[Question] When using API, running query using _gt on _createdAt doesn't work
abrbon opened this issue · 0 comments
Request Type
Question
Work Environment
| Question | Answer |
|---|---|
| OS version (server) | Ubuntu |
| OS version (client) | Windows 11 Pro |
| Virtualized Env. | True |
| Dedicated RAM | 16 GB |
| vCPU | 4 |
| TheHive version / git hash | 4.1.24-1, hash of the commit |
| Package Type | unknown |
| Database | unknown |
| Index type | Elasticsearch |
| Attachments storage | Local |
| Browser type & version | If applicable |
Question
For a LogicApp in Microsoft Azure we are trying to grab data from TheHive via HTTP request API call.
We are trying to query data for cases from the last 7 days.
I have used the following query using a query on the "_createdAt" field using "_gt" but it seems to ignore this and instead giving me everything.
{ "query": [ { "_name": "listCase", "_and": [ { "_gt": { "_field": "_createdAt", "_value": 1729123200000 } } ] }, { "_fields": [ { "_createdAt": "desc" } ], "_name": "sort" }, { "from": 0, "to": 10, "_name": "page" } ], "excludeFields": [ "description", "customFields" ] }
I added the "page" to make sure it doesn't crash TheHive trying to grab all the data.
And also, the "excludeFields" does not work either.
Also tried this locally on my Windows laptop using simple CURL command but exact same issue.
Any idea what i'm missing?