circle-info
Welcome to the new Logpoint documentation portal! Can’t find what you’re looking for?
Visit the old documentation portal.arrow-up-right
search

EnrichmentPolicy

hashtag
EnrichmentPolicy - Create

Adds a new enrichment policy.

POST

https://api-server-host-name/configapi/{pool_UUID}/{logpoint_identifier}/EnrichmentPolicy

hashtag
Parameters

Field
Label in UI
Type
Description

id

-

String

Existing enrichment policy id. Mandatory Field

name

Policy Name

String

Enrichment policy name. Mandatory Field

description

Description

String

Description for the enrichment policy. Optional Field

specifications

Specification

[json]

Mandatory Field. See specifications details below.

chevron-rightSpecifications detailshashtag

Mandatory Field. The following parameters must be provided to define enrichment policy specifications:

  • rules: Rules for the enrichment policy. Optional field.

    To define rules, the following parameters must be provided:

    • category: Value can be "simple" or "type_based".

    • operation: Value must be "Equals".

    • prefix: Value can be "true" or "false". Mandatory only when category = "type_based".

    • event_key: Event id. Mandatory only when category = "simple".

    • source_key: Source id.

    • type: Value can only be "ip" or "string" or "num". Mandatory only when category = "type_based".

  • source: Enrichment source. Mandatory.

  • criteria: Criteria for the enrichment policy.

    To define the enrichment criteria, the following parameters must be provided:

    • type: Value can be "KeyPresents" or "KeyPresentsValueMatches".

    • key: The enrichment policy criteria is fulfilled if this key is present in the log.

    • value: The criteria is fulfilled if the above mentioned key and this value is present in the log. Mandatory.

hashtag
Request Example

{
    "data": {
        "name": "testPolicy",
        "specifications": [
            {
                "rules": [
                    {
                        "category": "simple",
                        "source_key": "id",
                        "prefix": false,
                        "operation": "Equals",
                        "type": "string",
                        "event_key": "id"
                    }
                ],
                "source": "test_odbc",
                "criteria": [
                    {
                        "type": "KeyPresents",
                        "key": "id",
                        "value": ""
                    }
                ]
            }
        ],
        "description": "Enrichment Policy <i> description </i>."
    }
}

hashtag
Success Response

hashtag
EnrichmentPolicy - Edit

Edits an enrichment policy of given id.

PUT

hashtag
Parameters

Field
Label in UI
Type
Description

id

-

String

Existing enrichment policy id. Mandatory Field

name

Policy Name

String

Enrichment policy name. Mandatory Field

description

Description

String

Description for the enrichment policy. Optional Field

specifications

Specification

[json]

Mandatory Field. See specifications details (same as Create).

chevron-rightSpecifications detailshashtag

Mandatory Field. The following parameters must be provided to define enrichment policy specifications:

  • rules: Rules for the enrichment policy. Optional field.

    To define rules, the following parameters must be provided:

    • category: Value can be "simple" or "type_based".

    • operation: Value must be "Equals".

    • prefix: Value can be "true" or "false". Mandatory only when category = "type_based".

    • event_key: Event id. Mandatory only when category = "simple".

    • source_key: Source id.

    • type: Value can only be "ip" or "string" or "num". Mandatory only when category = "type_based".

  • source: Enrichment source. Mandatory.

  • criteria: Criteria for the enrichment policy.

    To define the enrichment criteria, the following parameters must be provided:

    • type: Value can be "KeyPresents" or "KeyPresentsValueMatches".

    • key: The enrichment policy criteria is fulfilled if this key is present in the log.

    • value: The criteria is fulfilled if the above mentioned key and this value is present in the log. Mandatory.

hashtag
Request Example

hashtag
Success Response

hashtag
EnrichmentPolicy - Get

Fetches an enrichment policy with given id.

GET

hashtag
Parameters

Field
Label in UI
Type
Description

id

-

String

Existing Enrichment Policy id.

hashtag
Success Response

hashtag
EnrichmentPolicy - List

Lists all enrichment policies.

GET

hashtag
Success Response

hashtag
EnrichmentPolicy - Trash

Deletes an enrichment policy with given id.

DELETE

hashtag
Parameters

Field
Label in UI
Type
Description

id

-

String

Enrichment Policy id. Mandatory Field

hashtag
Success Response

Last updated

Was this helpful?