Search graphs

Endpoint used to search graphs.

There are a set of multiple modifiers that you can use to refine your search results. You can combine all of them together and use them in conjunction with AND, OR and NOT operators.

Date and numeric fields support the suffix plus or minus to match values greater or less than the passed value. If not sign has been added to the modifier, you will get exact matches. You can use more than once the same modifier in the same query to define ranges: creation_date:2018-11-1+ creation_date:2018-11-12- will match graphs created between 2018-11-1 and 2018-11-22.

Graph-related modifiers

id:Filters by graph
name:Filters by graph
owner:Filters by graphs owned by user.owner:richard_hendricks
group:Filters by graphs owned by
visible_to_user:Filters by graphs visible to user.visible_to_user:richard_hendricks
visible_to_group:Filters by graphs visible to group.visible_to_group:piedpiper
private:Filters by private graphs.private:true, private:false
creation_date:Filters by the graph creation date.creation_date:2018-11-1
last_modified_date:Filters by the last date the graph was modified.last_modified_date:2018-11-12
total_nodes:Filters by graphs containing some amount of nodes.total_nodes:100
comments_count:Filter by the number of comments of the graph.comments_count:10+
views_count:Filter by the number of graph views.views_count:1000+

Node-related modifiers

label:Filters by graphs containing nodes with a specific labellabel:Kill switch
file:Filters by graphs containing the file.file:131f95c51cc819465fa1797f6ccacf9d494aaaff46fa3eac73ae63ffbdfd8267
domain:Filters by graphs containing the
ip_address:Filters by graphs containing the ip address.ip_address:
url:Filters by graphs containing the url.url:
actor:Filters by graphs containing the bear
victim:Filters by graphs containing the victim.victim:richard_hendricks
email:Filters by graphs containing the[email protected]
department:Filters by graphs containing the department.department:engineers

In addition to these modifiers, you can do a free search query. The search engine will return graphs that match the query with the content of any field in the graph.

curl --request POST \
  --url \
  --header 'x-apikey: <your API key>'
curl --request POST \
  --url \
  --header 'x-apikey: <your API key>'
curl --request POST \
  --url,graph_data \
  --header 'x-apikey: <your API key>'
curl --request POST \
  --url \
  --header 'x-apikey: <your API key>'

Supported order fields are: name, owner, creation_date, last_modified_date, views_count and comments_count.

Click Try It! to start a request and see the response here!