认证
SEC: <authorized-service-token>
Version: 26.0
Accept: application/jsonSIEM API
| 操作 | 方法 | 端点 |
|---|---|---|
| 列出 Offenses | GET | /api/siem/offenses |
| 获取 Offense | GET | /api/siem/offenses/{id} |
| 更新 Offense | POST | /api/siem/offenses/{id} |
| 关闭 Offense | POST | /api/siem/offenses/{id} |
| 列出 Source IP | GET | /api/siem/source_addresses |
| 列出 Destination IP | GET | /api/siem/local_destination_addresses |
Ariel API
| 操作 | 方法 | 端点 |
|---|---|---|
| 提交查询 | POST | /api/ariel/searches |
| 查询状态 | GET | /api/ariel/searches/{search_id} |
| 获取结果 | GET | /api/ariel/searches/{search_id}/results |
| 删除查询 | DELETE | /api/ariel/searches/{search_id} |
Reference Data API
| 操作 | 方法 | 端点 |
|---|---|---|
| 列出所有 Set | GET | /api/reference_data/sets |
| 获取 Set | GET | /api/reference_data/sets/{name} |
| 添加元素 | POST | /api/reference_data/sets/{name} |
| 删除元素 | DELETE | /api/reference_data/sets/{name}/{value} |
| 删除整个 Set | DELETE | /api/reference_data/sets/{name} |
Log Source API
| 操作 | 方法 | 端点 |
|---|---|---|
| 列出日志源 | GET | /api/config/event_sources/log_source_management/log_sources |
| 创建日志源 | POST | /api/config/event_sources/log_source_management/log_sources |
| 获取日志源 | GET | /api/config/event_sources/log_source_management/log_sources/{id} |
| 更新日志源 | POST | /api/config/event_sources/log_source_management/log_sources/{id} |
| 删除日志源 | DELETE | /api/config/event_sources/log_source_management/log_sources/{id} |
系统 API
| 操作 | 方法 | 端点 |
|---|---|---|
| 系统信息 | GET | /api/system/about |
| 服务器列表 | GET | /api/system/servers |
| 部署配置 | GET | /api/system/servers/{server_id} |
| 生成报告 | POST | /api/reports/{report_id} |