deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 06:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merged PR 12749: Advanced Hunting API

Browse Source 
Advanced Hunting API
This commit is contained in:
David Laufer 2018-11-12 04:29:10 +00:00 committed by Joey Caparas
commit 251963267f
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/windows-defender-atp/run-advanced-query-api.md
View File

@ -29,7 +29,7 @@ This API allows you to run programmatic queries that you are used to running fro
This API is a beta version only and is currently restricted to the following actions: This API is a beta version only and is currently restricted to the following actions:
1. You can only run a query on data from the last 30 days 1. You can only run a query on data from the last 30 days
2. The results will include a maximum of 10,000 rows 2. The results will include a maximum of 10,000 rows
3. The number of executions is limited (up to 15 minutes every hour and 4 hours a day) 3. The number of executions is limited (up to 15 calls per minute, 15 minutes of running time every hour and 4 hours of running time a day)
## Permissions ## Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md) One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
@ -41,7 +41,7 @@ Delegated (work or school account) | AdvancedQuery.Read | 'Run advanced queries'
>[!Note] >[!Note]
> When obtaining a token using user credentials: > When obtaining a token using user credentials:
>- The user needs to have 'Global Admin' AD role >- The user needs to have 'Global Admin' AD role (note: will be updated soon to 'View Data')
>- The user needs to have access to the machine, based on machine group settings (See [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) for more information) >- The user needs to have access to the machine, based on machine group settings (See [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) for more information)
## HTTP request ## HTTP request