PATCH Saved Query

PATCH Saved Query


Request used to update a given resource for a specified saved query

URL

https://REGION.rest.logs.insight.rapid7.com/query/saved_queries

REGION is the data center for your account - e.g. "us" or "eu"

Method

PATCH

Authentication

Owner or Read Write key is required.

URL Params

queryid=[UUID] Example Value: de305d54-75b4-431b-adb2-eb6b9e546014

Data Params

json
1
{
2
"saved_query": {
3
field: value
4
}

Success Response

Code 200Content:

json
1
{
2
"saved_query": {
3
"id": "245ff892-ffed-4e99-9ee1-ab99fb20f2fc",
4
"logs": [],
5
"leql": {
6
"during": {
7
"to": null,
8
"from": null,
9
"time_range": null
10
},
11
"statement": "where(foo=bar)"
12
},
13
"name": "MySearch"
14
}
15
}

Error Response

  • 404 if saved query is not found
  • 400 if search name is invalid. Validation: 1-32 chars in length
  • 400 if LEQL query is invalid. Validation: 1-1024 chars in length

Sample Call

python
1
import base64
2
import datetime
3
import hashlib
4
import hmac
5
import json
6
import requests
7
8
rw_key = "37885dd4-e870-4761-84bd-13622451ae5e"
9
query_id = "480281d0-c647-4af0-b02e-44b826b9f9a7"
10
body = {"saved_query": {"name": "new name"}}
11
uri = 'query/saved_queries/%s' % (query_id)
12
13
def patch_query():
14
url = "https://us.rest.logs.insight.rapid7.com/" + uri
15
headers = {
16
'x-api-key': rw_key,
17
"Content-Type": "application/json"
18
}
19
r = requests.patch(url, data=json.dumps(body, separators=(',', ':')), headers=headers)
20
print r.status_code, r.content
21
22
def start():
23
patch_query()
24
25
if __name__ == '__main__':
26
start()

Notes