API Request for a Search

You can now view the API request for initiating an AutoFocus Search directly from the AutoFocus interface. The API request is for retrieving samples, sessions, or statistics that meet the conditions of the current AutoFocus search. This feature is useful for quickly generating API requests for complex searches to use with your external application. Note that the API request provided by this feature is only to start an AutoFocus search; a different API request is required to view the search results.
  1. Start or continue an AutoFocus search.
  2. View the API request for initiating the search.
    • View (
      >_ API
      ) the API request for
      Samples
      or
      Sessions
      that have been filtered according to the current search condition(s).
    api-query-link.png
    • View (
      >_
      ) the API request in any of the
      Statistics
      widgets for artifacts that meet the conditions of the current search and widget. In the following example, the API request for
      Top Malware
      is only for retrieving the ten most prevalent malware samples in your network.
    api-query-widget.png
  3. Toggle between
    Python
    and
    Curl
    to select the format of the API request that you want to
    copy to clipboard
    .
    api-query-window.png
    The API request reflects the parameters of the search you performed. For example, the sample Curl URL Request Library (cURL) API request above is from the
    Top Firewalls
    widget (
    Statistics
    ). We can tell from the code that the API request:
    • Retrieves the top ten firewalls (
      "size":10
      ) with the most sessions that use the
      web-browsing
      application (
      "field":"device.serial","operator":"is","value":"web-browsing"
      ).
    • Retrieves the
      Serial
      numbers of the firewalls (
      "field":"device.serial"
      ).
    • Limits the scope of the request to private samples only (
      "scope":"private"
      ).
  4. Next steps:
    • Refer to the AutoFocus API Reference Guide for more information on how to view the results of an API request.
    • Learn more about how to use cURL and Python to integrate the AutoFocus API with your application. To use the AutoFocus API with Python, install the pan-python package, which provides a Python and command line interface for AutoFocus.

Recommended For You