GET /siem/offense_saved_search_groups/{group_id}

Retrieves an offense saved search group.

Retrieves an offense saved search group.

Table 1. GET /siem/offense_saved_search_groups/{group_id} resource details
MIME Type

application/json

Table 2. GET /siem/offense_saved_search_groups/{group_id} request parameter details
Parameter Type Optionality Data Type MIME Type Description

group_id

path

Required

Number (Integer)

text/plain

null

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 3. GET /siem/offense_saved_search_groups/{group_id} response codes
HTTP Response Code Unique Code Description

200

The offense saved search group was retrieved.

404

1002

The offense saved search group does not exist.

500

1020

An error occurred during the attempt to retrieve the offense saved search group.

Response Description

A single Group object. A Group object contains the following fields:
  • id - Long - The ID of the group.
  • parent_id - Long - The ID of the parent group (default resources can have localized names).
  • type - String - The type of the group.
  • level - Long - The depth of the group in the group hierarchy.
  • name - String - The name of the group (default resources can have localized names).
  • description - String - The description of the group (default resources can have localized names).
  • owner - String - The owner of the group.
  • modified_time - Long - The time in milliseconds since epoch since the group was last modified.
  • child_group_ids - Array of Longs - List of the child group IDs.

Response Sample


{
    "child_groups": [
        42
    ],
    "child_items": [
        "String"
    ],
    "description": "String",
    "id": 42,
    "level": 42,
    "modified_time": 42,
    "name": "String",
    "owner": "String",
    "parent_id": 42,
    "type": "String <one of: LOG_SOURCE_GROUP, REPORT_GROUP, RULE_GROUP, EVENT_SAVED_SEARCH_GROUP, FLOW_SAVED_SEARCH_GROUP, OFFENSE_SAVED_SEARCH_GROUP, QRM_SAVED_SEARCH_GROUP, MODEL_SAVED_SEARCH_GROUP, QUESTION_SAVED_SEARCH_GROUP, SIMULATION_SAVED_SEARCH_GROUP, TOPOLOGY_SAVED_SEARCH_GROUP, ASSET_SAVED_SEARCH_GROUP, VULNERABILITY_SAVED_SEARCH_GROUP>"
}