get_detection_count
Count security detections in Vectra AI by applying filters like date range, category, state, IP address, or key asset targeting to analyze threat data.
Instructions
Get the total count of detections matching the specified criteria.
Returns:
str: Count of detections matching the criteria.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| start_date | No | Filter by start date (YYYY-MM-DDTHH:MM:SS) | |
| end_date | No | Filter by end date (YYYY-MM-DDTHH:MM:SS) | |
| detection_category | No | Filter by detection category | |
| state | No | Filter by detection state (active, inactive, fixed, filteredbyai, filteredbyrule). Default is 'active' which returns only currently active detections. | active |
| detection_name | No | Filter by detection name. Can also perform partial word match | |
| src_ip | No | Filter by source IP address of the host that generated the detection. | |
| is_targeting_key_asset | No | Filter for detections targeting a key asset. Defaults to 'False'. Set to 'True' to filter for detections that are targeting key assets. To get all detections regardless of key asset targeting, search for both True and False values. |