See the API's various operations for details on their request parameters and response data.
You can also run this API with a Postman collection.
| Operation | Method | Endpoint |
|---|---|---|
| Threat event reports | ||
| Report threat event totals | GET | /configs/{configId}/threat-events/aggregate |
| Report threat event details | POST | /configs/{configId}/threat-events/details |
| Report threat event time series | GET | /configs/{configId}/threat-events/time-series |
| AUP event reports | ||
| Report AUP event totals | GET | /configs/{configId}/aup-events/aggregate |
| Report AUP event details | POST | /configs/{configId}/aup-events/details |
| Report AUP event time series | GET | /configs/{configId}/aup-events/time-series |
| DNS activity reports | ||
| Report DNS activity totals | GET | /configs/{configId}/dns-activities/aggregate |
| Report DNS activity event details | POST | /configs/{configId}/dns-activities/details |
| Report DNS activity time series | GET | /configs/{configId}/dns-activities/time-series |
| Security Connector event reports | ||
| Report security connector event totals | GET | /configs/{configId}/sinkhole-events/aggregate |
| Report security connector event details | POST | /configs/{configId}/sinkhole-events/details |
| Report security connector event time series | GET | /configs/{configId}/sinkhole-events/time-series |
| Network traffic connections reports | ||
| Report network traffic connections totals | GET | /configs/{configId}/network-traffic/connections/aggregate |
| Report network traffic connections details | POST | /configs/{configId}/network-traffic/connections/details |
| Report network traffic connections time series | GET | /configs/{configId}/network-traffic/connections/time-series |
| Proxy traffic transactions reports | ||
| Report proxy traffic transactions totals | GET | /configs/{configId}/proxy-traffic/transactions/aggregate |
| Report proxy network traffic transaction details | POST | /configs/{configId}/proxy-traffic/transactions/details |
| Report proxy traffic transactions time series | GET | /configs/{configId}/proxy-traffic/transactions/time-series |
| IDP systems reports | ||
| Report IDP access log details | POST | /configs/{configId}/access-logs/details |
| Indicators of Compromise (IOC) reports | ||
| Get IOC time series report | GET | /configs/{configId}/ioc/time-series |
| Get IOC change report | GET | /ioc/changes |
| Get IOC details report | GET | /ioc/details |
| Get IOC AUP detail report | GET | /ioc/details/aup |
| Get IOC AVC details report | GET | /ioc/details/avc |
| Get IOC CIDR details report | GET | /ioc/details/cidr |
| Get IOC domain tree report | GET | /ioc/domain-tree |
| DeepScan event reports | ||
| Get deepscan details report | GET | /configs/{configId}/deep-scan-reports |
| Threat metadata report | ||
| Get threat metadata report | GET | /configs/{configId}/threats/threat-meta |
| Feedback reports | ||
| Get feedback event detail report | GET | /configs/{configId}/feedbacks/details |
| Report a threat | POST | /configs/{configId}/feedbacks/details |
| Report schedules | ||
| List report schedules | GET | /configs/{configId}/schedules |
| Create a report schedule | POST | /configs/{configId}/schedules |
| Remove a report schedule | DELETE | /configs/{configId}/schedules/{scheduleId} |
| Get a report schedule | GET | /configs/{configId}/schedules/{scheduleId} |
| Update a report schedule | PUT | /configs/{configId}/schedules/{scheduleId} |
| Disable a report schedule | POST | /configs/{configId}/schedules/{scheduleId}/disable |
| Enable a report schedule | POST | /configs/{configId}/schedules/{scheduleId}/enable |
| Threat intelligence | ||
| Get latest domain threat intelligence | GET | /threat-intel/domains/latest/check |