Example API Workflow Script
Use the script in this example to download a Use Case Explorer report in CSV format.
Note:
Due to formatting issues, paste the script into a text editor and then remove any carriage return or line feed characters.
You can replace the filters code with other filter details. In the following line, replace the bolded content with other filter content that is described in Use Case Explorer Filters.
--data-raw '{"filters": [{"name":"rule","type":"ATTRIBUTE","recursive":true,"matchCriteria":"PARTIAL","values":[true],"attributeName":"",valueType":"EXCLUSIVE_COMMON"}],"columns":["N","GR","RC","T","RO","EN","RE","CD","MD"]}' /* Begin by initiating the report generation with POST/api/use_case_explorer. */
curl --user admin --location --request POST 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer' \
--header 'Content-Type: application/json' \
--data-raw '{"filters":[{"name":"rule","type":"ATTRIBUTE","recursive":true,"matchCriteria":"PARTIAL","values":[true],"attributeName":"",valueType":"EXCLUSIVE_COMMON"}],"columns":["N","GR","RC","T","RO","EN","RE","CD","MD"]}'
/* Return the current status of report generation from POST/api/use_case_explorer by calling GET /api/use_case_explorer/{reportId}/status. */
curl --user admin --location --request GET 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer/{report id}/status' \
--header 'Cookie: csrfToken=DG0pShPY-Ks59qGwW_nraLhvdl1zzyQua9Tg;
/* To download the report in CSV format, once GET /api/use_case_explorer/{reportId}/status
returns a status of COMPLETED, use POST /api/use_case_explorer/{reportId}/download_csv
to initiate the job to generate a CSV report */
curl --user admin --location --request POST 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer/{report id}/download_csv' \
--header 'Content-Type: application/json' \
--data-raw '{"columns":"N,GR,RC,T,RO,EN,RE,CD,MD"}'
/* Return the current status of CSV report generation from POST /api/use_case_explorer/{reportId}/download_csv by calling GET /api/use_case_explorer/download_csv/{jobId}/status */
curl --user admin --location --request GET 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer/download_csv/{download csv job id}/status' \
--header 'Content-Type: application/json' \
--data-raw '{"columns":"N,GR,RC,T,RO,EN,RE,CD,MD"}'
/* Finally, when GET /api/use_case_explorer/download_csv/{jobId}/status
returns a status of COMPLETED, call GET /api/use_case_explorer/download_csv/{jobId}/result
to download your generated report in CSV file format */
curl --user admin --location --request GET 'https://{qradar ip}/console/plugins/{UCM App ID}/app_proxy/api/use_case_explorer/download_csv/{download csv job id}/result?csvName=test.csv' \
--header 'Content-Type: application/json' \
--data-raw '{"columns":"N,GR,RC,T,RO,EN,RE,CD,MD"}'