deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-29 13:47:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #4855 from MicrosoftDocs/FromPrivateRepo

Browse Source 
From private repo
This commit is contained in:
huypub 2019-09-04 10:14:32 -07:00 committed by GitHub
commit 0216fbc0b1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
windows/security/threat-protection/microsoft-defender-atp/images/TVM_icon.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.1 KiB

After

Width:  |  Height:  |  Size: 1.0 KiB

10
windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
View File

@ -109,11 +109,11 @@ Use optional query parameters to specify and control the amount of data returned
Name | Value| Description Name | Value| Description
:---|:---|:--- :---|:---|:---
DateTime?sinceTimeUtc | string | Defines the lower time bound detections are retrieved from, based on field: <br> `LastProcessedTimeUtc` <br> The time range will be: from sinceTimeUtc time to current time. <br><br> **NOTE**: When not specified, all detections generated in the last two hours are retrieved. sinceTimeUtc | DateTime | Defines the lower time bound alerts are retrieved from, based on field: <br> `LastProcessedTimeUtc` <br> The time range will be: from sinceTimeUtc time to current time. <br><br> **NOTE**: When not specified, all alerts generated in the last two hours are retrieved.
DateTime?untilTimeUtc | string | Defines the upper time bound detections are retrieved. <br> The time range will be: from `sinceTimeUtc` time to `untilTimeUtc` time. <br><br> **NOTE**: When not specified, the default value will be the current time. untilTimeUtc | DateTime | Defines the upper time bound alerts are retrieved. <br> The time range will be: from `sinceTimeUtc` time to `untilTimeUtc` time. <br><br> **NOTE**: When not specified, the default value will be the current time.
string ago | string | Pulls detections in the following time range: from `(current_time - ago)` time to `current_time` time. <br><br> Value should be set according to **ISO 8601** duration format <br> E.g. `ago=PT10M` will pull detections received in the last 10 minutes. ago | string | Pulls alerts in the following time range: from `(current_time - ago)` time to `current_time` time. <br><br> Value should be set according to **ISO 8601** duration format <br> E.g. `ago=PT10M` will pull alerts received in the last 10 minutes.
int?limit | int | Defines the number of detections to be retrieved. Most recent detections will be retrieved based on the number defined.<br><br> **NOTE**: When not specified, all detections available in the time range will be retrieved. limit | int | Defines the number of alerts to be retrieved. Most recent alerts will be retrieved based on the number defined.<br><br> **NOTE**: When not specified, all alerts available in the time range will be retrieved.
machinegroups | String | Specifies machine groups to pull detections from. <br><br> **NOTE**: When not specified, detections from all machine groups will be retrieved. <br><br> Example: <br><br> ```https://wdatp-alertexporter-eu.securitycenter.windows.com/api/Alerts/?machinegroups=UKMachines&machinegroups=FranceMachines``` machinegroups | string | Specifies machine groups to pull alerts from. <br><br> **NOTE**: When not specified, alerts from all machine groups will be retrieved. <br><br> Example: <br><br> ```https://wdatp-alertexporter-eu.securitycenter.windows.com/api/Alerts/?machinegroups=UKMachines&machinegroups=FranceMachines```
DeviceCreatedMachineTags | string | Single machine tag from the registry. DeviceCreatedMachineTags | string | Single machine tag from the registry.
CloudCreatedMachineTags | string | Machine tags that were created in Microsoft Defender Security Center. CloudCreatedMachineTags | string | Machine tags that were created in Microsoft Defender Security Center.