CaseSearchEverything not returning any data

Is there something that needs to be turned on to allow the SOAR CaseSearchEverything endpoint to return data?
We have cases and I can get other SOAR api endpoints to work. This one returns success but never any data even within the swagger UI.

Here's how I'm calling it.

Page 1 / 1

You need to include the parameter timeRangeFilter in your payload like below and it should work.

{

    "startTime": "2023-07-10T00:00:00.000Z",

    "endTime": "2023-07-24T00:00:00.000Z",

    "timeRangeFilter": 0

}

Let me know if you have any more issues.

-mike

You need to include the parameter timeRangeFilter in your payload like below and it should work.

{

    "startTime": "2023-07-10T00:00:00.000Z",

    "endTime": "2023-07-24T00:00:00.000Z",

    "timeRangeFilter": 0

}

Let me know if you have any more issues.

-mike

Thanks, I get the same results? There are 18 cases in the UI that match this time range (though the UI seems to use dd/mm/yyyy, does that matter?)

FWIW I looked back in swagger and see the timeRangeFilter parameter isn't mentioned in the CaseSearchEverything endpoint but is mentioned in the GetSearchResultsAsCsv endpoint. I tried it using that endpoint, but got the same empty result set just as csv.

I believe your Python syntax is wrong and you're not passing the query currently. You'll want to update your code to something like this:

response = requests.post(url, headers=headers, json=query)

-mike

I believe your Python syntax is wrong and you're not passing the query currently. You'll want to update your code to something like this:

response = requests.post(url, headers=headers, json=query)

-mike

Doh, you are correct AND it needs the timeRangeFilter parameter not mentioned in swagger.

Changed it to this and it returns results, thanks!

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded