Script de flujo de trabajo de API de ejemplo

Utilice el script de este ejemplo para descargar un informe del Explorador de casos prácticos en formato CSV.

Importante: Debido a problemas de formato, pegue el script en un editor de texto y, a continuación, elimine los caracteres de retorno de carro o salto de línea.

Puede reemplazar el código de los filtros con otros detalles de los filtros. En la línea siguiente, sustituya el contenido en negrita por otro contenido de filtro que se describe en Filtros del Explorador de casos prácticos.


--data-raw '{"filters": [{"name":"rule","type":"ATTRIBUTE","recursive":true,"matchCriteria":"PARTIAL","values":[true],"attributeName":"",valueType":"EXCLUSIVE_COMMON"}],"columns":["N","GR","RC","T","RO","EN","RE","CD","MD"]}'

/* Begin by initiating the report generation with POST/api/use_case_explorer. */ 
curl --header 'SEC: xxxx-xxxxx-xxxxx-xxxx' --location --request POST 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer' \
--header 'Content-Type: application/json' \
--data-raw '{"filters":[{"name":"rule","type":"ATTRIBUTE","recursive":true,"matchCriteria":"PARTIAL","values":[true],"attributeName":"",valueType":"EXCLUSIVE_COMMON"}],"columns":["N","GR","RC","T","RO","EN","RE","CD","MD"]}'

/* Return the current status of report generation from POST/api/use_case_explorer by calling GET /api/use_case_explorer/{reportId}/status. */
curl --header 'SEC: xxxx-xxxxx-xxxxx-xxxx' --location --request GET 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer/{report id}/status' \

/* To download the report in CSV format, once GET /api/use_case_explorer/{reportId}/status
 returns a status of COMPLETED, use POST /api/use_case_explorer/{reportId}/download_csv
 to initiate the job to generate a CSV report */
curl --header 'SEC: xxxx-xxxxx-xxxxx-xxxx' --location --request POST 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer/{report id}/download_csv' \
--header 'Content-Type: application/json' \
--data-raw '{"columns":"N,GR,RC,T,RO,EN,RE,CD,MD"}'

/* Return the current status of CSV report generation from POST /api/use_case_explorer/{reportId}/download_csv by calling GET /api/use_case_explorer/download_csv/{jobId}/status */
curl --header 'SEC: xxxx-xxxxx-xxxxx-xxxx' --location --request GET 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer/download_csv/{download csv job id}/status' \
--header 'Content-Type: application/json' \
--data-raw '{"columns":"N,GR,RC,T,RO,EN,RE,CD,MD"}'

/* Finally, when GET /api/use_case_explorer/download_csv/{jobId}/status
 returns a status of COMPLETED, call GET /api/use_case_explorer/download_csv/{jobId}/result
 to download your generated report in CSV file format */
curl --header 'SEC: xxxx-xxxxx-xxxxx-xxxx' --location --request GET 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer/download_csv/{download csv job id}/result?csvName=test.csv' \
--header 'Content-Type: application/json' \
--data-raw '{"columns":"N,GR,RC,T,RO,EN,RE,CD,MD"}'