Skip to main content
GET
/
api
/
v2
/
domains
/
{domain_id}
/
sparkline
List attack path sparkline values
curl --request GET \
  --url https://your-tenant.bloodhoundenterprise.io/api/v2/domains/{domain_id}/sparkline \
  --header 'Authorization: Bearer <token>'
{
  "start": "2023-11-07T05:31:56Z",
  "end": "2023-11-07T05:31:56Z",
  "data": [
    {
      "id": 123,
      "created_at": "2023-11-07T05:31:56Z",
      "updated_at": "2023-11-07T05:31:56Z",
      "deleted_at": {
        "time": "2023-11-07T05:31:56Z",
        "valid": true
      },
      "CompositeRisk": 123,
      "FindingCount": 123,
      "ImpactedAssetCount": 123,
      "DomainSID": "<string>",
      "Finding": "<string>"
    }
  ]
}
Applies to BloodHound Enterprise only

Authorizations

Authorization
string
header
required

Authorization: Bearer $JWT_TOKEN

Headers

Prefer
string
default:wait=30

Prefer header, used to specify a custom timeout in seconds using the wait parameter as per RFC7240. Passing in wait=-1 bypasses all timeout limits when the feature is enabled.

Pattern: ^wait=(-1|[0-9]+)$

Path Parameters

domain_id
string
required

Domain ID

Query Parameters

sort_by
string

Sortable columns are CompositeRisk, FindingCount, ImpactedAssetCount, domain_sid, id, created_at, updated_at, deleted_at. Sort by column. Can be used multiple times; prepend a hyphen for descending order. See parameter description for details about which columns are sortable.

finding
string
required

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
from
string

Beginning datetime of range (inclusive) in RFC-3339 format; Defaults to current datetime minus 30 days Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$
to
string

Ending datetime of range (exclusive) in RFC-3339 format; Defaults to current datetime Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$
asset_group_tag_id
integer

The asset group tag id of the zone requested. If not supplied, the asset group tag id associated with 'Tier Zero' and 'Hygiene' is used.

Response

OK

start
string<date-time>

The RFC-3339 timestamp to describe the beginning of a time range

end
string<date-time>

The RFC-3339 timestamp to describe the end of a time range

data
object[]