Get Users by Site

Retrieves users associated with a particular site.

Implementation	System
Command Category	Cyber Utility
Tags	`User`

Inputs

Parameter Name	Required/Optional	Description	Sample Data
Site Name	Required	The site of the queried user.	`Security Operations`
Online	Required	Only show online users	`Yes`

Output

Raw Data

The response data from the utility command.

SAMPLE DATA

CODE

{
    "users": [
        {
            "userID": "21",
            "userName": "rjohnson",
            "firstName": "Robert",
            "lastName": "Johnson",
            "fullName": "Robert Johnson",
            "timezone": "W. Europe Standard Time",
            "timezoneId": "30",
            "description": "System Administrator",
            "email": "rjohnson@d3security.com",
            "phone": "02012345678"
        },
        {
            "userID": "22",
            "userName": "msmith",
            "firstName": "Mary",
            "lastName": "Smith",
            "fullName": "Mary Smith",
            "timezone": "Hawaiian Standard Time",
            "timezoneId": "3",
            "description": "System Administrator",
            "email": "msmith@d3security.com",
            "phone": "8081234567"
        }
    ]
}

Remote Command API

The D3 command API allows you to send requests to D3 SOAR to execute this utility command via REST API.

Request

POST

CODE

https:/{base_url}/{api_namespace}/api/Command/GetUsersBySite

Headers

Please refer to the page Webhook Configuration Guide - Authentication Method: API Keys for more details.

Request Body

JSON

{
  "Username": <Username here>,
  "Site": <Site here>,
  "CommandParams": {
    "Site Name": <SiteName here>,
    "Online": <Online here>,
  }
}

Body Parameters

Parameter Name	Type	Required/Optional	Description
Username	`Text`	Required	The username of your D3 SOAR account.
Site	`Text`	Required	The D3 SOAR site to run the remote command.
Site Name	`Text`	Required	The site of the queried user.
Online	`Boolean`	Required	Only Show Online Users

Sample Request

SAMPLE DATA

JSON

{
  "Username": "Admin",
  "Site": "Security Operations",
  "CommandParams": {
    "Site Name": "Security Operations",
    "Online": "Yes"
  }
}

Response

Response Fields

Field Name	Type	Description
error	`Text`	The error message if the API request has failed.
rawData	`JSON Object`	The raw data from the API request.

Sample Response

JSON

{
    "error": "",
    "rawData": {
        "users": [
            {
                "userID": "21",
                "userName": "rjohnson",
                "firstName": "Robert",
                "lastName": "Johnson",
                "fullName": "Robert Johnson",
                "timezone": "W. Europe Standard Time",
                "timezoneId": "30",
                "description": "System Administrator",
                "email": "rjohnson@d3security.com",
                "phone": "02012345678"
            },
            {
                "userID": "22",
                "userName": "msmith",
                "firstName": "Mary",
                "lastName": "Smith",
                "fullName": "Mary Smith",
                "timezone": "Hawaiian Standard Time",
                "timezoneId": "3",
                "description": "System Administrator",
                "email": "msmith@d3security.com",
                "phone": "8081234567"
            }
        ]
    }
}