Skip to main content
GET
/
api
/
detections
/
hits
cURL
curl -X GET "https://app.cotool.ai/api/detections/hits" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"
import requests

url = "https://app.cotool.ai/api/detections/hits"

headers = {"Authorization": "Bearer <token>"}

response = requests.get(url, headers=headers)

print(response.text)
const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};

fetch('https://app.cotool.ai/api/detections/hits', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
HttpResponse<String> response = Unirest.get("https://app.cotool.ai/api/detections/hits")
.header("Authorization", "Bearer <token>")
.asString();
package main

import (
"fmt"
"net/http"
"io"
)

func main() {

url := "https://app.cotool.ai/api/detections/hits"

req, _ := http.NewRequest("GET", url, nil)

req.Header.Add("Authorization", "Bearer <token>")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
{
  "hits": [
    {
      "id": "<string>",
      "detectionId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "detectionName": "<string>",
      "detectionDescription": "<string>",
      "detectionCategory": "<string>",
      "detectionIsBuiltIn": true,
      "detectionSiemType": "<string>",
      "runId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "runTitle": "<string>",
      "runCreatedAt": "<string>",
      "hitCreatedAt": "<string>",
      "isAutonomousHuntHit": true,
      "entityType": "<string>",
      "confidence": 123,
      "evidence": [
        "<string>"
      ],
      "summary": "<string>",
      "headline": "<string>",
      "cta": "<string>",
      "statistics": [
        "<string>"
      ],
      "entity": "<string>",
      "statusHistory": [
        {
          "at": "2023-11-07T05:31:56Z",
          "by": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "reason": "<string>"
        }
      ],
      "verifierEvidence": [
        "<string>"
      ]
    }
  ],
  "totalCount": 123,
  "summary": {
    "uniqueDetections": 1,
    "avgConfidence": 1,
    "hitsLast24h": 1,
    "hitsOverTime": [
      {
        "date": "<string>",
        "count": 1
      }
    ],
    "severityCounts": {
      "critical": 1,
      "high": 1,
      "medium": 1,
      "low": 1
    }
  }
}
{
"error": "<string>",
"issues": [
{}
]
}
{
"error": "<string>"
}
{
"error": "<string>",
"missingPerms": [
"<string>"
]
}
{
"error": "<string>"
}

Authorizations

Authorization
string
header
required

API Key authentication for programmatic access. Include your API key in the Authorization header as: Bearer your_api_key_here

Query Parameters

limit
integer
default:100

Maximum number of hits to return per page (1-200, default: 100)

Required range: 1 <= x <= 200
offset
integer
default:0

Number of hits to skip for pagination (default: 0)

Required range: x >= 0
detectionId
string<uuid>

Restrict the feed to hits produced by a single detection agent. When omitted, returns hits across all accessible detections.

severityFilter
string

Comma-separated severities to include, such as "high,critical". When omitted, returns all severities.

Response

Successful response

hits
object[]
required
totalCount
number
required

Total number of hits across all detections (for pagination)

summary
object

Aggregate summary for all matching hits (returned on initial page load)