QRadarFullSearch
Runs a QRadar query and return its results to the context.
Dependencies
This playbook uses the following sub-playbooks, integrations, and scripts.
Sub-playbooks
- GenericPolling
Integrations
This playbook does not use any integrations.
Scripts
This playbook does not use any scripts.
Commands
- qradar-get-search-results
- qradar-get-search
- qradar-searches
Playbook Inputs
| Name | Description | Default Value | Required |
|---|---|---|---|
| timeout | The amount of time to wait before a timeout occurs (in minutes). | 600 | Optional |
| interval | The polling frequency. How often the polling command should run (in minutes). | 1 | Optional |
| query_expression | The query expressions in AQL. | - | Required |
| range | The range of results to return. For example, 0-20. | - | Optional |
| headers | The table headers. | - | Optional |
Playbook Outputs
| Path | Description | Type |
|---|---|---|
| QRadar.Search.Result | The results of the search. | unknown |
Playbook Image
