GET /forensics/capture/recovery_tasks
Retrieves a list of recovery tasks.
Retrieves a list of recovery tasks.
| MIME Type |
|---|
application/json |
| Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
filter |
query |
Optional |
String |
text/plain |
Optional - This parameter is used to restrict the elements in a list base on the contents of various fields. |
Range |
header |
Optional |
String |
text/plain |
Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero. |
fields |
query |
Optional |
String |
text/plain |
Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
| HTTP Response Code | Unique Code | Description |
|---|---|---|
200 |
The workflow recovery job tasks were retrieved. |
|
500 |
1020 |
An error occurred while the recovery job task list was being retrieved. |
Response Description
- assigned_to - String - The username of the user the recovery task is assigned to.
- bpf - String - Berkeley Packet Filter sent to capture device when recovering.
- capture_device_id - String - Capture device where this task collected its data. The IP address of the capture device at time of recovery.
- case_id - String - ID of case where the collection is created.
- collection_name - String - Name of collection where recovered data is stored. Derived from device recovery collection name suffix. NOTE: This is used as part of the collection_name to uniquely identify and index the data at time of recovery and is not updated if the capture device IP address is changed.
- id - Long - ID for the recovery task.
- managed_host_hostname - String - The managed host the recovery task is running on.
- recovery_id - Long - ID of the recovery this task belongs to.
- recovery_window_end_time - Long - End of time range for data recovery window sent to capture device. Data recovered is from before this time.
- recovery_window_start_time - Long - Start of time range for data recovery window sent to capture device. Data recovered is from after this time.
- status - String - Current status of this task. Possible values are:
- CANCELED - Recovery from capture device canceled. Any documents recovered before cancellation remain in the system.
- CANCELLING - Recovery from capture device in process of cancellation
- FAILED - Something went wrong with the recovery.
- IN_PROGRESS - The capture device is processing the recovery.
- NEW - The recovery task was created and is waiting to be picked up by the system.
- PENDING - The recovery task was picked up by the system and is waiting for the capture device to start processing the recovery.
- SUCCESS - Recovery from capture device successfully completed
- tags - String Array - Identifiers that are applied to recovered data to assist with grouping when searching. These are user-supplied string identifiers that are used to mark the data so the user can easily look up the data later.
- task_end_time - Long - Timestamp the recovery task completed.
- task_start_time - Long - Timestamp the recovery task started.
Response Sample
[
{
"assignee": "String",
"bpf": "String",
"capture_device_ip": "String",
"case_id": 42,
"collection_name": "String",
"id": 42,
"managed_host_hostname": "String",
"recovery_id": 42,
"recovery_window_end_time": 42,
"recovery_window_start_time": 42,
"status": "String <one of: CANCELED, CANCELING, FAILED, IN_PROGRESS, NEW, PENDING, SUCCESS>",
"tags": [
"String"
],
"task_end_time": 42,
"task_start_time": 42
}
]