Argus API Documentation#


Are you a first time Argus API user? Or maybe just want to understand more of the general concepts of our APIs?

The General integration guide provides an overview of the structure and functionality of the Argus REST API.
Please read this if you are a first time user, or if you are wondering about how to use general features like search subcriteria, include/exclude flags or search strategies.

For integration with specific service modules, please see the relevant module documentation, which also contains the detailed API documentation for each REST endpoint.

Service modules#

Each service module will have its own page with API documentation and integration guides. Not all documentation is prepared right now, but we are working on it!

If you need more documentation on some specific services, or have questions to the use of our APIs, please feel free to contact us !



API Documentation

Integration Guide

Alarm Service

The Alarm service provides information about the alarm description and alarm categories used in Argus security events.

API documentation

Alarm Integration Guide

Asset Service

The Assets service provides access to the customer asset database, for querying and updating customer assets such as hosts, services and business processes.

The asset database documents applications and vulnerabilities, and provides advanced querying and statistics tools.

API documentation

Asset Integration Guide

Authentication Service

The Authentication service provides API for authenticating a user, as well as API for querying and setting authentication settings.

The API also contains operations for impersonation and constraining the current session.

API documentation

Authentication Integration Guide

Case Service

The Case service provides API for querying, creating and updating entries in the Argus case system.

API documentation

Case Integration Guide

Customer Service

The Customer service provides API for querying or updating existing customer definitions, or creating new customers.

API documentation

Customer Integration Guide

Customer Contacts

The Customer service provides API for querying or updating existing customer contact definitions, or creating new customer contacts.

API documentation

Customer Contacts Integration Guide

Customer Network Service

The Customer Network service manages network information for customer networks, used for analysis and documentation of customer networks.

API documentation

Customer Networks Integration Guide

Component Management Service

The Component Management service manages runtime for distributed components, used for system management and monitoring.

API documentation

Component Administration Integration Guide

Configuration Management Service

The Configuration Management service manages configuration for distributed components, used for system provisioning.

API documentation

Configuration Administration Integration Guide

DataStore Service

The Argus DataStore is a general store for key/value based data, used for simple data distribution.

These datastores can also be distributed to the Argus sensor environment, giving the analysis engines a simple key/value store to use during analysis.

The stores are customer oriented and named, ensuring granular control of the data.

The DataStore service provides methods for querying metadata and entries in the Argus DataStore.

API documentation

DataStore Integration Guide

Document Service

The Document service provides methods for traversing the document folder tree, fetching and updating documents.

API documentation

Document Integration Guide

Event Filter Service

The EventFilter service provides methods for querying, fetching and updating the event filters used in the Argus sensor environment.

API documentation

EventFilter integration guide

Event Service

The Event service provides methods for querying and fetching events, event statistics and event payload.

The service also provides methods for commenting and event assessment.

API documentation

Event Integration Guide

Metric Service

The Metric service provides methods for creating and retrieving metric descriptors, and submission of associated recorded metric data.

API documentation

Metric Integration Guide

Notification Service

The Notification service handles user notifications by email, SMS and app.

The service provides endpoints for registering mobile devices, and to manage user notification settings.

API documentation

Notification Integration Guide

Passive DNS Service

The Passive DNS Service provides access to the domain/IP database based on passive DNS sensors. For external users, see our simplified integration guide for querying public PassiveDNS data.

API documentation

PassiveDNS Integration Guide

Reputation Services

The Reputation service provides methods for querying and updating reputation sources and reputation overrides, and for querying for calculated reputation values for domains and IPs.

API documentation

Reputation Integration Guide

Sample Service

The sample service is a database used for storing and retrieving sample files that may or may not be malicious.

API documentation

Sample Integration Guide

Sensor Service

The Sensor service provides methods for querying and updating sensors and defining new sensors.

The service also provides status information for each sensor.

API documentation

Sensor Integration Guide

User Service

The User service provides methods for querying users and groups, and for user administration.

API documentation

User Integration Guide