@elastic/get-risky-users
Get users with highest risk scores
RUN SKILL get_risky_users()With parameters:
RUN SKILL get_risky_users WITH min_score = 0| Name | Type | Default | Description |
|---|---|---|---|
| min_score | INT | — | Minimum risk score |
-- Using curl
curl -u elastic-admin:elastic-password http://localhost:9200/_escript \
-H "Content-Type: application/json" \
-d '{"query": "RUN SKILL get_risky_users()"}'
-- Response
{
"result": [...],
"_meta": {
"execution_id": "abc123",
"duration_ms": 45
}
}