# Integration based Log Details for Actions

get https://api.picussecurity.com/v1/simulations/{Id}/run/latest/threats/{ThreatId}/actions/{ActionId}/integrations/{IntegrationId}/logs

Includes Action Name, Log Source and Alert Time.
Default limit: 100, Default offset: 0
Max limit: 1000
Same action can be used multiple times under the scope of threat where these actions are distinguished by node_id
node_id parameter can be used optionally. For the case it is not provided, first node is returned.

About

If the simulation is enriched with SIEM / EDR integrations and if any integrations contains log configuration enabled, Integration based Log Details for Actions endpoint returns log list.

Example

curl --request GET \
     --url https://api.picussecurity.com/v1/simulations/6068/run/latest/threats/4241/actions/21178/integrations/134/logs \
     --header 'Accept: application/json' \
     --header 'Authorization: Bearer access_token'

{
  "logs": [
    {
      "log_id": 157127,
      "name": "File Deletion",
      "action": "file",
      "time": 1654793082148,
      "source": "file"
    },
    {
      "log_id": 157134,
      "name": "Registry Value Modified",
      "action": "registry",
      "time": 1654793067073,
      "source": "registry"
    },
    {
      "log_id": 157136,
      "name": "Process Creation",
      "action": "process",
      "time": 1654793067024,
      "source": "process"
    }
  ],
  "pages": {
    "total_count": 3,
    "limit": 100,
    "offset": 0
  }
}

📘
Pagination
Default Limit: 100, Max Limit: 1000

Language

Authorization

Header

Click Try It! to start a request and see the response here!

About

Example

📘Pagination

📘
Pagination