Curl API help

Not applicable

Got it working script below in reply





I'm having some trouble with the Curl API I want to export all policy hits that are related to the "File containing PII detected in the cloud (built-in DLP engine)" policy. 


This is what I've go so far, but I can't get anything related to "policy" to work.  


-XGET -k "MYURL" -H "Authorization: Token MYTOKEN"
-d '
{\"eq\": \"File containing PII detected in the cloud \(built-in DLP engine\)\"}
\"limit\": 2\


It also fails with "cabinetmatchedrulesequals" as the api documentation says (but that looks like a typo)


I when I swap out the policy for filename and it works.

{\"filename\": {\"eq\": \"sheet002.htm\"}

2 Replies
best response

Here's my Powershell script that I created to do this, it will export everything until it runs out.  It is reliant on calling curl.  I got it from "" I'm using  version 7.59.0.  It completed just over 105k for me.  I also do a few unnecessary things, rotating keys really shouldn't be necessary so either remove that code or just put the same API key into all 4 locations.  (I did it because I was having a lot of time out problems but that was because my requests weren't using indexes on the back end database, so the requests 503'd on me)  


cd "PathToCurlExe" #path to the curl exe

$response = $null
$skip = 0 #position to start at
$url = "YourUrl"
$failurekey = "Authorization: Token YourApiKey"
$balancer = 0 #rotate through keys
$k1 = 0 #falures on key 1
$k2 = 0 #falures on key 2
$k3 = 0 #falures on key 3
$kb = 0 #falures on key backup
$fail = 0 #total count of failures
$hasnext = $true
$out = $null
#what are we looking for
#lastGlobalMatchDate is used to "activate" database indexes backend has trouble gathering data before timeout if indexes aren't used (once you get past 10k records)
#change sortDirection from asc to dsc if you start to get too many timeout and just work it from the other direction
$data = '{\"filters\": {\"policy\": {\"cabinetmatchedrulesequals\": [\"YOURPOLICY\"]}},\"sortField\":\"lastGlobalMatchDate\",\"sortDirection\":\"asc\",\"limit\": 100,\"skip\":' + $skip + '}'

switch($balancer%3) #rotate keys in round robin
0 {$head = "Authorization: Token YourApiKey"}
1 {$head = "Authorization: Token YourApiKey"}
2 {$head = "Authorization: Token YourApiKey"}

try #pull data
$response = &.\curl.exe -XGET -k $url -H $head -d $data
$out = $response | ConvertFrom-Json
catch #Problem pulling data go to backup key and try again
Write-Host "Failure on key number: $($balancer % 3)"
$fail += 1
switch($balancer%3) #Keep count of fails per key
0 {$k1 += 1}
1 {$k2 += 1}
2 {$k3 += 1}
$response = &.\curl.exe -XGET -k $url -H $failurekey -d $data
$out = $response | ConvertFrom-Json
Write-Host "Failure on Backup key"
$kb += 1
$fail += 1
$skip -= 100 #force try again redo (this with be negated by the increment)
$ = $null #if this isn't done error on backup with duplicate last successful
if($ -ne $null)
$ | select name,ownerAddress,appName,alternateLink | Export-Csv -Append -nti out.csv #dump data to a CSV
$hasnext = $out.hasNext
$skip += 100 #go for next set of records
$balancer += 1 #rotate keys
Write-Host "Count: $($skip/100) `nTotal Fails: $fail `nKey0: $k1 `nKey1: $k2 `nKey2: $k3`nBackup: $kb"#progress
} while($hasnext) #keep going until the system says stop

And it ate the formatting