Stream advanced OCSF search progress and results

curl --request POST \ --url https://api.wirespeed.co/v1/ocsf/advanced/stream \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data ' { "query": "<string>", "queryId": "<string>", "startTime": "<string>", "endTime": "<string>" } '

{ "type": "<string>", "queryId": "<string>", "rowsRead": 123, "bytesRead": 123, "result": { "data": [ {} ], "totalCount": 123, "queryId": "<string>", "rowsRead": 123, "bytesRead": 123 }, "row": {}, "message": "<string>" }

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json

query

string

Query to search

queryId

string

ID of an existing query to reuse

startTime

string

Start time of the query

endTime

string

End time of the query

Response

type

string

required

Stream event type

queryId

string

required

Unique identifier for this query execution

rowsRead

number

Number of rows read so far

bytesRead

number

Number of bytes read so far

result

object

Final OCSF search result when the stream completes

Show child attributes

row

object

Single streamed result row

message

string

Error message