Group Search Results

Group Search Results

Using groupby search API you can group search results for Operations for Networks entities by specifying entity type, filter expression, aggregate clause and groupby clause. Please refer to API Guide on details of how to construct filter expression, aggregate clause and groupby clause. A successful search request will return a list of groups.

Request
URI
POST
https://{api_host}/api/ni/search/groupby
COPY
Request Body

GroupBy Request

SearchGroupByRequest of type(s) application/json
Optional 
{
    "entity_type": "Flow",
    "filter": "destination_ip.ip_address = '1.1.1.1'",
    "aggregations": [
        {
            "field": "flow.totalBytes.delta.summation.bytes",
            "aggregation_type": "SUM"
        }
    ],
    "time_range": {
        "start_time": 1534410000,
        "end_time": 1534410559
    },
    "group_by": [
        "source_ip",
        "destination_ip"
    ],
    "size": 2,
    "sort_by": [
        {
            "field": "flow.totalBytes.delta.summation.bytes",
            "aggregation_type": "SUM",
            "order": "DESC"
        }
    ]
}
AllEntityType
entity_type
Optional

entity_type

string
filter
Optional

query filter

array of Aggregation
aggregations
Optional

aggregations

array of string
group_by
Optional

group_by

array of AggregateOrderByClause
sort_by
Optional

sort_by

TimeRange
time_range
Optional

time_range

integer As int32 As int32
size
Optional

size

string
cursor
Optional

cursor

Authentication
This operation uses the following authentication methods.
Responses
200

Success

Returns SearchGroupByResponse of type(s) application/json 
{
    "results": [
        {
            "bucket": [
                {
                    "field": "string",
                    "value": "string"
                }
            ],
            "count": 100,
            "aggregations": [
                {
                    "field": "string",
                    "aggregation_type": "string",
                    "value": "number"
                }
            ],
            "series_values": [
                {
                    "field": "string",
                    "aggregation_type": "string",
                    "resolution_in_secs": 0,
                    "series": [
                        [
                            {}
                        ]
                    ]
                }
            ]
        }
    ],
    "size": 0,
    "total_bucket": {
        "value": 0,
        "is_approx": false
    },
    "total_count": 1000,
    "time_range": {
        "start_time": 1597247025,
        "end_time": 1597247999
    },
    "cursor": "MTA="
}
array of GroupWithValue
results
Optional

results

integer As int32 As int32
size
Optional

size

Cardinality
total_bucket
Optional

total_bucket

integer As int32 As int32
total_count
Optional

Total count of objects returned

TimeRange
time_range
Optional

time_range

string
cursor
Optional

Cursor for the next page


400

Bad Request

Returns ApiError of type(s) application/json 
{
    "code": 0,
    "message": "string",
    "details": [
        {
            "code": 0,
            "message": "string",
            "target": [
                "string"
            ]
        }
    ]
}
integer As int32 As int32
code
Optional

code

string
message
Optional

message

array of ErrorDetail
details
Optional

details


401

Unauthorized

Operation doesn't return any data structure

500

Internal Error

Operation doesn't return any data structure

On This Page
Search Operations
POST
Aggregate Search Results
POST
Group Search Results
POST
Search
POST
Search Entities