Notifications

List all notifications

Request

Definition

GET /api/v1/settings/notifications

Authorization required

Authentication token with privileges to view the resource.
```
Bearer {token}
```

Response

Status codes

Status code	Message
200	"List of notifications"
403	"Forbidden"

Body

Attributi
Esempio

data.settings.notifications.enabled boolean

Indicates whether notification is enabled.
data.settings.notifications.name string

Notification name.
data.settings.notifications.settings object

Object populated with information about the destination and format of the logs.
data.settings.notifications.settings.destination_address string

IP address to which the logs are sent.
data.settings.notifications.settings.destination_port integer

Port of the IP address to which the logs are sent.
data.settings.notifications.settings.format string

Format of the logs. The accepted formats are leef, cef and json.
data.settings.notifications.settings.protocol string

The protocol used to send data. The two allowed values are tcp and udp.
data.settings.notifications.type string

Type of notification system. Valid values are siem and generic.

{
"data": {
    "notifications": [
    {
        "enabled": true,
        "name": "siem_test",
        "settings": {
        "destination_address": "127.0.0.1",
        "destination_port": 59999,
        "format": "leef",
        "protocol": "udp"
        },
        "type": "siem"
    }
    ]
},
"message": "List of notifications",
"status": "ok"
}

List a specific notification

Request

Definition

GET /api/v1/settings/notifications/{notification_name}

Header

Authorization required

Authentication token with privileges to view the resource.
```
Bearer {token}
```

Response

Status codes

Status code	Message
200	"Notification retrieved"
400	"Error retrieving notifications"
403	"Forbidden"

Body

{
  "data": {
    "notification": {
      "enabled": true,
      "name": "siem_test",
      "settings": {
        "destination_address": "127.0.0.1",
        "destination_port": 59999,
        "format": "leef",
        "protocol": "udp"
      },
      "type": "siem"
    }
  },
  "message": "Notification retrieved",
  "status": "ok"
}

Create a SIEM notification

Request

Definition

POST /api/v1/settings/notifications

Headers

Authorization required

Authentication token with privileges to view the resource.
```
Bearer {token}
```
Content-Type required
```
application/json
```

Request body

{
  "notification": {
    "enabled": true,
    "name": "new_name",
    "settings": {
      "destination_address": "10.2.3.4",
      "destination_port": 80,
      "format": "cef",
      "protocol": "udp"
    },
    "type": "siem"
  }
}

Response

Status codes

Status code	Message
200	"Notification created"
400	"Error creating notification"
403	"Forbidden"

Body

{
  "data": {
    "notification": {
      "enabled": true,
      "name": "new_name",
      "settings": {
        "destination_address": "10.2.3.4",
        "destination_port": 80,
        "format": "cef",
        "protocol": "udp"
      },
      "type": "siem"
    }
  },
  "message": "Notification created",
  "status": "ok"
}

Update a specific notification

Request

Definition

PUT /api/v1/settings/notifications/{notification_name}

Headers

Authorization required

Authentication token with privileges to view the resource.
```
Bearer {token}
```
Content-Type required
```
application/json
```

Request body

{
  "attrs": {
    "settings": {
      "destination_address": "10.87.2.23",
      "destination_port": 10800
    }
  }
}

Response

Status codes

Status code	Message
200	"Notification updated"
400	"Error updating notification"
403	"Forbidden"

Body

{
  "data": {
    "notification": {
      "enabled": true,
      "name": "new_name",
      "settings": {
        "destination_address": "10.87.86.85",
        "destination_port": 10800,
        "format": "cef",
        "protocol": "udp"
      },
      "type": "siem"
    }
  },
  "message": "Notification updated",
  "status": "ok"
}

Delete a specific notification

Request

Definition

DELETE /api/v1/settings/notifications/{notification_name}

Headers

Authorization required

Authentication token with privileges to view the resource.
```
Bearer {token}
```

Response

Status codes

Status code	Message
200	"Notification deleted"
400	"Error deleting notification"
403	"Forbidden"

Body

{
  "data": {
    "notification": {
      "enabled": true,
      "name": "new_name",
      "settings": {
        "destination_address": "10.2.3.4",
        "destination_port": 80,
        "format": "cef",
        "protocol": "udp"
      },
      "type": "siem"
    }
  },
  "message": "Notification deleted",
  "status": "ok"
}

Notifications

List all notifications​

Request​

Definition​

Header​

Response​

Status codes​

Body​

List a specific notification​

Request​

Definition​

Header​

Response​

Status codes​

Body​

Create a SIEM notification​

Request​

Definition​

Headers​

Request body​

Response​

Status codes​

Body​

Update a specific notification​

Request​

Definition​

Headers​

Request body​

Response​

Status codes​

Body​

Delete a specific notification​

Request​

Definition​

Headers​

Response​

Status codes​

Body​

List all notifications

Request

Definition

Header

Response

Status codes

Body

List a specific notification

Request

Definition

Header

Response

Status codes

Body

Create a SIEM notification

Request

Definition

Headers

Request body

Response

Status codes

Body

Update a specific notification

Request

Definition

Headers

Request body

Response

Status codes

Body

Delete a specific notification

Request

Definition

Headers

Response

Status codes

Body