ShowContent · Customer Self-Service

ビュー:

Retrieves results based on the specified taskId.

Since the investigation may take some time to complete, call the ShowContent API at regular intervals until the API responds with the results of the specified TaskId.

Responses returned by ShowContent API vary depending on which API provided the taskId.

HTTP Request

PUT /WebApp/OSCE_iES/OsceIes/ApiEntry

Parameters

Important:

The HTTP request body must contain all required parameters.

Name	Type	Description
Required Parameters
Url	String	Specifies the Endpoint Sensor API request to query
TaskType	Integer	Type of API request For Endpoint Sensor, the value is always `4`. For available values, see Threat Investigation API Task Types.
Payload	Object	Payload of the request
TaskId	String	TaskId from another API call that is used to retrieve a specific task result Specify the taskId values returned by the following APIs: ShowFootprintChain ShowFootprintTable CreateQuickScan
ContentId	String	Indicates the location of the dataset Specify an empty string for the initial request. Specify the `lastContentId` of the response after the first initial request to continually get results from the servers until the `hasMore` value response is `false`.
TopN	Integer	Retrieves the top `n` results from the servers

HTTP Request Example

PUT /WebApp/OSCE_iES/OsceIes/ApiEntry

HTTP Request Body

Specify a JSON object containing the following HTTP request body:

Request body:

  {

"Url": "V1/Content/ShowContent",
   "TaskType": 4,
   "TaskId": "88173A23-F45E-4ADB-B2D8-5609BB18A625",

"ContentId": "[{\"serverGuid\": 
                \"6E01A801D38A-48C58345-1D52-85AA-A0A3\",

                         \"lastContentId\": 1898,
                         \"hasMore\": true
                         \"totalProgress\": 2,
                         \"currentProgress\": 1}]",

   "TopN": 1

}

Response

If successful, this method returns an HTTP status code of "200", result code of "0", and a response body with the following structure:

Note:

The examples below are the responses returned using a taskId provided by the CreateQuickScan API.

Example 1: To verify if more content is available, check the value of hasMore in the response. If hasMore is true, use the taskId and lastContentId parameter of the next request to get the next set of records.

{
 "Data": {
    "Code": 0,
    "CodeType": 1,
    "Message": "OK",
    "Data": {
      "taskId": "88173A23-F45E-4ADB-B2D8-5609BB18A625",
      "lastContentId": "[{
       \"serverGuid\": \"6E01A801-D38A-48C5-8345-1D5285AAA0A3\",
       \"lastContentId\": 1913,
       \"hasMore\": true
       \"totalProgress\": 2,
       \"currentProgress\": 2}]",
      "hasMore": true,
      "serverName": "SAMPLE_SERVER",
      "serverGuid": "6E01A801-D38A-48C5-8345-1D5285AAA0A3",
      "content": [
        {
          "statusCode": 0,
          "message": "TMSL_S_SUCCESS",
          "content": {
            "agentServerMeta": [
              {
                "agentGuid": 
                "BCBFD3D7-ABC9-4993-9E78-932CEAA2E6BA",
                "minFirstSeen": 1535446684,
                "serverMeta": [
                  {
                    "criteriaNo": 0,
                    "metaCategory": 8,
                    "metaValue": "chrome.exe",
                    "metaHashId": "6402513676012825508",
                    "firstSeen": 1535446684,
                    "lastSeen": 0,
                    "repeatCount": 0,
                    "isSpecialCmdLine": false
                  }
                ],
                "isCriteriaExceedMaxMetaCount": [
                  false
                ],
                "serverGuid": 
                "6E01A801-D38A-48C5-8345-1D5285AAA0A3",
                "serverName": "SAMPLE_SERVER",
                "isOnline": true,
                "isImportant": false,
                "ip": "10.1.172.116",
                "machineGuid": 
                "05901E77-DFCC-420F-BA3B-FF3BF75FB834",
                "machineName": "SAMPE_AGENT",
                "machineType": "Desktop",
                "userName": "TREND\\SAMPE_AGENT",
                "userGuid": 
                "94926BCD4-D944-65CD-FFF6-6A874D6BC4D",
                "isolateStatus": 0,
                "machineOS": "Windows 10"
              }
            ]
          }
        }
      ]
    },
    "TimeZone": 8
  },
  "Meta": {
    "result": 1,
    "errorCode": 0,
    "errorMessgae": "Success"
  },
  "PermissionCtrl": {
    "permission": "255",
    "elements": null
  },
  "FeatureCtrl": {
    "mode": "0"
  },
  "SystemCtrl": {
    "TmcmSoDist_Role": "none"
  }
}

Example 2: If hasMore is false, no more data can be retrieved from the specified taskId.

{
 "Data": {
    "Code": 0,
    "CodeType": 1,
    "Message": "OK",
    "Data": {
      "taskId": "88173A23-F45E-4ADB-B2D8-5609BB18A625",
      "lastContentId": "[{
       \"serverGuid\": \"6E01A801-D38A-48C5-8345-1D5285AAA0A3\",
       \"lastContentId\": 1913,
       \"hasMore\": true
       \"totalProgress\": 2,
       \"currentProgress\": 2}]",
      "hasMore": false,
      "serverName": "SAMPLE_SERVER",
      "serverGuid": "6E01A801-D38A-48C5-8345-1D5285AAA0A3",
      "content": []
    },
    "TimeZone": 8
  },
  "Meta": {
    "result": 1,
    "errorCode": 0,
    "errorMessgae": "Success"
  },
  "PermissionCtrl": {
    "permission": "255",
    "elements": null
  },
  "FeatureCtrl": {
    "mode": "0"
  },
  "SystemCtrl": {
    "TmcmSoDist_Role": "none"
  }
}

Note:

The ShowContent API response includes the parameters from the API which provided the taskId.

The following table describes the response objects specific to this API.

Name	Type	Description
Data.taskId	String	Task ID received from the request
Data.hasMore	Boolean	Indicates whether the source has more results
Data.serverGuid	String	GUID of the server
Data.serverName	String	Name of the server

For more information about standard responses and response codes for this API, see the following topics: