Skip to main content
POST
/
api
/
detection-queries
/
generate-async
cURL
curl -X POST "https://app.cotool.ai/api/detection-queries/generate-async" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"prompt":"string","siemType":"splunk","category":"baseline_anomaly"}'
{
  "jobId": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
}

Documentation Index

Fetch the complete documentation index at: https://docs.cotool.ai/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

API Key authentication for programmatic access. Include your API key in the Authorization header as: Bearer your_api_key_here

Body

application/json

Request body for generating a detection query using AI

prompt
string
required

Natural language description of what the query should accomplish

Minimum string length: 1
siemType
enum<string>
required

The detection tool platform to generate the query for (SIEM or endpoint tools like SentinelOne)

Available options:
splunk,
sumologic,
elastic,
databricks,
datadog,
scanner,
runreveal,
sentinelone,
gadmin
category
enum<string>

The detection category to optimize the query for

Available options:
baseline_anomaly,
first_occurrence,
sequence_pattern,
privilege_escalation,
custom

Response

200 - application/json

Successful response

Async detection query generation job identifier

jobId
string<uuid>
required

Background job ID for this query generation request