enable_quick_search

This command enables investigation dashboard functionality.

This API is available in Guardium V9.5 and later.

REST API syntax

This API is available as a REST service with the PUT method. Call this API as follows:
PUT https://[Guardium hostname or IP address]:8443/restAPI/enable_quick_search

GuardAPI syntax

enable_quick_search parameter=value

Parameters

Parameter Value type Description
all Boolean On a central manager only, use this parameter to enable quick search (investigation dashboard) on all of its managed units. Valid values:
  • 0 (false): Do not enable on the central manager's managed units. (Enable on the central manager only.)
  • 1 (true): Enable on the central manager and all of its managed units.

Default = 0 (false)

extraction_start Date The date by which to start the extraction of audit data for quick search. If this parameter is omitted, extraction starts immediately.
includeViolations Boolean Whether or not to include violations in the search indexes. Omitting violations can help reduce the size of search indexes. Valid values:
  • 0 (false)
  • 1 (true)

Default = 0 (false)

schedule_interval String Required. Together with the schedule_units parameter, this defines the interval for extracting audit data. For example, schedule_interval=2 schedule_units=MINUTE.
schedule_start Date Date on which to begin extracting data.
schedule_units String Required. Together with the schedule_interval parameter, this defines the interval for extracting audit data. For example, schedule_interval=2 schedule_units=MINUTE. Valid values:
  • HOUR
  • MINUTE
api_target_host String Specifies the target hosts where the API executes. Valid values:

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=10.0.1.123.
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=10.0.1.123.

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.

Examples

To enable quick search on the current unit and all of its managed units:

disable_quick_search all=true