QRadarFullSearch

Runs a QRadar query and return its results to the context.

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

  • GenericPolling

Integrations

This playbook does not use any integrations.

Scripts

This playbook does not use any scripts.

Commands

  • qradar-get-search-results
  • qradar-get-search
  • qradar-searches

Playbook Inputs


NameDescriptionDefault ValueRequired
timeoutThe amount of time to wait before a timeout occurs (in minutes).600Optional
intervalThe polling frequency. How often the polling command should run (in minutes).1Optional
query_expressionThe query expressions in AQL.-Required
rangeThe range of results to return. For example, 0-20.-Optional
headersThe table headers.-Optional

Playbook Outputs


PathDescriptionType
QRadar.Search.ResultThe results of the search.unknown

Playbook Image


QRadarFullSearch