Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
Highlighted
or@we-can.co.il1 Absent Member.
Absent Member.
462 views

Query correlated events via ESM API

Hi,

I know it's possible to query for events when you have the eventId, or to query the content of a queryViewer, but is it possible to query all events in a timeframe by type via API?

for example, all correlation events in the past 1h?

Thanks.

Labels (2)
Tags (1)
0 Likes
1 Reply
pbrettle Acclaimed Contributor.
Acclaimed Contributor.

Re: Query correlated events via ESM API

Sorry for missing this one - spotted when I did a search. You cant directly search ESM for an event match (like you can with Logger). But there is a work around - see the attached document for this - it uses Query viewers, but you can use these to search for matching conditions, such as correlated events.

Query viewers are efficient, but please, tread with caution on this - there is a reason why we don't have an open search capability in ESM - the risks of getting it wrong and having an impact are high - so please be very careful with this.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.