Query parameters
-
page
integer | null The page number to return. The default is 1.
-
pageSize
integer | null The number of results to return per page. The default is 20.
-
sort
string | null The field that is used to sort the results.
Default value is
createdAt. -
sortOrder
string Specifies the sort order.
Values are
ascordesc.
GET
/api/osquery/saved_queries
curl \
--request GET https://localhost:5601/api/osquery/saved_queries \
--header "Authorization: $API_KEY"
Response examples (200)
{
"data": [
{
"id": "42ba9c50-0cc5-11ed-aa1d-2b27890bc90d",
"type": "osquery-saved-query",
"attributes": {
"id": "saved_query_id",
"query": "select * from uptime;",
"version": "2.8.0",
"interval": "60",
"platform": "linux,darwin",
"prebuilt": false,
"created_at": "2022-07-26T09:28:08.597Z",
"created_by": "elastic",
"updated_at": "2022-07-26T09:28:08.597Z",
"updated_by": "elastic",
"description": "Saved query description",
"ecs_mapping": {
"host.uptime": {
"field": "total_seconds"
}
}
},
"namespaces": [
"default"
]
}
],
"page": 1,
"total": 11,
"per_page": 100
}