09-08-2025 10:35 PM - edited 09-08-2025 10:39 PM
Hi all,
I’m integrating Cortex XDR APIs and want to validate the get_alerts endpoint for connectivity and credentials.
I’ve already tested the get_incidents endpoint, and it works fine with our API keys.
When I call get_alerts, it always takes ~50 seconds to respond, even with minimal filters (e.g., creation_time >= current_time) and small result limits.
I have some upper-level checks in my system that expect API responses to return within 25 seconds for testing the connection. If the API call takes longer, it triggers an error. This is exactly what happens with get_alerts.
My questions:
Any guidance, examples, or workarounds would be greatly appreciated.
09-19-2025 06:56 AM
Hi @moradiya
Answering to your questions:
Typically API queries depend on the complexity of the script you write and the type of query being run. And very important too, the network speed at your end.
Then, there is no defined time under which the API should run and return results.
There are no best practices defined by us on running rest APIs since as said before, the execution is very flexible depending on the type of query being run, data pulled, network speed.... etc
If you feel this has answered your query, please let us know by clicking like and on "mark this as a Solution". Thank you.
KR,
Luis
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
