getTopThreatType.RdGets top threat-types within timeframe for the given filters.
getTopThreatType( type, to, domains = NULL, categories = NULL, policycategories = NULL, ip = NULL, identityids = NULL, identitytypes = NULL, applicationid = NULL, verdict = NULL, threats = NULL, threattypes = NULL, offset = 0, limit = 100, organizationId = Sys.getenv("umbrellaOrganizationId") )
| type | the type of entries used to calculate the result (dns, proxy, firewall) |
|---|---|
| to | timestamp to filter to (or relative, e.g. now) |
| domains | domain filter, comma delimited |
| categories | categories filter, comma delimited ints |
| policycategories | policy-triggering categories filter, comma delimited ints |
| ip | ip filter |
| identityids | identity filter, comma delimited |
| identitytypes | identity type filter, comma delimited. |
| applicationid | application id filter |
| verdict | verdict filter, comma delimited |
| threats | threat names filter, comma delimited |
| threattypes | threat types filter, comma delimited |
| offset | offset |
| limit | limit |
| organizationId | the organization id |