V2 File Events
Warning
V1 file events, saved searches, and queries are deprecated.
For details on the updated File Event Model, see the V2 File Events API documentation on the Developer Portal.
Querying file events
To query for V2 file events, import the V2 filter modules and FileEventQuery
class with:
from py42.sdk.queries.fileevents.v2 import *
Using the FileEventQuery
and filter classes, construct a query and search for file events as detailed in the Executing Searches Guide.
Saved Searches
All saved search methods functions have an additional optional use_v2=False
argument. If set to True
, the saved search module will ingest from the V2 saved search APIs. The use_v2
argument defaults to False
and the V1 saved searches are still available.
For example, use the following to view all saved searches with the new V2 apis:
import py42.sdk
sdk = py42.sdk.from_local_account("https://console.us.code42.com", "my_username", "my_password")
sdk.securitydata.savedsearches.get(use_v2=True)
Retrieving saved searches with V2 settings enabled will retrieve existing V1 saved search queries translated to the V2 model. Existing V1 queries that cannot be properly converted to V2 will be omitted from the response.