![]() ![]() Other endpoints support migrating the Company whitelist to a Safelist library, retrieve a Safelist library by its GUID, parse terms from a chunk of text, and get the list of summaries for the Safelist libraries for your organization.Įndpoints to search for Indicators and update tags.Įndpoints to get observables in a submission, search for observables, and remove or add tags to an observable.Įndpoints for submissions (Intelligence Sources, Events, or Indicators) that you can use to get status, search, redact text, or alter tags.Įndpoints to create, update, upsert, find, or delete Events.Įndpoints to create, update, upsert, find, or delete Indicators.Įndpoints to create, update, upsert, find, or delete Intelligence.Įndpoints that support Intel Workflow functionality. Adds a new application binary for a specific OS to an internal BlackBerry Dynamics application entitlement and update any application assignments to the new. Gets a list of Enclaves that the user has permissions to access.Įndpoints to create a new Safelist library, add or delete entries, and delete a Safelist library. The API provides endpoints for these functional areas of the Splunk Intelligence Management platform:Įndpoints for Authentication (API Key and API Secret). For example, you routinely update multiple custom configuration files based on user input. See Splunk Intelligence Management Python SDK to interact with the Splunk Intelligence Management Rest API from within any Python program. Use the Extensible Administration Interface (EAI) for custom REST endpoints to extend the Splunk Enterprise REST API to manage your apps custom configuration files.Some endpoints can be used for any Submission, while other endpoints are specific to one type of Submission, for example, Submission Event endpoints. This version of the App enforces Python 3 for execution of the modular input script when running on Splunk 8+ in order to satisfy Splunkbase AppInspect requirements. The Python code in this App is dual 2.7/3 compatible. Introduces the term Submission to cover Intelligence Sources, Events, and Indicators. It allows the use of basic REST calls to the custom API and support scripts in. REST API Modular Input This is a Splunk Modular Input for polling data from REST APIs and indexing the responses. ![]() Version 2.0 introduces some changes from previous versions of the Splunk Intelligence Management REST API: Splunk Enterprise Rest API allow users to access every functionality available for the core system of the software and Splunk Web which also use the API. All API access is over HTTPS, and all data is transmitted securely in JSON format. The Splunk Intelligence Management REST API enables you to easily synchronize report information available in Splunk Intelligence Management with the monitoring tools and analysis workflows you use in your infrastructure. ![]()
0 Comments
Leave a Reply. |