Skip to content

Latest commit

 

History

History
26 lines (22 loc) · 724 Bytes

api-fields.md

File metadata and controls

26 lines (22 loc) · 724 Bytes

Fields

GET - /mapi/fields

Returns the (very long) list of fields known to Malcolm, comprised of data from Arkime's fields table, the Malcolm [OpenSearch template]({{ site.github.repository_url }}/blob/{{ site.github.build_revision }}/dashboards/templates/malcolm_template.json) and the OpenSearch Dashboards index pattern API.

Example output:

{
    "fields": {
        "@timestamp": {
            "type": "date"
        },

        "zeek.x509.san_uri": {
            "description": "Subject Alternative Name URI",
            "type": "string"
        },
        "zeek.x509.san_uri.text": {
            "type": "string"
        }
    },
    "total": 2005
}