Skip to main content

REST APIs for 24.2.20 and 24.2.10

Explorer

The Public Experimental Explorer APIs search and analyze PCE traffic flows for auditing, reporting, and troubleshooting. You can search for traffic flows between workloads or hosts, labeled workloads, or IP addresses, and you can restrict the search by specific port numbers and protocols.

Asynchronous Queries API Methods

The maximum returned results when using the deprecated method POST [api_version][org_href]/traffic_flows/traffic_analysis_queries was 100,000, a reasonable number a user can view in the UI.

When Explorer captures all traffic flows into a CSV file to build rules offline, the queries take longer to return, traffic data contains more than 100,000 rows, and so on. Explorer queries are required to support both the single-node and multi-node Explorer in the SuperCluster environment.

The limitation of 100,000 results was raised to 200,000 to support SuperCluster environments in Explorer better.

Functionality	HTTP	URI
Create a new async traffic query.	`POST`	`[api_version][org_href]traffic_flows/async_queries`
Get a collection of async traffic queries.	`GET`	`[api_version][org_href]traffic_flows/async_queries`
Download the completed async traffic query results.	`GET`	`[api_version][org_href]traffic_flows_async/queries/ :uuid/dowload`
Update an async traffic query (request cancellation of the queued async query).	`PUT`	`[api_version][org_href]traffic_flows/async_queries/:uuid`
Delete the completed async traffic query.	`DELETE`	`[api_version][org_href]traffic_flows/async_queries/:uuid`

See also:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.