Sensor Type/Application#

A Sensor Type/Application describes the software category/manufacturer to which the Sensor belongs i.e:

  • Snort (none)

  • SiteProtector Proventia 3.2 (none)

  • Checkpoint FW-1 (log)

  • Generic (log)

  • SiteProtector Proventia 4.3 (none)

  • SiteProtector Proventia X (none)

  • SiteProtector Proventia 4.6 (none)

  • Microsoft Windows DNS (log)

  • Netscape Enterprise Server (log)

  • Microsoft Windows DHCP (log)

  • Estmon (none)

  • Trend Micro Interscan VirusWall (log)

  • EnVision (none)

  • Internet Information Server (log)

  • Apache HTTP Server (log)

  • Microsoft Exchange Server (log)

  • FrontPage Server Extensions (log)

  • Cisco ISE (log)

  • McAfee Endpoint Security (log)

  • Symantec Endpoint Protection (log)

  • ISS Server Sensor (none)

  • BlueCoat ProxySG (log)

  • Finjan (log)

  • IronPort (log)

  • ArcSight Logger (log)

  • ArcSight Connector (log)

  • Cisco (log)

  • ArcSight ESM (log)

  • test (infrastructure)

  • Microsoft Windows (log)

  • SourceFire (none)

  • FireEye (log)

  • Suricata (none)

  • Microsoft Azure (log)

  • Bind DNS (log)

  • MSN messenger (log)

  • Websphere Application Server (log)

  • Internet Explorer (log)

  • F5 big-ip (log)

  • OpenSSH (log)

  • Sendmail (log)

  • Postfix (log)

  • Trend (log)

  • –Ikke relevant– (none)

  • –Andre– (none)

  • Tipping Point UnityOne (none)

  • WebSense (log)

  • Citrix Netscaler (log)

  • Microsoft IIS (log)

  • Passive DNS Sensor (none)

  • Argus Sample Carver (none)

  • SiteProtector Proventia XGS (none)

  • Agent Canary (none)

  • Fortigate Firewall (log)

Create a Sensor Type/Application#

To create a Sensor Type/Application POST a SensorTypeAddRequest to the base url:

curl -X POST "https://api.mnemonic.no/sensors/v1/type" -H "accept: application/json" -H "Content-Type: application/json" -H "Argus-API-Key: my/api/key" 
-d '{
    "shortName": "st1",
    "name": "sensorType1",
    "url": "www.sensortype.no",
    "expectedSensorUpdateTime": 1,
    "department": "none"
}'

For the request to be successful:

  • The user must have the registerApplication permission, a role that grants it, or belong to a group with said permission

  • The short name must be unique

Note

Deleting Sensor Types/Applications

There currently is no endpoint for deleting Sensor Types/Application so be careful when creating a new one

Get all Sensor Types/Applications#

To list all Sensor Type/Application submit a GET request to the base URL:

curl -X GET "https://api.mnemonic.no/sensors/type" -H "Argus-API-Key: my/api/key"

For the request to be successful

  • The user must have the viewApplications permission, a role that grants it, or belong to a group with said permission

Get a Sensor Type/Application#

To GET a Sensor Type/Application append its ID or shortname to the base URL:

curl -X GET "https://api.mnemonic.no/sensors/type/{idOrShortname}/interface/{idOrName}" -H "Argus-API-Key: my/api/key"

For the request to be successful

  • The user must have the viewApplications permission, a role that grants it, or belong to a group with said permission

  • The short name must be unique

Update a Sensor Type/Application#

To update a Sensor Type/Application PUT a SensorTypeUpdateRequest to its path:

curl -X PUT "https://api.mnemonic.no/sensors/v1/type/{idOrShortname}" -H "accept: application/json" -H "Content-Type: application/json" -H "Argus-API-Key: my/api/key" 
-d '{
    "shortName": "newst1",
    "name": "newSensorType1",
    "url": "www.newsensortype.no",
    "expectedSensorUpdateTime": 2,
    "department": "none"
}'

For the request to be successful:

  • The user must have the updateApplication permission, a role that grants it, or belong to a group with said permission

  • The Type/Application must exist

  • The request must be valid

    • Any new short name must be unique