Merge pull request #263 from Wachizungu/add-order-param-events-restsearch

chg: [automation] add doc for /events/restSearch order parameter
2021-04-24 15:07:54 +02:00 · 2021-04-24 15:07:54 +02:00 · 6b512576ba
parent 9bb4911796 0b778f1f3a
commit 6b512576ba
1 changed files with 8 additions and 0 deletions
--- a/automation/README.md
+++ b/automation/README.md
@ -152,6 +152,14 @@ Find below a non exhaustive list of parameters that can be used to filter data i
 - **eventinfo**: Filter on the event's info field.
 - **searchall**: Search for a full or a substring (delimited by % for substrings) in the event info, event tags, attribute tags, attribute values or attribute comment fields.
 - **attackGalaxy**: Select the ATT&CK matrix like galaxy to use when using returnFormat = attack. Defaults to the Mitre ATT&CK library via mitre-attack-pattern.
+- **order**: Only available for /events/restSearch. Sorts the results, can be useful in combination with limit. The accepted values to sort on are "Event.[any_field_in_the_events_table] [asc|desc]". You can also sort on multiple columns, see example below.
+~~~
+{
+    "returnFormat": "json",
+    "limit": "3",
+    "order": "Event.attribute_count desc, Event.date desc"
+}
+~~~

 ## Events management