Example usage
GET http://127.0.0.1:5000/search?q=content:"hello"&limit=10&include_docs=true
Accept: application/json
earches for documents matching the specified query.
Parameters:
- q: (required) The search query string
- limit: (optional) Maximum number of results to return (default 25)
- bookmark: (optional) A bookmark from a previous search to start from for pagination
- sort: (optional) Field(s) to sort the results by
- include_docs: (optional) If “true”, includes the full document content in the results
Returns: A JSON array of matching documents, with the following fields:
- id: The document ID
- order: An array with the sort value (if specified) and relevance score
- fields: An object with the stored field values (if include_docs is not “true”)
- doc: The full document (if include_docs is “true”)
The response also includes:
- total_rows: The total number of matching documents
- bookmark: A bookmark that can be used for pagination of subsequent requests
Example usage
GET http://127.0.0.1:5000/targets/01731aa61e40224a127259541c8d71da
Accept: application/json
Retrieves the targets for the specified actor.
Example usage
POST http://127.0.0.1:5000/new/target/01731aa61e40224a127259541c8d71da
Content-Type: application/json
{
"_id": "example_target_id",
"dataset": "example_dataset",
"dtype": "target",
"sources": [],
"version": "0.7.2",
"date_updated": 1621234567,
"date_added": 1621234567,
"actor": "01731aa61e40224a127259541c8d71da",
"target": "example_target",
"delay": 0,
"recurring": false,
"options": []
}
Creates a new target document for the specified actor.
Example usage
POST http://127.0.0.1:5000/new/document/person
Content-Type: application/json
{
"_id": "example_person_id",
"dataset": "example_dataset",
"dtype": "person",
"sources": ["manual"],
"version": "0.7.2",
"date_updated": 1621234567,
"date_added": 1621234567,
"fname": "John",
"mname": "Doe",
"lname": "Smith",
"bio": "Example bio",
"dob": "1990-01-01",
"race": "Example race",
"region": "Example region",
"misc": [""],
"etype": "person",
"eid": "example_eid"
}
Creates a new document speficied by dtype
Note: it is emitted onto the message queue from processing
Example usage
GET http://127.0.0.1:5000/document/example_document_id
Accept: application/json
Retrieves the document with the specified ID.
Retrieve messages by user. Example usage:
GET http://127.0.0.1:5000/documents/messages/by-user?user=john_doe&limit=10&descending=true
Returns messages for the specified user, sorted by the dateAdded field in descending order. Parameters:
- user (required): The user to retrieve messages for.
- limit (optional, default 50): The maximum number of messages to return.
- start_key (optional): The starting key for the range of messages to return.
- end_key (optional): The ending key for the range of messages to return.
- descending (optional, default false): Whether to return messages in descending order.
- skip (optional, default 0): The number of messages to skip.
The start_key and end_key parameters should be valid JSON strings representing the key range. The response is a JSON array of message documents. Note: Refer to the Starintel specification for example message objects.
Retrieve messages by platform.
GET http://127.0.0.1:5000/documents/messages/by-platform?platform=discord&limit=10&descending=true
- platform (required): The platform to retrieve messages for.
- limit (optional, default 50): The maximum number of messages to return.
- start_key (optional): The starting key for the range of messages to return.
- end_key (optional): The ending key for the range of messages to return.
- descending (optional, default false): Whether to return messages in descending order.
- skip (optional, default 0): The number of messages to skip.
The start_key and end_key parameters should be valid JSON strings representing the key range. The response is a JSON array of message documents. Note: Refer to the Starintel specification for example message objects.
Example usage
GET http://127.0.0.1:5000/documents/messages/by-group?group=<group-name>&limit=<limit>&start_key=<start-key>&end_key=<end-key>&descending=<true|false>&skip=<skip>
Parameters:
- group (required): The group name to filter messages by.
- limit (optional, default: 50): The maximum number of messages to return.
- start_key (optional): The starting key for the range of messages to return.
- end_key (optional): The ending key for the range of messages to return.
- descending (optional, default: false): Whether to return messages in descending order.
- skip (optional, default: 0): The number of messages to skip from the beginning.
Response: The response is a JSON array containing the matching message documents, sorted by the specified criteria. Each message document follows the starintel message spec format. Refer to the starintel-spec documentation for detailed information about the message document structure
Example usage
GET http://127.0.0.1:5000/documents/socialmpost/by-user?user=<username>&limit=<limit>&start_key=<start-key>&end_key=<end-key>&descending=<true|false>&skip=<skip>
Parameters:
- user (required): The username to filter social posts by.
- limit (optional, default: 50): The maximum number of social posts to return.
- start_key (optional): The starting key for the range of social posts to return.
- end_key (optional): The ending key for the range of social posts to return.
- descending (optional, default: false): Whether to return social posts in descending order.
- skip (optional, default: 0): The number of social posts to skip from the beginning.
Response: The response is a JSON array containing the matching socialmpost documents, sorted by the specified criteria. Each social post document follows the starintel social post spec format. Refer to the starintel-spec documentation for detailed information about the social post document structure.
Example usage
POST http://127.0.0.1:5000/relations/neighbors
Content-Type: application/json
{
"docs": ["doc_id1", "doc_id2", "doc_id3"],
"n": 2
}
Retrieves the neighbors of the specified documents up to the given level.