# Detect and Respond   Context Creation Models

## List Context Creation Models

> Returns an array of Context Creation Models.

```json
{"openapi":"3.0.0","info":{"title":"Netography APIs","version":"1.0"},"tags":[{"name":"Detect and Respond - Context Creation Models"}],"servers":[{"url":"https://api.netography.com","description":"Netography API"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT"}}},"paths":{"/api/v1/rule-engine/ccms":{"get":{"operationId":"v1_context_creation_models_get","summary":"List Context Creation Models","description":"Returns an array of Context Creation Models.","tags":["Detect and Respond - Context Creation Models"],"responses":{"200":{"description":"List of Requested Context Creation Models","content":{"application/json":{"schema":{"type":"object","additionalProperties":false,"properties":{"meta":{"type":"object","additionalProperties":false,"readOnly":true,"properties":{"code":{"description":"API response code.  200 ok, 400 you did something wrong.  500 we did something wrong","type":"integer","readOnly":true,"format":"int32"},"count":{"description":"Number of documents retrieved or updated.","type":"integer","readOnly":true,"format":"int32"}}},"data":{"type":"array","items":{"allOf":[{"description":"Context Creation Model Record","type":"object","allOf":[{"type":"object","properties":{"action":{"description":"Action for the context model","type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"field":{"type":"string"},"context":{"type":"string"},"labels":{"type":"array","items":{"type":"string"}}}}},"bypassdisplay":{"description":"If true, portal and API will not display new events","type":"boolean"},"bypassrule":{"description":"If true, alerts will not be processed by policies and integrations","type":"boolean"},"categories":{"description":"Categories for the context model","type":"array","items":{"type":"string"}},"description":{"description":"Context model description","type":"string"},"discards":{"description":"Discard lists are NQL statements that if matched do not get processed through the event. It enables skipping certain combinations without disabling the context model","type":"array","items":{"type":"string"}},"enabled":{"description":"If true, the context model is enabled","type":"boolean"},"expiration":{"description":"Number of seconds the context creation model will remain active","type":"integer"},"factors":{"description":"Factors for the context model","type":"array","items":{"type":"string"}},"name":{"description":"Name of the context model","type":"string"},"rollupperiod":{"description":"The lookback period for the context model. Min 15 seconds. Max 1 hour (3600)","type":"integer"},"search_by":{"description":"Search criteria for the context model","type":"array","items":{"type":"object","properties":{"search":{"type":"array","items":{"type":"string"}},"type":{"type":"string"}}}},"thresholds":{"description":"Thresholds for the context model","type":"array","items":{"type":"object","properties":{"severity":{"type":"string"},"threshold":{"type":"string"}}}},"track_by":{"description":"Tracking criteria for the context model","type":"array","items":{"type":"array","items":{"type":"string"}}},"updateinterval":{"description":"When ongoing updates should be sent. Max 6 hours (21600). 0 for disabled","type":"integer"},"algo_record_type":{"description":"The context of record to be used for the context model","type":"string","enum":["flow","dns"]}}}],"properties":{"algo_type":{"description":"Context model type","type":"string"},"beta":{"description":"If true, it's a beta context model","type":"boolean"},"created":{"description":"The time at which record was created","type":"integer"},"id":{"description":"Context model ID","type":"string"},"recommended":{"description":"If true, it's a recomended context model","type":"boolean"},"subscription":{"description":"Subscription for the context model","type":"object","properties":{"all":{"type":"string"}}},"subscriptiontype":{"description":"Subscription type for the context model","type":"string"},"system":{"description":"If true, it's a system context model","type":"boolean"},"systemdefault":{"description":"If true, it's a system default context model","type":"boolean"},"updated":{"description":"The time at which record was was last updated","type":"integer"}}}]}}}}}}},"400":{"description":"Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"401":{"description":"Access token is missing or invalid","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"403":{"description":"Access is forbidden","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"default":{"description":"Unknown Error Occurred","content":{"application/json":{"schema":{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}}}}}}}}}}
```

## Create Context Creation Model

> Creates a context creation model from the data that's been supplied.  Do not provide an id.  IDs are auto generated

```json
{"openapi":"3.0.0","info":{"title":"Netography APIs","version":"1.0"},"tags":[{"name":"Detect and Respond - Context Creation Models"}],"servers":[{"url":"https://api.netography.com","description":"Netography API"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT"}}},"paths":{"/api/v1/rule-engine/ccm":{"post":{"operationId":"v1_context_creation_model_post","summary":"Create Context Creation Model","description":"Creates a context creation model from the data that's been supplied.  Do not provide an id.  IDs are auto generated","tags":["Detect and Respond - Context Creation Models"],"requestBody":{"description":"Context Creation Model to be added","required":true,"content":{"application/json":{"schema":{"description":"Context Creation Model Create or Update Config","type":"object","required":["description","expiration","name","rollupperiod","search_by","thresholds","track_by","algo_record_type"],"allOf":[{"type":"object","properties":{"action":{"description":"Action for the context model","type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"field":{"type":"string"},"context":{"type":"string"},"labels":{"type":"array","items":{"type":"string"}}}}},"bypassdisplay":{"description":"If true, portal and API will not display new events","type":"boolean"},"bypassrule":{"description":"If true, alerts will not be processed by policies and integrations","type":"boolean"},"categories":{"description":"Categories for the context model","type":"array","items":{"type":"string"}},"description":{"description":"Context model description","type":"string"},"discards":{"description":"Discard lists are NQL statements that if matched do not get processed through the event. It enables skipping certain combinations without disabling the context model","type":"array","items":{"type":"string"}},"enabled":{"description":"If true, the context model is enabled","type":"boolean"},"expiration":{"description":"Number of seconds the context creation model will remain active","type":"integer"},"factors":{"description":"Factors for the context model","type":"array","items":{"type":"string"}},"name":{"description":"Name of the context model","type":"string"},"rollupperiod":{"description":"The lookback period for the context model. Min 15 seconds. Max 1 hour (3600)","type":"integer"},"search_by":{"description":"Search criteria for the context model","type":"array","items":{"type":"object","properties":{"search":{"type":"array","items":{"type":"string"}},"type":{"type":"string"}}}},"thresholds":{"description":"Thresholds for the context model","type":"array","items":{"type":"object","properties":{"severity":{"type":"string"},"threshold":{"type":"string"}}}},"track_by":{"description":"Tracking criteria for the context model","type":"array","items":{"type":"array","items":{"type":"string"}}},"updateinterval":{"description":"When ongoing updates should be sent. Max 6 hours (21600). 0 for disabled","type":"integer"},"algo_record_type":{"description":"The context of record to be used for the context model","type":"string","enum":["flow","dns"]}}}]}}}},"responses":{"201":{"description":"Requested Context Creation Model","content":{"application/json":{"schema":{"type":"object","additionalProperties":false,"properties":{"meta":{"type":"object","additionalProperties":false,"readOnly":true,"properties":{"code":{"description":"API response code.  200 ok, 400 you did something wrong.  500 we did something wrong","type":"integer","readOnly":true,"format":"int32"},"count":{"description":"Number of documents retrieved or updated.","type":"integer","readOnly":true,"format":"int32"}}},"data":{"type":"array","maxItems":1,"items":{"allOf":[{"description":"Context Creation Model Record","type":"object","allOf":[{"type":"object","properties":{"action":{"description":"Action for the context model","type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"field":{"type":"string"},"context":{"type":"string"},"labels":{"type":"array","items":{"type":"string"}}}}},"bypassdisplay":{"description":"If true, portal and API will not display new events","type":"boolean"},"bypassrule":{"description":"If true, alerts will not be processed by policies and integrations","type":"boolean"},"categories":{"description":"Categories for the context model","type":"array","items":{"type":"string"}},"description":{"description":"Context model description","type":"string"},"discards":{"description":"Discard lists are NQL statements that if matched do not get processed through the event. It enables skipping certain combinations without disabling the context model","type":"array","items":{"type":"string"}},"enabled":{"description":"If true, the context model is enabled","type":"boolean"},"expiration":{"description":"Number of seconds the context creation model will remain active","type":"integer"},"factors":{"description":"Factors for the context model","type":"array","items":{"type":"string"}},"name":{"description":"Name of the context model","type":"string"},"rollupperiod":{"description":"The lookback period for the context model. Min 15 seconds. Max 1 hour (3600)","type":"integer"},"search_by":{"description":"Search criteria for the context model","type":"array","items":{"type":"object","properties":{"search":{"type":"array","items":{"type":"string"}},"type":{"type":"string"}}}},"thresholds":{"description":"Thresholds for the context model","type":"array","items":{"type":"object","properties":{"severity":{"type":"string"},"threshold":{"type":"string"}}}},"track_by":{"description":"Tracking criteria for the context model","type":"array","items":{"type":"array","items":{"type":"string"}}},"updateinterval":{"description":"When ongoing updates should be sent. Max 6 hours (21600). 0 for disabled","type":"integer"},"algo_record_type":{"description":"The context of record to be used for the context model","type":"string","enum":["flow","dns"]}}}],"properties":{"algo_type":{"description":"Context model type","type":"string"},"beta":{"description":"If true, it's a beta context model","type":"boolean"},"created":{"description":"The time at which record was created","type":"integer"},"id":{"description":"Context model ID","type":"string"},"recommended":{"description":"If true, it's a recomended context model","type":"boolean"},"subscription":{"description":"Subscription for the context model","type":"object","properties":{"all":{"type":"string"}}},"subscriptiontype":{"description":"Subscription type for the context model","type":"string"},"system":{"description":"If true, it's a system context model","type":"boolean"},"systemdefault":{"description":"If true, it's a system default context model","type":"boolean"},"updated":{"description":"The time at which record was was last updated","type":"integer"}}}]}}}}}}},"400":{"description":"Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"401":{"description":"Access token is missing or invalid","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"403":{"description":"Access is forbidden","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"default":{"description":"Unknown Error Occurred","content":{"application/json":{"schema":{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}}}}}}}}}}
```

## Fetch Context Creation Model

> Fetches a specific context creation model from the ID supplied in the path.

```json
{"openapi":"3.0.0","info":{"title":"Netography APIs","version":"1.0"},"tags":[{"name":"Detect and Respond - Context Creation Models"}],"servers":[{"url":"https://api.netography.com","description":"Netography API"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT"}}},"paths":{"/api/v1/rule-engine/ccm/{id}":{"get":{"operationId":"v1_context_creation_model_id_get","summary":"Fetch Context Creation Model","description":"Fetches a specific context creation model from the ID supplied in the path.","tags":["Detect and Respond - Context Creation Models"],"parameters":[{"name":"id","in":"path","required":true,"description":"The ID of the context creation model to be returned.","schema":{"type":"string"}}],"responses":{"200":{"description":"Requested Context Creation Model","content":{"application/json":{"schema":{"type":"object","additionalProperties":false,"properties":{"meta":{"type":"object","additionalProperties":false,"readOnly":true,"properties":{"code":{"description":"API response code.  200 ok, 400 you did something wrong.  500 we did something wrong","type":"integer","readOnly":true,"format":"int32"},"count":{"description":"Number of documents retrieved or updated.","type":"integer","readOnly":true,"format":"int32"}}},"data":{"type":"array","maxItems":1,"items":{"allOf":[{"description":"Context Creation Model Record","type":"object","allOf":[{"type":"object","properties":{"action":{"description":"Action for the context model","type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"field":{"type":"string"},"context":{"type":"string"},"labels":{"type":"array","items":{"type":"string"}}}}},"bypassdisplay":{"description":"If true, portal and API will not display new events","type":"boolean"},"bypassrule":{"description":"If true, alerts will not be processed by policies and integrations","type":"boolean"},"categories":{"description":"Categories for the context model","type":"array","items":{"type":"string"}},"description":{"description":"Context model description","type":"string"},"discards":{"description":"Discard lists are NQL statements that if matched do not get processed through the event. It enables skipping certain combinations without disabling the context model","type":"array","items":{"type":"string"}},"enabled":{"description":"If true, the context model is enabled","type":"boolean"},"expiration":{"description":"Number of seconds the context creation model will remain active","type":"integer"},"factors":{"description":"Factors for the context model","type":"array","items":{"type":"string"}},"name":{"description":"Name of the context model","type":"string"},"rollupperiod":{"description":"The lookback period for the context model. Min 15 seconds. Max 1 hour (3600)","type":"integer"},"search_by":{"description":"Search criteria for the context model","type":"array","items":{"type":"object","properties":{"search":{"type":"array","items":{"type":"string"}},"type":{"type":"string"}}}},"thresholds":{"description":"Thresholds for the context model","type":"array","items":{"type":"object","properties":{"severity":{"type":"string"},"threshold":{"type":"string"}}}},"track_by":{"description":"Tracking criteria for the context model","type":"array","items":{"type":"array","items":{"type":"string"}}},"updateinterval":{"description":"When ongoing updates should be sent. Max 6 hours (21600). 0 for disabled","type":"integer"},"algo_record_type":{"description":"The context of record to be used for the context model","type":"string","enum":["flow","dns"]}}}],"properties":{"algo_type":{"description":"Context model type","type":"string"},"beta":{"description":"If true, it's a beta context model","type":"boolean"},"created":{"description":"The time at which record was created","type":"integer"},"id":{"description":"Context model ID","type":"string"},"recommended":{"description":"If true, it's a recomended context model","type":"boolean"},"subscription":{"description":"Subscription for the context model","type":"object","properties":{"all":{"type":"string"}}},"subscriptiontype":{"description":"Subscription type for the context model","type":"string"},"system":{"description":"If true, it's a system context model","type":"boolean"},"systemdefault":{"description":"If true, it's a system default context model","type":"boolean"},"updated":{"description":"The time at which record was was last updated","type":"integer"}}}]}}}}}}},"400":{"description":"Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"401":{"description":"Access token is missing or invalid","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"403":{"description":"Access is forbidden","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"default":{"description":"Unknown Error Occurred","content":{"application/json":{"schema":{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}}}}}}}}}}
```

## Update Context Creation Model

> Update a context creation model given the provided object.  This does not do a diff.  You must send the complete object.

```json
{"openapi":"3.0.0","info":{"title":"Netography APIs","version":"1.0"},"tags":[{"name":"Detect and Respond - Context Creation Models"}],"servers":[{"url":"https://api.netography.com","description":"Netography API"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT"}}},"paths":{"/api/v1/rule-engine/ccm/{id}":{"put":{"operationId":"v1_context_creation_model_id_put","summary":"Update Context Creation Model","description":"Update a context creation model given the provided object.  This does not do a diff.  You must send the complete object.","tags":["Detect and Respond - Context Creation Models"],"requestBody":{"description":"Context creation model to be updated","required":true,"content":{"application/json":{"schema":{"description":"Context Creation Model Create or Update Config","type":"object","required":["description","expiration","name","rollupperiod","search_by","thresholds","track_by","algo_record_type"],"allOf":[{"type":"object","properties":{"action":{"description":"Action for the context model","type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"field":{"type":"string"},"context":{"type":"string"},"labels":{"type":"array","items":{"type":"string"}}}}},"bypassdisplay":{"description":"If true, portal and API will not display new events","type":"boolean"},"bypassrule":{"description":"If true, alerts will not be processed by policies and integrations","type":"boolean"},"categories":{"description":"Categories for the context model","type":"array","items":{"type":"string"}},"description":{"description":"Context model description","type":"string"},"discards":{"description":"Discard lists are NQL statements that if matched do not get processed through the event. It enables skipping certain combinations without disabling the context model","type":"array","items":{"type":"string"}},"enabled":{"description":"If true, the context model is enabled","type":"boolean"},"expiration":{"description":"Number of seconds the context creation model will remain active","type":"integer"},"factors":{"description":"Factors for the context model","type":"array","items":{"type":"string"}},"name":{"description":"Name of the context model","type":"string"},"rollupperiod":{"description":"The lookback period for the context model. Min 15 seconds. Max 1 hour (3600)","type":"integer"},"search_by":{"description":"Search criteria for the context model","type":"array","items":{"type":"object","properties":{"search":{"type":"array","items":{"type":"string"}},"type":{"type":"string"}}}},"thresholds":{"description":"Thresholds for the context model","type":"array","items":{"type":"object","properties":{"severity":{"type":"string"},"threshold":{"type":"string"}}}},"track_by":{"description":"Tracking criteria for the context model","type":"array","items":{"type":"array","items":{"type":"string"}}},"updateinterval":{"description":"When ongoing updates should be sent. Max 6 hours (21600). 0 for disabled","type":"integer"},"algo_record_type":{"description":"The context of record to be used for the context model","type":"string","enum":["flow","dns"]}}}]}}}},"parameters":[{"name":"id","in":"path","required":true,"description":"The ID of the context creation model to be updated","schema":{"type":"string"}}],"responses":{"200":{"description":"Requested Context Creation Model","content":{"application/json":{"schema":{"type":"object","additionalProperties":false,"properties":{"meta":{"type":"object","additionalProperties":false,"readOnly":true,"properties":{"code":{"description":"API response code.  200 ok, 400 you did something wrong.  500 we did something wrong","type":"integer","readOnly":true,"format":"int32"},"count":{"description":"Number of documents retrieved or updated.","type":"integer","readOnly":true,"format":"int32"}}},"data":{"type":"array","maxItems":1,"items":{"allOf":[{"description":"Context Creation Model Record","type":"object","allOf":[{"type":"object","properties":{"action":{"description":"Action for the context model","type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"field":{"type":"string"},"context":{"type":"string"},"labels":{"type":"array","items":{"type":"string"}}}}},"bypassdisplay":{"description":"If true, portal and API will not display new events","type":"boolean"},"bypassrule":{"description":"If true, alerts will not be processed by policies and integrations","type":"boolean"},"categories":{"description":"Categories for the context model","type":"array","items":{"type":"string"}},"description":{"description":"Context model description","type":"string"},"discards":{"description":"Discard lists are NQL statements that if matched do not get processed through the event. It enables skipping certain combinations without disabling the context model","type":"array","items":{"type":"string"}},"enabled":{"description":"If true, the context model is enabled","type":"boolean"},"expiration":{"description":"Number of seconds the context creation model will remain active","type":"integer"},"factors":{"description":"Factors for the context model","type":"array","items":{"type":"string"}},"name":{"description":"Name of the context model","type":"string"},"rollupperiod":{"description":"The lookback period for the context model. Min 15 seconds. Max 1 hour (3600)","type":"integer"},"search_by":{"description":"Search criteria for the context model","type":"array","items":{"type":"object","properties":{"search":{"type":"array","items":{"type":"string"}},"type":{"type":"string"}}}},"thresholds":{"description":"Thresholds for the context model","type":"array","items":{"type":"object","properties":{"severity":{"type":"string"},"threshold":{"type":"string"}}}},"track_by":{"description":"Tracking criteria for the context model","type":"array","items":{"type":"array","items":{"type":"string"}}},"updateinterval":{"description":"When ongoing updates should be sent. Max 6 hours (21600). 0 for disabled","type":"integer"},"algo_record_type":{"description":"The context of record to be used for the context model","type":"string","enum":["flow","dns"]}}}],"properties":{"algo_type":{"description":"Context model type","type":"string"},"beta":{"description":"If true, it's a beta context model","type":"boolean"},"created":{"description":"The time at which record was created","type":"integer"},"id":{"description":"Context model ID","type":"string"},"recommended":{"description":"If true, it's a recomended context model","type":"boolean"},"subscription":{"description":"Subscription for the context model","type":"object","properties":{"all":{"type":"string"}}},"subscriptiontype":{"description":"Subscription type for the context model","type":"string"},"system":{"description":"If true, it's a system context model","type":"boolean"},"systemdefault":{"description":"If true, it's a system default context model","type":"boolean"},"updated":{"description":"The time at which record was was last updated","type":"integer"}}}]}}}}}}},"400":{"description":"Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"401":{"description":"Access token is missing or invalid","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"403":{"description":"Access is forbidden","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"default":{"description":"Unknown Error Occurred","content":{"application/json":{"schema":{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}}}}}}}}}}
```

## Delete Context Creation Model

> Deletes a context creation model

```json
{"openapi":"3.0.0","info":{"title":"Netography APIs","version":"1.0"},"tags":[{"name":"Detect and Respond - Context Creation Models"}],"servers":[{"url":"https://api.netography.com","description":"Netography API"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT"}}},"paths":{"/api/v1/rule-engine/ccm/{id}":{"delete":{"operationId":"v1_context_creation_model_id_delete","summary":"Delete Context Creation Model","description":"Deletes a context creation model","tags":["Detect and Respond - Context Creation Models"],"parameters":[{"name":"id","in":"path","required":true,"description":"The ID of the context creation model to be deleted","schema":{"type":"string"}}],"responses":{"204":{"description":"An empty array"},"400":{"description":"Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"401":{"description":"Access token is missing or invalid","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"403":{"description":"Access is forbidden","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"default":{"description":"Unknown Error Occurred","content":{"application/json":{"schema":{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}}}}}}}}}}
```

## Enable Context Creation Model

> Enables a context creation model

```json
{"openapi":"3.0.0","info":{"title":"Netography APIs","version":"1.0"},"tags":[{"name":"Detect and Respond - Context Creation Models"}],"servers":[{"url":"https://api.netography.com","description":"Netography API"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT"}}},"paths":{"/api/v1/rule-engine/ccm/{id}/enable":{"put":{"operationId":"v1_context_creation_model_id_enable_put","summary":"Enable Context Creation Model","description":"Enables a context creation model","tags":["Detect and Respond - Context Creation Models"],"parameters":[{"name":"id","in":"path","required":true,"description":"The ID of the context creation model to be enabled","schema":{"type":"string"}}],"responses":{"200":{"description":"Requested Context Creation Model","content":{"application/json":{"schema":{"type":"object","additionalProperties":false,"properties":{"meta":{"type":"object","additionalProperties":false,"readOnly":true,"properties":{"code":{"description":"API response code.  200 ok, 400 you did something wrong.  500 we did something wrong","type":"integer","readOnly":true,"format":"int32"},"count":{"description":"Number of documents retrieved or updated.","type":"integer","readOnly":true,"format":"int32"}}},"data":{"type":"array","maxItems":1,"items":{"allOf":[{"description":"Context Creation Model Record","type":"object","allOf":[{"type":"object","properties":{"action":{"description":"Action for the context model","type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"field":{"type":"string"},"context":{"type":"string"},"labels":{"type":"array","items":{"type":"string"}}}}},"bypassdisplay":{"description":"If true, portal and API will not display new events","type":"boolean"},"bypassrule":{"description":"If true, alerts will not be processed by policies and integrations","type":"boolean"},"categories":{"description":"Categories for the context model","type":"array","items":{"type":"string"}},"description":{"description":"Context model description","type":"string"},"discards":{"description":"Discard lists are NQL statements that if matched do not get processed through the event. It enables skipping certain combinations without disabling the context model","type":"array","items":{"type":"string"}},"enabled":{"description":"If true, the context model is enabled","type":"boolean"},"expiration":{"description":"Number of seconds the context creation model will remain active","type":"integer"},"factors":{"description":"Factors for the context model","type":"array","items":{"type":"string"}},"name":{"description":"Name of the context model","type":"string"},"rollupperiod":{"description":"The lookback period for the context model. Min 15 seconds. Max 1 hour (3600)","type":"integer"},"search_by":{"description":"Search criteria for the context model","type":"array","items":{"type":"object","properties":{"search":{"type":"array","items":{"type":"string"}},"type":{"type":"string"}}}},"thresholds":{"description":"Thresholds for the context model","type":"array","items":{"type":"object","properties":{"severity":{"type":"string"},"threshold":{"type":"string"}}}},"track_by":{"description":"Tracking criteria for the context model","type":"array","items":{"type":"array","items":{"type":"string"}}},"updateinterval":{"description":"When ongoing updates should be sent. Max 6 hours (21600). 0 for disabled","type":"integer"},"algo_record_type":{"description":"The context of record to be used for the context model","type":"string","enum":["flow","dns"]}}}],"properties":{"algo_type":{"description":"Context model type","type":"string"},"beta":{"description":"If true, it's a beta context model","type":"boolean"},"created":{"description":"The time at which record was created","type":"integer"},"id":{"description":"Context model ID","type":"string"},"recommended":{"description":"If true, it's a recomended context model","type":"boolean"},"subscription":{"description":"Subscription for the context model","type":"object","properties":{"all":{"type":"string"}}},"subscriptiontype":{"description":"Subscription type for the context model","type":"string"},"system":{"description":"If true, it's a system context model","type":"boolean"},"systemdefault":{"description":"If true, it's a system default context model","type":"boolean"},"updated":{"description":"The time at which record was was last updated","type":"integer"}}}]}}}}}}},"400":{"description":"Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"401":{"description":"Access token is missing or invalid","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"403":{"description":"Access is forbidden","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"default":{"description":"Unknown Error Occurred","content":{"application/json":{"schema":{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}}}}}}}}}}
```

## Disable Context Creation Model

> Disables a context creation model

```json
{"openapi":"3.0.0","info":{"title":"Netography APIs","version":"1.0"},"tags":[{"name":"Detect and Respond - Context Creation Models"}],"servers":[{"url":"https://api.netography.com","description":"Netography API"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT"}}},"paths":{"/api/v1/rule-engine/ccm/{id}/disable":{"put":{"operationId":"v1_context_creation_model_id_disable_put","summary":"Disable Context Creation Model","description":"Disables a context creation model","tags":["Detect and Respond - Context Creation Models"],"parameters":[{"name":"id","in":"path","required":true,"description":"The ID of the context creation model to be disabled","schema":{"type":"string"}}],"responses":{"200":{"description":"Requested Context Creation Model","content":{"application/json":{"schema":{"type":"object","additionalProperties":false,"properties":{"meta":{"type":"object","additionalProperties":false,"readOnly":true,"properties":{"code":{"description":"API response code.  200 ok, 400 you did something wrong.  500 we did something wrong","type":"integer","readOnly":true,"format":"int32"},"count":{"description":"Number of documents retrieved or updated.","type":"integer","readOnly":true,"format":"int32"}}},"data":{"type":"array","maxItems":1,"items":{"allOf":[{"description":"Context Creation Model Record","type":"object","allOf":[{"type":"object","properties":{"action":{"description":"Action for the context model","type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"field":{"type":"string"},"context":{"type":"string"},"labels":{"type":"array","items":{"type":"string"}}}}},"bypassdisplay":{"description":"If true, portal and API will not display new events","type":"boolean"},"bypassrule":{"description":"If true, alerts will not be processed by policies and integrations","type":"boolean"},"categories":{"description":"Categories for the context model","type":"array","items":{"type":"string"}},"description":{"description":"Context model description","type":"string"},"discards":{"description":"Discard lists are NQL statements that if matched do not get processed through the event. It enables skipping certain combinations without disabling the context model","type":"array","items":{"type":"string"}},"enabled":{"description":"If true, the context model is enabled","type":"boolean"},"expiration":{"description":"Number of seconds the context creation model will remain active","type":"integer"},"factors":{"description":"Factors for the context model","type":"array","items":{"type":"string"}},"name":{"description":"Name of the context model","type":"string"},"rollupperiod":{"description":"The lookback period for the context model. Min 15 seconds. Max 1 hour (3600)","type":"integer"},"search_by":{"description":"Search criteria for the context model","type":"array","items":{"type":"object","properties":{"search":{"type":"array","items":{"type":"string"}},"type":{"type":"string"}}}},"thresholds":{"description":"Thresholds for the context model","type":"array","items":{"type":"object","properties":{"severity":{"type":"string"},"threshold":{"type":"string"}}}},"track_by":{"description":"Tracking criteria for the context model","type":"array","items":{"type":"array","items":{"type":"string"}}},"updateinterval":{"description":"When ongoing updates should be sent. Max 6 hours (21600). 0 for disabled","type":"integer"},"algo_record_type":{"description":"The context of record to be used for the context model","type":"string","enum":["flow","dns"]}}}],"properties":{"algo_type":{"description":"Context model type","type":"string"},"beta":{"description":"If true, it's a beta context model","type":"boolean"},"created":{"description":"The time at which record was created","type":"integer"},"id":{"description":"Context model ID","type":"string"},"recommended":{"description":"If true, it's a recomended context model","type":"boolean"},"subscription":{"description":"Subscription for the context model","type":"object","properties":{"all":{"type":"string"}}},"subscriptiontype":{"description":"Subscription type for the context model","type":"string"},"system":{"description":"If true, it's a system context model","type":"boolean"},"systemdefault":{"description":"If true, it's a system default context model","type":"boolean"},"updated":{"description":"The time at which record was was last updated","type":"integer"}}}]}}}}}}},"400":{"description":"Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"401":{"description":"Access token is missing or invalid","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"403":{"description":"Access is forbidden","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"default":{"description":"Unknown Error Occurred","content":{"application/json":{"schema":{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}}}}}}}}}}
```

## Reset Context Creation Model

> Resets a customized system context creation model

```json
{"openapi":"3.0.0","info":{"title":"Netography APIs","version":"1.0"},"tags":[{"name":"Detect and Respond - Context Creation Models"}],"servers":[{"url":"https://api.netography.com","description":"Netography API"}],"security":[{"BearerAuth":[]}],"components":{"securitySchemes":{"BearerAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT"}}},"paths":{"/api/v1/rule-engine/ccm/{id}/reset":{"put":{"operationId":"v1_context_creation_model_id_reset_put","summary":"Reset Context Creation Model","description":"Resets a customized system context creation model","tags":["Detect and Respond - Context Creation Models"],"parameters":[{"name":"id","in":"path","required":true,"description":"The ID of the context creation model to be reseted","schema":{"type":"string"}}],"responses":{"200":{"description":"Requested Context Creation Model","content":{"application/json":{"schema":{"type":"object","additionalProperties":false,"properties":{"meta":{"type":"object","additionalProperties":false,"readOnly":true,"properties":{"code":{"description":"API response code.  200 ok, 400 you did something wrong.  500 we did something wrong","type":"integer","readOnly":true,"format":"int32"},"count":{"description":"Number of documents retrieved or updated.","type":"integer","readOnly":true,"format":"int32"}}},"data":{"type":"array","maxItems":1,"items":{"allOf":[{"description":"Context Creation Model Record","type":"object","allOf":[{"type":"object","properties":{"action":{"description":"Action for the context model","type":"array","items":{"type":"object","properties":{"type":{"type":"string"},"field":{"type":"string"},"context":{"type":"string"},"labels":{"type":"array","items":{"type":"string"}}}}},"bypassdisplay":{"description":"If true, portal and API will not display new events","type":"boolean"},"bypassrule":{"description":"If true, alerts will not be processed by policies and integrations","type":"boolean"},"categories":{"description":"Categories for the context model","type":"array","items":{"type":"string"}},"description":{"description":"Context model description","type":"string"},"discards":{"description":"Discard lists are NQL statements that if matched do not get processed through the event. It enables skipping certain combinations without disabling the context model","type":"array","items":{"type":"string"}},"enabled":{"description":"If true, the context model is enabled","type":"boolean"},"expiration":{"description":"Number of seconds the context creation model will remain active","type":"integer"},"factors":{"description":"Factors for the context model","type":"array","items":{"type":"string"}},"name":{"description":"Name of the context model","type":"string"},"rollupperiod":{"description":"The lookback period for the context model. Min 15 seconds. Max 1 hour (3600)","type":"integer"},"search_by":{"description":"Search criteria for the context model","type":"array","items":{"type":"object","properties":{"search":{"type":"array","items":{"type":"string"}},"type":{"type":"string"}}}},"thresholds":{"description":"Thresholds for the context model","type":"array","items":{"type":"object","properties":{"severity":{"type":"string"},"threshold":{"type":"string"}}}},"track_by":{"description":"Tracking criteria for the context model","type":"array","items":{"type":"array","items":{"type":"string"}}},"updateinterval":{"description":"When ongoing updates should be sent. Max 6 hours (21600). 0 for disabled","type":"integer"},"algo_record_type":{"description":"The context of record to be used for the context model","type":"string","enum":["flow","dns"]}}}],"properties":{"algo_type":{"description":"Context model type","type":"string"},"beta":{"description":"If true, it's a beta context model","type":"boolean"},"created":{"description":"The time at which record was created","type":"integer"},"id":{"description":"Context model ID","type":"string"},"recommended":{"description":"If true, it's a recomended context model","type":"boolean"},"subscription":{"description":"Subscription for the context model","type":"object","properties":{"all":{"type":"string"}}},"subscriptiontype":{"description":"Subscription type for the context model","type":"string"},"system":{"description":"If true, it's a system context model","type":"boolean"},"systemdefault":{"description":"If true, it's a system default context model","type":"boolean"},"updated":{"description":"The time at which record was was last updated","type":"integer"}}}]}}}}}}},"400":{"description":"Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"401":{"description":"Access token is missing or invalid","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"403":{"description":"Access is forbidden","content":{"application/json":{"schema":{"allOf":[{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}},{"type":"object","properties":{"status":{},"name":{},"message":{}}}]}}}},"default":{"description":"Unknown Error Occurred","content":{"application/json":{"schema":{"type":"object","required":["status","name","message"],"additionalProperties":false,"properties":{"status":{"description":"API response code: \n  * 4xx - you did something dumb\n  * 5xx - we did something dumb\n","type":"integer","readOnly":true,"format":"int32"},"name":{"description":"They type of error","type":"string","readOnly":true},"message":{"description":"description of the error","type":"string","readOnly":true}}}}}}}}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fusion.vectra.ai/api-reference/netography-apis/detect-and-respond-context-creation-models.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.