Skip Navigation
  1. BlackBerry Docs
  2. Cylance Endpoint Security
  3. Cylance User API guide
  4. Detections API
  5. Get detections by severity

Get detections by severity

Request a list of
CylanceOPTICS
 aggregated detection resources by severity for a tenant. This is useful for making histograms.
Service endpoint
/detections/v2/severity?start={detection_start_timestamp}&end{detection_end_timestamp}
&interval={detection_interval}
Optional query string parameters
  • start: This is the start date-time of the query range.
  • end: This is the end date-time of the query range.
  • interval: This is the timer interval used for grouping detection resources.
  • detection_type: This is the detection type filter.
  • detected_on: This is the detected on filter.
  • event_number: This is the event number filter.
  • device: This is the device name filter.
  • status: The values for this are new, in progress, follow up, reviewed, done, false positive.
Example
https://protectapi.cylance.com/detections/v2/severity?start=2019-09-13T00:00:00Z&end=2019-09-15T23:59:59Z&interval=1d
Method
HTTP/1.1 GET
Request headers
  • Accept: application/json
  • Authorization: Bearer
    JWT Token returned by Auth API
     with the opticsdetect:list scope encoded

Request

None

Response

Please see the Response status codes for more information.

Response JSON schema

Field Name
Description
counts
This is the number of detections found, grouped by severity (informational, medium, and high).
detected_on
This is the time when the detection was received by
Cylance
's cloud services.
facet
This is the facet used for the search. This is severity.
filters
This is the list of filters used on the request.