I’m going to the ‘remote/core.executeQuery?queryId=37’ page on Trellix and running the ‘Threat Events by System Tree Group’ query. However, the output is coming in the following format. I want to delve into the ‘count’ because when I run the query on the web and click on ‘count’, I can see the threats. Does anybody has idea?
OK:
count: 150
1st Level Group: 6
core.execute has following parameters and I tried them but they didn’t work if I tried right.
core.executeQuery queryId [database=<>]
core.executeQuery target=<> [select=<>] [where=<>] [order=<>] [group=<>] [database=<>] [depth=<>] [joinTables=<>]