Entity Objects
the dolookup method receives an array of entity objects
Entity Object
The entities array contains one or more entity objects. Entity objects have the following special properties in addition to a large number of boolean flags.
Property | Description |
type | The |
types | The |
value | The value of the entity as seen on the user's screen |
channels | An array of channel objects consiting of the channel id and channel name |
value (string)
The value property contains the value of the entity in string form
type
The type property contains a single type specifier. For IPv4 and IPv6 entities the type will be set to IPv4 or IPv6 respectively. For any hash types the type will be set to hash. Finally, for any custom types the type will be set to custom.
types
The types property is an array of type values. It will contain one or more matching types.
For custom types the type value is taken from the key property specified in your configuration file prepended with the string custom.. For example, if you config file defined a custom type called hostname then you would look for the types property to contain the string custom.hostname.
As an example
Integration Config File
Then entity objects that contained that value would have the following format.
Matching Entity Object
channels
The channels property is an array of zero of more channel objects that indicate what channels the given entity exists in (i.e., what channels that entity is tagged in). If an entity is not tagged, then the channels property will be an empty array.
Channel objects contain the following two properties:
id
Channel objects contain an id property which is the numeric id of the channel. Note that channel id values will not change unless the channel is deleted and recreated.
name
Channel objects also contain a name property which is the name of the channel. Note that channel names can change if a user edits the name of the channel.
Last updated