How do I query a list of events associated with a particular alert ID using the Panther API?
To query the events associated with a particular alert ID through the Panther API, execute a GraphQL API query similar to the following:
query FirstPageOfAlertEvents {
alert(id: "FAKE_ALERT_ID") {
id,
events(input: {
cursor: "",
pageSize: 25
}) {
edges {
node
}
pageInfo {
endCursor
}
}
}
}Learn more about using the GraphQL API to query the data lake for alerts and associated events in the Panther documentation.