raw Data": "Yes"
}
}Response
Response Fields
Field Name | Type | Description |
|---|---|---|
error |
| The error message if the API request has failed. |
rawData |
| The raw data from the API request. |
Sample Response
{
"error": "",
"returnData": "Successful",
"rawData": {
"Data Type": "Event Intake",
"Integration Name": "Gmail",
"Connection Name": "connection1",
"Site Name": "Security Operations",
"Records": [
{
"UTCStarttime": "2022-08-04 22:46:36.873000",
"UTCEndtime": "2022-08-04 22:46:37.113000",
"ExecutionDurationInSec": "0.240",
"IntervalDurationInMinute": "",
"State": "Successful",
"Input Data": [
{
"Command Name": "Fetch Event",
"Parameter 1: User Email": "phishing@d3cyberlab.com",
"Parameter 2: Start Time": "2022-08-04 00:00:00",
"Parameter 3: End Time": "2022-08-04 01:00:00",
"Parameter 4: Top Recent Event Number": "5",
"Parameter 5: Search Condition": ""
}
],
"Output Data": {
"EventCount": 0,
"NotifyChanges": false,
"CompositeId": null,
"ConnectionId": 1038,
"SiteId": 2,
"Error": null,
"DataSourceId": 1093,
"Result": {
"Result": "0 event(s) are created.",
"Events": []
},
"OutputModel": {
"result": {
"description": "<table class='cc-table'><tr><th>Result</th></tr><tr><td>No result</td></tr></table>",
"actions": [],
"references": [],
"resultFormatType": 9
},
"error": "",
"returnData": "Successful",
"rawData": "[]",
"contextData": "[]",
"outputData": {
"MessageIDs": "[]"
},
"passdownData": null,
"testingDetailData": null,
"customLog": null,
"others": {}
}
},
"Raw Data": [],
"Error Message": null
},
{
"UTCStarttime": "2022-08-04 22:46:41.890000",
"UTCEndtime": "2022-08-04 22:46:42.150000",
"ExecutionDurationInSec": "0.260",
"IntervalDurationInMinute": "0.080",
"State": "Successful",
"Input Data": [
{
"Command Name": "Fetch Event",
"Parameter 1: User Email": "phishing@d3cyberlab.com",
"Parameter 2: Start Time": "2022-08-04 01:00:00",
"Parameter 3: End Time": "2022-08-04 02:00:00",
"Parameter 4: Top Recent Event Number": "5",
"Parameter 5: Search Condition": ""
}
],
"Output Data": {
"EventCount": 0,
"NotifyChanges": false,
"CompositeId": null,
"ConnectionId": 1038,
"SiteId": 2,
"Error": null,
"DataSourceId": 1093,
"Result": {
"Result": "0 event(s) are created.",
"Events": []
},
"OutputModel": {
"result": {
"description": "<table class='cc-table'><tr><th>Result</th></tr><tr><td>No result</td></tr></table>",
"actions": [],
"references": [],
"resultFormatType": 9
},
"error": "",
"returnData": "Successful",
"rawData": "[]",
"contextData": "[]",
"outputData": {
"MessageIDs": "[]"
},
"passdownData": null,
"testingDetailData": null,
"customLog": null,
"others": {}
}
},
"Raw Data": [],
"Error Message": null
},
{
"UTCStarttime": "2022-08-04 22:46:46.913000",
"UTCEndtime": "2022-08-04 22:46:47.143000",
"ExecutionDurationInSec": "0.230",
"IntervalDurationInMinute": "0.079",
"State": "Successful",
"Input Data": [
{
"Command Name": "Fetch Event",
"Parameter 1: User Email": "phishing@d3cyberlab.com",
"Parameter 2: Start Time": "2022-08-04 02:00:00",
"Parameter 3: End Time": "2022-08-04 03:00:00",
"Parameter 4: Top Recent Event Number": "5",
"Parameter 5: Search Condition": ""
}
],
"Output Data": {
"EventCount": 0,
"NotifyChanges": false,
"CompositeId": null,
"ConnectionId": 1038,
"SiteId": 2,
"Error": null,
"DataSourceId": 1093,
"Result": {
"Result": "0 event(s) are created.",
"Events": []
},
"OutputModel": {
"result": {
"description": "<table class='cc-table'><tr><th>Result</th></tr><tr><td>No result</td></tr></table>",
"actions": [],
"references": [],
"resultFormatType": 9
},
"error": "",
"returnData": "Successful",
"rawData": "[]",
"contextData": "[]",
"outputData": {
"MessageIDs": "[]"
},
"passdownData": null,
"testingDetailData": null,
"customLog": null,
"others": {}
}
},
"Raw Data": [],
"Error Message": null
}
]
}
}