Hi Deep
Per your first point the result you get for your query is as expected.
Your filters are from_date=2024-07-05 08:00:00 date_to= 2024-07-07 08:00:00
The result is a risk event that started at 2024-07-05 09:00:00 and ended at 2024-07-08 08:00:00
This event was active within the period you query about.
To illustrate this consider a query Q with date_from=t1 and date_to=t2
t1 t2
Q --------|-------------------|------------
E1 |------------|
E2 |---------|
E3 |------------------------|
E4 |-------------------------------|
All the events E1-E4 are active between t1 and t2 and thus all are valid results to the query
I hope this makes sense to you
I will forward your other question to the right person
Guy Gali
------------------------------
GUY GALIL
------------------------------
Original Message:
Sent: Tue July 09, 2024 09:52 AM
From: Deep Kothadiya
Subject: Regarding risk_events and cases endpoint filters
- The
risk_events
endpoint (https://guardium.security.ibm.com/api/v3/risk_events?status=OPENED) has two filters, date_from
and date_to
. However, when we use date and time in the specified format, the output is not as expected. - The
cases
endpoint (https://guardium.security.ibm.com/api/v3/cases?offset=2&limit=2) has two filters, offset
and limit
. Both parameters are not working as intended according to the offset and limit concept.
------------------------------
Deep Kothadiya
------------------------------