Fetches the enrichment source with given ID.
GET
https://api-server-host-name/configapi/{pool_UUID}/{logpoint_identifier}/EnrichmentSource/{id}
Parameter
Field |
Label in UI |
Type |
Description |
|---|---|---|---|
id |
- |
String |
Existing enrichment source id. |
Success Response
{
"active": true,
"delete_status": "",
"id": "59467646d8aaa41be49d158b",
"last_updated": 0,
"plugin_info": {
"source_fields": [
{
"field": "domain"
},
{
"field": "url"
},
{
"field": "category"
},
{
"field": "type"
},
{
"field": "threat_source"
},
{
"field": "ip_address"
},
{
"field": "score"
},
{
"field": "port"
},
{
"field": "start_ts"
},
{
"field": "end_ts"
}
]
},
"reason": null,
"result": "",
"single_entry": true,
"source_name": "threat_intelligence",
"source_type": "ThreatIntelligence",
"tid": ""
}
Lists all enrichment sources.
GET
https://api-server-host-name/configapi/{pool_UUID}/{logpoint_identifier}/EnrichmentSource
Success Response
[
{
"active ": true,
"delete_status ": " ",
"id ": "59467646d8aaa41be49d158b ",
"last_updated ": 0,
"plugin_info ": {
"source_fields ": [
{
"field ": "domain "
},
{
"field ": "url "
},
{
"field ": "category "
},
{
"field ": "type "
},
{
"field ": "threat_source "
},
{
"field ": "ip_address "
},
{
"field ": "score "
},
{
"field ": "port "
},
{
"field ": "start_ts "
},
{
"field ": "end_ts "
}
]
},
"reason ": null,
"result ": " ",
"single_entry ": true,
"source_name ": "threat_intelligence ",
"source_type ": "ThreatIntelligence ",
"tid ": " "
},
{
"active ": true,
"delete_status ": " ",
"id ": "59b0ffa5d8aaa42bf93f9b4c ",
"last_updated ": 1504772009,
"plugin_info ": {
"charset ": "utf_8 ",
"csv_file ": "/opt/immune/app_store/norm/enrichment/csv/smoke.csv ",
"includes_header ": true,
"source_fields ": [
{
"field ": "MYCOUNT ",
"name ": "ext-gen2231 ",
"type ": "string "
},
{
"field ": "nepal ",
"name ": "ext-gen2232 ",
"type ": "string "
}
],
"source_name ": "smoke "
},
"reason ": null,
"result ": "Updated ",
"source_info ": {
"id ": "108110b2c924449f75c62e3e562e76c3 ",
"source_name ": "CSV "
},
"source_name ": "smoke ",
"source_type ": "CSV ",
"tid ": " "
},
{
"source_info": {
"source_name": "IPtoHost",
"id": "8ae49468e5596c0a6ee2bcf8152e1cfb"
},
"plugin_info": {
"event_field_name": "event_field1",
"host_field_name": "hostField1",
"source_name": "new_del"
},
"source_name": "new_del",
"plugin_version": "3.0.0.7",
"plugin_type": "enrichmentscript",
"actions": {
"search": false,
"detail": false,
"delete": true
},
"source_type": "IPtoHost",
"reason": "",
"result": "Updated",
"tid": "",
"last_updated": 1516781073,
"_id": "5a683d9bbcd4eb3793c62c63",
"active": true,
"delete_status": ""
}
]
Updates the enrichment source list.
POST
https://api-server-host-name/configapi/{pool_UUID}/{logpoint_identifier}/EnrichmentSource/refreshlist
Request Example
{
"data": {}
}
Success Response
{
"status": "Success",
"message": "/monitorapi/{pool_UUID}/{logpoint_identifier}/orders/{request_id}"
}