Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Query Documents Via API (Web Browser)

Query Documents Via API (Web Browser)

Version

Cb Response 5.2.x, 6.1.x

Topic

This is the easiest way to gather process or binary fields from a SOLR document for additional troubleshooting. If you are logged in, you can do this by changing the URL in your web browser.

Note: The API won’t contain all fields such as the last_server_update timestamp. if this information is requested, please follow this guide instead: 5.x Query Documents Via Curl (SSH/Terminal)

Steps

Process Document

How to retrieve the raw data from the Process Analysis page

Process Analysis URL

https://SERVERADDRESS/#/analyze/00000001-0000-0c50-01d1-b68e3af60965/1/QUERY

API Format

Process Summary

https://SERVERADDRESS/api/v1/process/UNIQUEID/SEGMENT/

Process Events

https://SERVERADDRESS/api/v3/process/UNIQUEID/SEGMENT/event

Examples

Process Summary

https://cbresponseserver.com/api/v1/process/00000001-0000-0c50-01d1-b68e3af60965/1

Process Events

https://cbresponseserver.com/api/v3/process/00000001-0000-0c50-01d1-b68e3af60965/1/event

Binary Document

How to retrieve the raw data from the Binary Details page

Binary Details URL

http://SERVERADDRESS/#/binary/959A31D0CD013CEA0C66DB7C03BCBDDF

API Format

http://SERVERADDRESS/api/v1/binary/MD5HERE/summary

Example

http://cbresponseserver.com/api/v1/binary/959A31D0CD013CEA0C66DB7C03BCBDDF/summary

Sensor Details Document

How to retrieve the raw data from the Sensor Details page

Sensor Details URL

http://SERVERADDRESS/#/host/SENSORID

API Format

http://SERVERADDRESS/api/v1/sensor/SENSORID

Example

http://cbresponseserver.com/api/v1/sensor/1/

Note: For more information on how to pull information via the API check here: REST API Reference - Carbon Black Developer Network

Labels (1)
Was this article helpful? Yes No
0% helpful (0/1)
Article Information
Author:
Creation Date:
‎01-30-2017
Views:
1854
Contributors