GET /dynamic_search/schemas/{name}/fields
Gets the list of all available Fields
Gets the list of all available Fields
| MIME Type |
|---|
application/json |
| Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
name |
path |
Required |
String |
text/plain |
null |
Range |
header |
Optional |
String |
text/plain |
Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero. |
filter |
query |
Optional |
String |
text/plain |
Optional - This parameter is used to restrict the elements in a list base on the contents of various fields. |
fields |
query |
Optional |
String |
text/plain |
Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
| HTTP Response Code | Unique Code | Description |
|---|---|---|
200 |
A list of Fields was retrieved. |
|
404 |
1011 |
No schema with that name was found |
500 |
1010 |
null |
Response Description
The list of all available Fields.
- localized_name - String - The localized name for this simple field.
- data_type - String - The dataType for this operator. One of (STRING, INTEGER, DOUBLE, BOOLEAN, IPADDRESS, CIDR, DATESTAMP. UUID).
- semantic_type - String - The type that describes what kind of data this is. (e.g. HOSTNAME, MACADDRESS, SOURCE_IP)
- contextual_type - String - The type that describes that specifically is in this field. (e.g. ASSET_HOSTNAME, OFFENSE_ATTACKER_IP)
- child - Field structure - The argument for the supplied function.
- function - Function structure - The function for the supplied argument.
Response Sample
[
{
"argument_fields": [
{
"contextual_type": "String",
"data_type": "String",
"localized_name": "String",
"semantic_type": "String"
}
],
"contextual_type": "String",
"data_type": "String",
"filter": {
"argument": {
"argument_fields": [
{
"contextual_type": "String",
"data_type": "String",
"localized_name": "String",
"semantic_type": "String"
}
],
"contextual_type": "String",
"data_type": "String",
"filter": "Object",
"function": {
"aggregate": true,
"argument_types": [
{
"position": 42,
"type": "String"
}
],
"localized_name": "String",
"name": "String",
"return_data_type": "String"
},
"localized_name": "String",
"semantic_type": "String"
},
"left_filter": {
"argument": {
"argument_fields": [
{
"contextual_type": "String",
"data_type": "String",
"localized_name": "String",
"semantic_type": "String"
}
],
"contextual_type": "String",
"data_type": "String",
"filter": "Object",
"function": {
"aggregate": true,
"argument_types": [
{
"position": 42,
"type": "String"
}
],
"localized_name": "String",
"name": "String",
"return_data_type": "String"
},
"localized_name": "String",
"semantic_type": "String"
},
"left_filter": {
"argument": {
"argument_fields": [
{
"contextual_type": "String",
"data_type": "String",
"localized_name": "String",
"semantic_type": "String"
}
],
"contextual_type": "String",
"data_type": "String",
"filter": "Object",
"function": {
"aggregate": true,
"argument_types": [
{
"position": 42,
"type": "String"
}
],
"localized_name": "String",
"name": "String",
"return_data_type": "String"
},
"localized_name": "String",
"semantic_type": "String"
},
"operator": {
"connective": "String <one of: AND, OR, NOT>",
"data_type": "String",
"localized_name": "String",
"name": "String"
},
"parameters": [
"String"
]
},
"operator": {
"connective": "String <one of: AND, OR, NOT>",
"data_type": "String",
"localized_name": "String",
"name": "String"
},
"parameters": [
"String"
],
"right_filter": {
"argument": {
"argument_fields": [
{
"contextual_type": "String",
"data_type": "String",
"localized_name": "String",
"semantic_type": "String"
}
],
"contextual_type": "String",
"data_type": "String",
"filter": "Object",
"function": {
"aggregate": true,
"argument_types": [
{
"position": 42,
"type": "String"
}
],
"localized_name": "String",
"name": "String",
"return_data_type": "String"
},
"localized_name": "String",
"semantic_type": "String"
},
"operator": {
"connective": "String <one of: AND, OR, NOT>",
"data_type": "String",
"localized_name": "String",
"name": "String"
},
"parameters": [
"String"
]
}
},
"operator": {
"connective": "String <one of: AND, OR, NOT>",
"data_type": "String",
"localized_name": "String",
"name": "String"
},
"parameters": [
"String"
],
"right_filter": {
"argument": {
"argument_fields": [
{
"contextual_type": "String",
"data_type": "String",
"localized_name": "String",
"semantic_type": "String"
}
],
"contextual_type": "String",
"data_type": "String",
"filter": "Object",
"function": {
"aggregate": true,
"argument_types": [
{
"position": 42,
"type": "String"
}
],
"localized_name": "String",
"name": "String",
"return_data_type": "String"
},
"localized_name": "String",
"semantic_type": "String"
},
"left_filter": {
"argument": {
"argument_fields": [
{
"contextual_type": "String",
"data_type": "String",
"localized_name": "String",
"semantic_type": "String"
}
],
"contextual_type": "String",
"data_type": "String",
"filter": "Object",
"function": {
"aggregate": true,
"argument_types": [
{
"position": 42,
"type": "String"
}
],
"localized_name": "String",
"name": "String",
"return_data_type": "String"
},
"localized_name": "String",
"semantic_type": "String"
},
"operator": {
"connective": "String <one of: AND, OR, NOT>",
"data_type": "String",
"localized_name": "String",
"name": "String"
},
"parameters": [
"String"
]
},
"operator": {
"connective": "String <one of: AND, OR, NOT>",
"data_type": "String",
"localized_name": "String",
"name": "String"
},
"parameters": [
"String"
],
"right_filter": {
"argument": {
"argument_fields": [
{
"contextual_type": "String",
"data_type": "String",
"localized_name": "String",
"semantic_type": "String"
}
],
"contextual_type": "String",
"data_type": "String",
"filter": "Object",
"function": {
"aggregate": true,
"argument_types": [
{
"position": 42,
"type": "String"
}
],
"localized_name": "String",
"name": "String",
"return_data_type": "String"
},
"localized_name": "String",
"semantic_type": "String"
},
"operator": {
"connective": "String <one of: AND, OR, NOT>",
"data_type": "String",
"localized_name": "String",
"name": "String"
},
"parameters": [
"String"
]
}
}
},
"function": {
"aggregate": true,
"argument_types": [
{
"position": 42,
"type": "String"
}
],
"localized_name": "String",
"name": "String",
"return_data_type": "String"
},
"localized_name": "String",
"semantic_type": "String"
}
]