DNIF HYPERCLOUD
The DNIF Search API helps to develop an application that can retrieve and display results with the desired DQL query programmatically.
App Vendor: DNIF
App Category: Analytics & SIEM
Connector Version: 1.1.0
API Version: 1.0.0
Notice
This is a beta-app and the documentation is in progress.
About App
The DNIF search API helps to develop an application that can retrieve and display results with the desired DQL query programmatically.
The DNIF Hypercloud app is configured with Orchestrate to perform the following actions:
Action Name | Description |
|---|---|
Get Search Result | This action retrieves the search result. |
Get Search Task Status | This action retrieves the status of a task. |
Invoke Search | This action retrieves the task ID of a search. |
Configuration Parameters
The following configuration parameters are required for the DNIF Hypercloud app to communicate with the DNIF Hypercloud enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the base URL. Example: "https://<ipaddress>" | Text | Required | |
Cluster ID | Enter the cluster ID. | Text | Required | |
API Token | Enter the API token. | Password | Required | |
Verify | Choose to verify the SSL certificates. | Boolean | Optional | Default value: false Allowed values:
|
Action: Get Search Result
This action retrieves the search result.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Task ID | Enter the task ID. | Text | Required | You can retrieve a task ID using the action Invoke Search. |
Limit | Enter the number of records to retrieve. | Integer | Optional | |
Page No | Enter the offset value. | Integer | Optional |
Action: Get Search Task Status
This action retrieves the status of a task.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Task ID | Enter the task ID to retrieve its status. | Text | Required | You can retrieve a task ID using the action Invoke Search. |
Action: Invoke Search
This action retrieves the task ID of a search.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Query Timezone | Enter the time zone in which the query is executed Example: "Asia/Kolkata" | Text | Required | |
Query | Enter the DQL (DNIF Query Language) query to retrieve data. Example: "_fetch * from event where $stream=firewall and $starttime=2021-09-14t17:42:00 and $endtime=2021-09-14t18:13:32 limit 10" | Text | Required | |
Scope ID | Enter the scope to retrieve data. | Text | Optional | Default value: default |