GET /config/event_sources/wincollect/wincollect_destinations/{id}
Retrieves a WinCollect destination by ID.
| MIME Type |
|---|
application/json |
| Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
id |
path |
Required |
Number (Integer) |
text/plain |
The ID of the WinCollect Destination to retrieve. |
fields |
query |
Optional |
String |
text/plain |
Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
| HTTP Response Code | Unique Code | Description |
|---|---|---|
404 |
1010 |
The WinCollect destination ID was not found. |
500 |
1020 |
An internal server error has occurred. |
Response Description
A WinCollectDestinationDTO.
- id - Integer - The ID of the WinCollect destination.
- name - String - The name of the WinCollect destination.
- host - String - The IP or hostname of the WinCollect destination. WinCollect agents that use this destination send syslog event data to this host.
- port - Integer - The listen port of the WinCollect destination. WinCollect agents that use this destination send syslog event data to this port.
- transport_protocol - Enumeration - The protocol that is used to send event data to this WinCollect destination. Possible values are TCP or UDP.
- event_rate_throttle - Integer - The events-per-second rate that is used to throttle the event flow to this destination.
- internal - Boolean - Set to 'true' if the destination corresponds to a QRadar event collector process from this deployment; otherwise, it is set to false if it is any other host.
Response Sample
{
"event_rate_throttle": 42,
"host": "String",
"id": 42,
"internal": true,
"name": "String",
"port": 42,
"tls_certificate": "String",
"transport_protocol": "String <one of: UDP, TCP, TLS, UNKNOWN>"
}