makr11st
commented
2 months ago Thank you for the report, we will have a look at this asap.
Open tomyerex opened 6 months ago
makr11st
commented
2 months ago Thank you for the report, we will have a look at this asap.
When using query_hosts, the following error occurs; the problem seems to be caused by a cap, although using an alternative API endpoint seems capable of going above the 10,000 item cap. Falconpy has a similar issue, which was resolved with details at https://github.com/CrowdStrike/falconpy/discussions/536.
ResponseError(ResponseContent { status: 400, content: "{\n \"meta\": {\n \"query_time\": 0.009915166,\n \"powered_by\": \"discover-api\",\n \"trace_id\": \"redacted\"\n },\n \"errors\": [\n {\n \"code\": 400,\n \"message\": \"offset 10000 and limit 100 are invalid; offset + limit must be less than or equal to 10000\"\n }\n ],\n \"resources\": null\n}", entity: Some(Status400(MsaspecPeriodResponseFields { errors: Some([MsaspecPeriodError { code: 400, id: None, message: "offset 10000 and limit 100 are invalid; offset + limit must be less than or equal to 10000" }]), meta: MsaspecPeriodMetaInfo { pagination: None, powered_by: Some("discover-api"), query_time: 0.009915166, trace_id: "redacted", writes: None } })) })