Is there an API or a way where I can get the cases built in Kibana Security thing based on last_updated value from a case.
basically I want to get a list of cases that have been updated in last 24 hours
I tried using the api GET /api/cases/_find
but even the from and to parameters listed here works on created_date field for a case.
Is there a way to achieve it by this API or any other elastic/kibana api , kindy help.
Hey @Sergie 
At this time this is not feasible via the API. Using the API you linked in your original question, the only thing you can do is retrieving X number of cases sorted by the updated_at field.
This is not exactly what you want...
To do what you want, we need to update the API to allow retrieving cases within a specific time range.
I'm going to create a ticket and will have a member of the Cases team look at it!
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.