"value" : (Format depends on filter's "filterName" parameter) "filterName" : "asset" | "assetID" | "connectionDirection" | "correlated" | "date" | "destAsset" | "destAssetID" | "destip" | "detailedEventName" | "dport" | "endtime" | "eventName" | "ip" | "lce" | "lceIDs" | "numEvents" | "outputAssets" | "port" | "protocol" | "repository" | "repositoryIDs" | "sensor" | "silo" | "sourceAsset" | "sourceAssetID" | "sourceip" | "sport" | "starttime" | "text" | "timeframe" | "type" | "user",įilterName "asset" | "assetID" | "connectionDirection" | "correlated" | "date" | "destAsset" | "destAssetID" | "destip" | "detailedEventName" | "endtime" | "eventName" | "ip" | "lce" | "lceIDs" | "numEvents" | "outputAssets" | "protocol" | "repository" | "repositoryIDs" | "sensor" | "silo" | "sourceAsset" | "sourceAssetID" | "sourceip" | "starttime" | "text" | "timeframe" | "type" | "user" "tool" : "listdata" | "sumasset" | "sumclassa" | "sumclassb" | "sumclassc" | "sumdate" | "sumevent" | "sumevent2" | "sumip" | "sumport" | "sumprotocol" | "sumsensor" | "sumtime" | "sumtype" | "sumuser" | "syslog" | "timedist", "endOffset" : OPTIONAL (integer upper bound to returned record set. "startOffset" : OPTIONAL (integer lower bound to returned record set. "sortDir" : "ASC" | "DESC" OPTIONAL (default "ASC" if not specified and sortField is specified), "sortField" : OPTIONAL (alphanumeric word(s) separated by a space/dash. "description" : "Created with 'group1's shared asset: 'Test Asset 2'.\n\nThis asset will be deleted" "description" : "Created with 'group1's shared asset: 'Test Asset 1'.\n\nThis asset will be unshared" "description" : "Test for posting an alert query"
0 kommentar(er)
