GET Specific Saved Query

GET Saved Query


Request used to get a specific Saved Query

URL

https://REGION.rest.logs.insight.rapid7.com/query/saved_queries

REGION is the data center for your account - e.g. "us" or "eu"

Method

GET

Authentication

Owner, Read Write or Read Only key is required.

URL Params

queryid=[UUID] Example Value: de305d54-75b4-431b-adb2-eb6b9e546014

Data Params

None

Success Response

Code 200Content:

json
1
{
2
"saved_query": {
3
"logs": [],
4
"id": "00000000-0001-bd8a-0000-000000000000",
5
"leql": {
6
"during": {
7
"to": null,
8
"from": null,
9
"time_range": null
10
},
11
"statement": "where(bytes > 10) calculate(AVERAGE:connect)"
12
},
13
"name": "My-Search"
14
}
15
}

Error Response

If the Saved Query can not be found Code 404 NOT FOUND

Sample Call

python
1
import requests
2
import json
3
import time
4
5
6
API_KEY = 'YOUR API KEY GOES HERE'
7
QUERY_ID = 'YOUR QUERY ID GOES HERE'
8
9
def handle_response(resp):
10
response = resp
11
time.sleep(1)
12
if response.status_code == 200:
13
print json.dumps(resp.json(), indent=4)
14
else:
15
print response.status_code
16
17
18
def make_request(provided_url=None):
19
headers = {'x-api-key': API_KEY}
20
21
url = "https://us.rest.logs.insight.rapid7.com/query/saved_queries/" + QUERY_ID
22
req = requests.get(url, headers=headers)
23
return req
24
25
26
def print_query():
27
req = make_request()
28
handle_response(req)
29
30
def start():
31
print_query()
32
33
34
if __name__ == '__main__':
35
start()

Notes