Hi Team,
I am looking to create functionality to search logs not directly from IDR log search capability but from Log search API to return actual logs as results, also which format these logs can be returned? can we return in table format?
The API docs say it is only CSV as a return result, but you can use additional logic in your script to format the data however you like.
Are you using InsightConnect to this or some other method?
The output is JSON, plaintext or CSV, JSON could then be traversed and tabulated. If it was in CSV that can be opened in Excel for instance.