List Identifier Events

curl --request POST \
  --url https://api.flare.io/firework/v4/events/identifiers/{identifier_id}/_search \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "query": {},
  "size": 123,
  "from": "<string>",
  "order": "<string>",
  "filters": {
    "severity": [
      "<string>"
    ],
    "type": [
      "<string>"
    ],
    "estimated_created_at": {
      "gt": "<string>",
      "gte": "<string>",
      "lt": "<string>",
      "lte": "<string>"
    }
  }
}'

{
    "items": [
        {
            "metadata": {
                "estimated_created_at": "2019-09-20T16:30:37.589388Z",
                "type": "listing",
                "uid": "listing/apollon_market/9861",
                "severity": "critical"
            },
            "tenant_metadata": {
                "severity": {
                    "original": "low",
                    "override": "critical"
                },
                "tags": [
                    "important",
                ],
                "notes": "This reason why this is tagged as 'important' is: ..."
            },
            "identifiers": [
                {
                    "id": 1,
                    "name": "An identifier"
                }
            ],
            "highlights": {
                "description": [
                    "Bank Statement PSD <mark>Template</mark>\r\n\r\nWe promise:\r\n- Your order will be delivered instantly."
                ],
                "title": [
                    "Bank Statement PSD <mark>Template</mark>"
                ]
            }
        }
    ],
    "next": "WzE1Njg5OTcwMzc1ODksICJsaXN0aW5nL2Fwb2xsb25fbWFya2V0Lzk4NjEiXQ%3D%3D"
}

POST

firework

events

identifiers

{identifier_id}

_search

List Identifier Events

curl --request POST \
  --url https://api.flare.io/firework/v4/events/identifiers/{identifier_id}/_search \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "query": {},
  "size": 123,
  "from": "<string>",
  "order": "<string>",
  "filters": {
    "severity": [
      "<string>"
    ],
    "type": [
      "<string>"
    ],
    "estimated_created_at": {
      "gt": "<string>",
      "gte": "<string>",
      "lt": "<string>",
      "lte": "<string>"
    }
  }
}'

{
    "items": [
        {
            "metadata": {
                "estimated_created_at": "2019-09-20T16:30:37.589388Z",
                "type": "listing",
                "uid": "listing/apollon_market/9861",
                "severity": "critical"
            },
            "tenant_metadata": {
                "severity": {
                    "original": "low",
                    "override": "critical"
                },
                "tags": [
                    "important",
                ],
                "notes": "This reason why this is tagged as 'important' is: ..."
            },
            "identifiers": [
                {
                    "id": 1,
                    "name": "An identifier"
                }
            ],
            "highlights": {
                "description": [
                    "Bank Statement PSD <mark>Template</mark>\r\n\r\nWe promise:\r\n- Your order will be delivered instantly."
                ],
                "title": [
                    "Bank Statement PSD <mark>Template</mark>"
                ]
            }
        }
    ],
    "next": "WzE1Njg5OTcwMzc1ODksICJsaXN0aW5nL2Fwb2xsb25fbWFya2V0Lzk4NjEiXQ%3D%3D"
}

Returns a list of events matching an identifier.

Guides

See the guide for using this endpoint: Exporting a Tenant’s Events .

Paging

This endpoint supports the Flare standard paging pattern .

Body Parameters

query

object

One of the supported queries. (optional)

{
  "type": "domain",
  "fqdn": "<string>"
}

size

number

Limit number of events that will be returned. (Max 10)

from

string

The next value from the last response.

order

string

default:"desc"

The order in which the results will be returned.

Show valid order values

asc desc

filters

object

Hide child attributes

severity

string[]

If a string value is specified, results will contain events that have a greater than or equal severity. Otherwise, if an array of severities is specified, results will only contain events that exactly match one of them.

Show valid severity values

info low medium high critical

type

string[]

Show valid type values

illicit_networks open_web leak domain listing forum_content blog_content blog_post profile chat_message ransomleak infected_devices financial_data bot stealer_log paste social_media source_code source_code_files stack_exchange google service buckets bucket bucket_object

Learn more about Event Source Filters .

estimated_created_at

object

Show child attributes

string

Matches values greater than the specified timestamp.Format: ISO-8601

gte

string

Matches values greater than or equal to the specified timestamp.Format: ISO-8601

string

Matches values lesser than the specified timestamp.Format: ISO-8601

lte

string

Matches values lesser than or equal to the specified timestamp.Format: ISO-8601

Path Parameters

identifier_id

int

required

The ID of the identifier.

List Identifier Credentials

List Identifier Group's Events

Authentication API

Events API

Account and Session Takeover Prevention (ASTP) API

Management API

Threat-Flow API

Deprecated APIs

List Identifier Events

Guides

Paging

Body Parameters

Path Parameters

Authentication API

Events API

Account and Session Takeover Prevention (ASTP) API

Management API

Threat-Flow API

Deprecated APIs

​Guides

​Paging

​Body Parameters

​Path Parameters

Guides

Paging

Body Parameters

Path Parameters