Executing Analysis
Function
This API is used to execute analysis.
Calling Method
For details, see Calling APIs.
URI
POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/analysis
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Definition Project ID, which is used to specify the project that a resource belongs to. You can query the resources of a project by project ID. You can obtain the project ID from the API or console. Obtaining the Project ID Constraints N/A Value Range N/A Default value N/A |
|
workspace_id |
Yes |
String |
Workspace ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
Definition User token. You can obtain it by calling the IAM API for obtaining a user token. The user token is the value of X-Subject-Token in the response header. Obtaining a User Token Constraints N/A Range N/A Default Value N/A |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
dataspace_id |
Yes |
String |
Data space ID. |
|
from |
Yes |
Long |
Query start time. |
|
limit |
Yes |
Integer |
Number of returned raw logs. The maximum value is 500. |
|
offset |
Yes |
Integer |
Query offset. |
|
pipe_id |
Yes |
String |
Data pipeline ID. |
|
query |
Yes |
String |
Query statement. |
|
query_type |
Yes |
String |
Query type, which can be SQL or CBSL. |
|
to |
Yes |
Long |
Query end time. |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
datarows |
Array<Array<>> |
Statistical analysis result data. |
|
schema |
Array of AnalysisField objects |
Field type of statistical analysis result. |
|
size |
Integer |
Number of returned statistical analysis results. |
|
total |
Integer |
Total number of statistical analysis results. |
|
Parameter |
Type |
Description |
|---|---|---|
|
alias |
String |
Field alias. |
|
name |
String |
Field name. |
|
type |
String |
Field type. The options are boolean, byte, short, integer, long, float, half_float, scaled_float, double, keyword, text, date, ip, binary, object, and nested. |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
Example Requests
{
"dataspace_id" : "a00106ba-bede-453c-8488-b60c70bd6aed",
"from" : 1584883694354,
"limit" : 50,
"offset" : 0,
"pipe_id" : "2b31ed520xxxxxxebedb6e57xxxxxxxx",
"query" : "* | select status, count(*) as count group by status",
"query_type" : "SQL",
"to" : 1584883694654
}
Example Responses
None
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Successful. |
|
400 |
Error response. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
