Palo Alto Networks · Schema
Filter
A filter criterion for querying XDR resources.
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR
Properties
| Name | Type | Description |
|---|---|---|
| field | string | Field name to filter on (e.g., incident_id, status, severity). |
| operator | string | Comparison operator. |
| value | object | Filter value. Use an array for the "in" operator, a string or integer for others. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "Filter",
"description": "A filter criterion for querying XDR resources.",
"$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xdr-api-filter-schema.json",
"type": "object",
"properties": {
"field": {
"type": "string",
"description": "Field name to filter on (e.g., incident_id, status, severity)."
},
"operator": {
"type": "string",
"enum": [
"in",
"contains",
"gte",
"lte",
"eq",
"neq"
],
"description": "Comparison operator."
},
"value": {
"description": "Filter value. Use an array for the \"in\" operator, a string or integer for others.",
"oneOf": [
{
"type": "string"
},
{
"type": "integer"
},
{
"type": "array",
"items": {
"oneOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
}
}
]
}
},
"required": [
"field",
"operator",
"value"
]
}