IBM Security Guardium

• The risk_events endpoint (https://guardium.security.ibm.com/api/v3/risk_events?status=OPENED) has two filters, date_from and date_to. However, when we use date and time in the specified format, the output is not as expected.
• The cases endpoint (https://guardium.security.ibm.com/api/v3/cases?offset=2&limit=2) has two filters, offset and limit. Both parameters are not working as intended according to the offset and limit concept.
  

This is an external forum for customers. Please remove this post and contact the development team through appropriate channels. 

Hi Deep

Per your first point the result you get for your query is as expected.

Your filters are from_date=2024-07-05 08:00:00 date_to= 2024-07-07 08:00:00 

The result is a risk event that started at 2024-07-05 09:00:00 and ended at 2024-07-08 08:00:00

This event was active within the period you query about.

To illustrate this consider a query Q with date_from=t1 and date_to=t2

                    t1                           t2

Q    --------|-------------------|------------

E1        |------------|

E2                      |---------|

E3                   |------------------------|

E4        |-------------------------------|

All the events E1-E4 are active between t1 and t2 and thus all are valid results to the query

I hope this makes sense to you

I will forward your other question to the right person

Guy Gali