proxyOrganization()

API Stability	`Long-Term`

The proxyOrganization() GraphQL query used to proxy query through a specific organization. This is a root operation.

For more information on organization settings, see the Organization Settings documentation page.

Syntax

Below is the syntax for the proxyOrganization() query field:

graphql

proxyOrganization(
    organizationId: string!
  ): Query!

For the input, you'll need to enter the organization's unique identifier. For the returned datatype, you have to enter the query you want to execute through the proxy for the organization given. This may seem confusing, so look at the example below:

Show:

graphql

query {
  proxyOrganization(organizationId: "SINGLE_ORGANIZATION_ID")
     {users(
        orderBy: {userField: USERNAME, order: ASC}, 
        search: "crowdstrike.com")
        {username, email, displayName}
     }
}

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
  proxyOrganization(organizationId: \"SINGLE_ORGANIZATION_ID\")
     {users(
        orderBy: {userField: USERNAME, order: ASC}, 
        search: \"crowdstrike.com\")
        {username, email, displayName}
     }
}"
}
EOF

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "query {
  proxyOrganization(organizationId: \"SINGLE_ORGANIZATION_ID\")
     {users(
        orderBy: {userField: USERNAME, order: ASC}, 
        search: \"crowdstrike.com\")
        {username, email, displayName}
     }
}"
}
EOF

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "query { ^
  proxyOrganization(organizationId: \"SINGLE_ORGANIZATION_ID\") ^
     {users( ^
        orderBy: {userField: USERNAME, order: ASC},  ^
        search: \"crowdstrike.com\") ^
        {username, email, displayName} ^
     } ^
}" ^
} '

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "query {
  proxyOrganization(organizationId: \"SINGLE_ORGANIZATION_ID\")
     {users(
        orderBy: {userField: USERNAME, order: ASC}, 
        search: \"crowdstrike.com\")
        {username, email, displayName}
     }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $INGEST_TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $json = '{"query" : "query {
  proxyOrganization(organizationId: \"SINGLE_ORGANIZATION_ID\")
     {users(
        orderBy: {userField: USERNAME, order: ASC}, 
        search: \"crowdstrike.com\")
        {username, email, displayName}
     }
}"
}';
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "query {
  proxyOrganization(organizationId: \"SINGLE_ORGANIZATION_ID\")
     {users(
        orderBy: {userField: USERNAME, order: ASC}, 
        search: \"crowdstrike.com\")
        {username, email, displayName}
     }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "query {
  proxyOrganization(organizationId: \"SINGLE_ORGANIZATION_ID\")
     {users(
        orderBy: {userField: USERNAME, order: ASC}, 
        search: \"crowdstrike.com\")
        {username, email, displayName}
     }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL/graphql',
  path: '/graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

This example is using the query field, users() to get a list of users for the organization.

There's no Returned Datatypes section for this query field because what you enter is any of the many GraphQL queries.

GraphQL Queries

GraphQL API Stability

GraphQL Mutations

GraphQL Datatypes

proxyOrganization()

Syntax

Enter search term