Director Fabric v1.4.0 or later
Director Console v1.6.0 or later
Logpoint v6.12.2 or later
Threat Intelligence v5.0.0 or later
You can upload StixTaxii to a private storage in the Fabric Storage using the Upload - Upload API.
Endpoint URL:
https://api-server-host-name/configapi/Uploads/{pool_UUID}/
Method:
POST
Header:
FIELD |
DESCRIPTION |
|---|---|
file_name |
Name of the StixTaxii .pak file. |
Content-Type |
Content type of the StixTaxii .pak file. It must be |
Parameters:
FIELD |
TYPE |
DESCRIPTION |
REQUIRED |
|---|---|---|---|
file |
[Object] |
The StixTaxii .pak file to be uploaded. |
Mandatory |
Success Response:
{
"status": "Success",
"message": "StixTaxii_6.2.0.pak successfully uploaded in the private storage. "
}
You can upload StixTaxii to a public storage in the Fabric Storage using the Upload - UploadPublic files API.
Endpoint URL:
https://api-server-host-name/configapi/Uploads/PublicUpload
Method:
POST
Header:
FIELD |
DESCRIPTION |
|---|---|
file_name |
Name of the StixTaxii .pak file. |
Content-Type |
Content type of the StixTaxii .pak file. It must be |
Parameters:
FIELD |
TYPE |
DESCRIPTION |
REQUIRED |
|---|---|---|---|
file |
[Object] |
The StixTaxii .pak file to be uploaded. |
Mandatory |
Success Response:
{
"status": "Success",
"message": "StixTaxii_6.2.0.pak successfully uploaded in the public storage. "
}
You can list the StixTaxii file uploaded in the private storage using the Upload - List API.
Endpoint URL:
https://api-server-host-name/configapi/Uploads/{pool_UUID}/list
Method:
GET
Success Response:
[
"StixTaxii_6.2.0.pak"
]
You can list the StixTaxii file uploaded in the public storage using the Upload - ListPublic API.
Endpoint URL:
https://api-server-host-name/configapi/Uploads/list
Method:
GET
Success Response:
[
"StixTaxii_6.2.0.pak"
]
You can install StixTaxii using the Upload - Install API. You must upload it to the Fabric Storage before the installation.
Endpoint URL:
https://api-server-host-name/configapi/Uploads/{pool_UUID}/{logpoint_identifier}/install
Method:
POST
Parameters:
FIELD |
LABEL IN UI |
TYPE |
DESCRIPTION |
REQUIRED |
|---|---|---|---|---|
application_type |
– |
String |
Type of the application. Must be |
Mandatory |
file_name |
File |
String |
Name of the application file. |
Mandatory |
file_location |
– |
String |
Location of the application file. Can be either |
Mandatory |
Request Example:
{
"data": {
"application_type": "Application",
"file_name": "stixtaxii_6.2.0.pak",
"file_location": "private"
}
}
Success Response:
{
"status": "Success",
"message": "/monitorapi/{pool_UUID}/{logpoint_identifier}/orders/{request_id}"
}
You can uninstall StixTaxii in a Fabric-enabled Logpoint using the Plugins - Uninstall API. You must first remove the StixTaxii configuration to uninstall it.
Endpoint URL:
https://api-server-host-name/configapi/{pool_UUID}/{logpoint_identifier}/Plugins/{id}
Method:
DELETE
Parameters:
FIELD |
TYPE |
DESCRIPTION |
REQUIRED |
|---|---|---|---|
id |
String |
StixTaxii ID. Obtain it using the StixTaxiiEnrichmentSource - List API. |
Mandatory |
Success Response:
{
"status": "Success",
"message": "/monitorapi/{pool_UUID}/{logpoint_identifier}/orders/{request_id}"
}