Chilkat Online Tools

PureBasic / Microsoft Graph / Get alerts with high severity

Back to Collection Items

IncludeFile "CkJsonObject.pb"
IncludeFile "CkHttp.pb"
IncludeFile "CkHttpResponse.pb"

Procedure ChilkatExample()

    ; This example assumes the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    http.i = CkHttp::ckCreate()
    If http.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success.i

    queryParams.i = CkJsonObject::ckCreate()
    If queryParams.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkJsonObject::ckUpdateString(queryParams,"$filter","Severity eq 'High'")
    CkJsonObject::ckUpdateInt(queryParams,"$top",5)

    ; Adds the "Authorization: Bearer <access_token>" header.
    CkHttp::setCkAuthToken(http, "<access_token>")

    resp.i = CkHttp::ckQuickRequestParams(http,"GET","https://graph.microsoft.com/v1.0/security/alerts",queryParams)
    If CkHttp::ckLastMethodSuccess(http) = 0
        Debug CkHttp::ckLastErrorText(http)
        CkHttp::ckDispose(http)
        CkJsonObject::ckDispose(queryParams)
        ProcedureReturn
    EndIf

    Debug Str(CkHttpResponse::ckStatusCode(resp))
    Debug CkHttpResponse::ckBodyStr(resp)
    CkHttpResponse::ckDispose(resp)



    CkHttp::ckDispose(http)
    CkJsonObject::ckDispose(queryParams)


    ProcedureReturn
EndProcedure

Curl Command

curl -G -d "$filter=Severity%20eq%20%27High%27"
	-d "$top=5"
	-H "Authorization: Bearer <access_token>"
https://graph.microsoft.com/v1.0/security/alerts

Postman Collection Item JSON

{
  "name": "Get alerts with high severity",
  "event": [
    {
      "listen": "test",
      "script": {
        "exec": [
          "try {\r",
          "    if (responseBody.indexOf(\"InvalidAuthenticationToken\") !== -1)\r",
          "    {\r",
          "        console.log(\"You need to run *On behalf of a User | Get User Access Token* request first.\");\r",
          "    }\r",
          "    else\r",
          "    {\r",
          "        if (pm.response.status === \"Forbidden\")\r",
          "        {\r",
          "            console.log(\"You need to add user delegated permissions in your application to at least *SecurityEvents.Read.All, SecurityEvents.ReadWrite.All* in portal.azure.com and then consent as user or Grant admin consent in portal. And re-run *On behalf of a User | Get User Access Token* request to update access token. \");\r",
          "        }\r",
          "    }\r",
          "}\r",
          "catch (e) {\r",
          "    console.log(e);\r",
          "}\r",
          ""
        ],
        "type": "text/javascript"
      }
    }
  ],
  "request": {
    "method": "GET",
    "header": [
    ],
    "url": {
      "raw": "https://graph.microsoft.com/v1.0/security/alerts?$filter=Severity eq 'High'&$top=5",
      "protocol": "https",
      "host": [
        "graph",
        "microsoft",
        "com"
      ],
      "path": [
        "v1.0",
        "security",
        "alerts"
      ],
      "query": [
        {
          "key": "$filter",
          "value": "Severity eq 'High'"
        },
        {
          "key": "$top",
          "value": "5"
        }
      ]
    }
  },
  "response": [
  ]
}