Show Logs using New Query

description retrieve filtered logs from check point r80 using a user specified 'new query' parameter endpoint url /web api/show logs method post inputs json body (object) – required new query (object) – required running a new query time frame (string) specify the time frame to query logs max logs per request (string) limit the number of logs to be retrieved filter (string) the filter as entered in smartconsole/smartview custom start (string) this option is only applicable when using the custom time frame option custom end (string) this option is only applicable when using the custom time frame option top (object) – required top results configuration field (string) – required the field on which the top command is executed count (string) the number of results to retrieve valid value is 1 50 type (string) type of logs to return log servers (array) list of ip's of logs servers to query ignore warnings (boolean) ignore warnings if exist output example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "wed, 13 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "incidents" \[ { "ischkpobject" "false", "resolved" "labs proxy old ad checkpoint com" } ], "logs" \[ { "analyzed on" "check point threat cloud", "i f dir" "inbound", "proto attr" \[ { "ischkpobject" "false", "resolved" "tcp (6)" } ] } ], "logs count" 2, "query id" "aa be383957 9167 4ca3 b101 a25bc0fbec1c", "tops" \[ { "firewall" "717" }, { "system monitor" "132" } ], "tops count" 935 } } ] output parameters status code (number) reason (string) json body (object) incidents (array) ischkpobject (string) resolved (string) logs (array) analyzed on (string) i f dir (string) proto attr (array) ischkpobject (string) resolved (string) logs count (number) query id (string) tops (array) firewall (string) system monitor (string) tops count (number) response headers header type content length string content type string date string