Method: Falcon::RealTimeResponseApi#r_tr_aggregate_sessions

Defined in:: lib/crimson-falcon/api/real_time_response_api.rb

#r_tr_aggregate_sessions(body, opts = {}) ⇒ `MsaAggregatesResponse`

Get aggregates on session data.

Parameters:

body (Array<MsaAggregateQueryRequest>) —

Supported aggregations: - `term` - `date_range` Supported aggregation members: **`date_ranges`** If peforming a date range query specify the **`from`** and **`to`** date ranges. These can be in common date formats like `2019-07-18` or `now` **`field`** Term you want to aggregate on. If doing a `date_range` query, this is the date field you want to apply the date ranges to **`filter`** Optional filter criteria in the form of an FQL query. For more information about FQL queries, see our [FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). **`name`** Name of the aggregation **`size`** Size limit to apply to the queries.
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(MsaAggregatesResponse)

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 483

def r_tr_aggregate_sessions(body, opts = {})
  data, _status_code, _headers = r_tr_aggregate_sessions_with_http_info(body, opts)
  data
end

Method: Falcon::RealTimeResponseApi#r_tr_aggregate_sessions

#r_tr_aggregate_sessions(body, opts = {}) ⇒ MsaAggregatesResponse

#r_tr_aggregate_sessions(body, opts = {}) ⇒ `MsaAggregatesResponse`