Argus API Documentation#
Tip
Are you a first time Argus API user? Or maybe just want to understand more of the general concepts of our APIs?
The General integration guide provides an
overview of the structure and functionality of the Argus REST API.
Please read this if you are a first time user, or if you are wondering
about how to use general features like search subcriteria,
include/exclude flags or search strategies.
For integration with specific service modules, please see the relevant module documentation, which also contains the detailed API documentation for each REST endpoint.
Service modules#
Each service module will have its own page with API documentation and integration guides. Not all documentation is prepared right now, but we are working on it!
If you need more documentation on some specific services, or have questions to the use of our APIs, please feel free to contact us !
Service |
Description |
API Documentation |
Integration Guide |
---|---|---|---|
Alarm Service |
The Alarm service provides information about the alarm description and alarm categories used in Argus security events. |
||
Asset Service |
The Assets service provides access to the customer asset database, for querying and updating customer assets such as hosts, services and business processes. The asset database documents applications and vulnerabilities, and provides advanced querying and statistics tools. |
||
Authentication Service |
The Authentication service provides API for authenticating a user, as well as API for querying and setting authentication settings. The API also contains operations for impersonation and constraining the current session. |
||
Case Service |
The Case service provides API for querying, creating and updating entries in the Argus case system. |
||
Customer Service |
The Customer service provides API for querying or updating existing customer definitions, or creating new customers. |
||
Customer Contacts |
The Customer service provides API for querying or updating existing customer contact definitions, or creating new customer contacts. |
||
Customer Network Service |
The Customer Network service manages network information for customer networks, used for analysis and documentation of customer networks. |
||
Component Management Service |
The Component Management service manages runtime for distributed components, used for system management and monitoring. |
||
Configuration Management Service |
The Configuration Management service manages configuration for distributed components, used for system provisioning. |
||
DataStore Service |
The Argus DataStore is a general store for key/value based data, used for simple data distribution. These datastores can also be distributed to the Argus sensor environment, giving the analysis engines a simple key/value store to use during analysis. The stores are customer oriented and named, ensuring granular control of the data. The DataStore service provides methods for querying metadata and entries in the Argus DataStore. |
||
Document Service |
The Document service provides methods for traversing the document folder tree, fetching and updating documents. |
||
Event Filter Service |
The EventFilter service provides methods for querying, fetching and updating the event filters used in the Argus sensor environment. |
||
Event Service |
The Event service provides methods for querying and fetching events, event statistics and event payload. The service also provides methods for commenting and event assessment. |
||
Metric Service |
The Metric service provides methods for creating and retrieving metric descriptors, and submission of associated recorded metric data. |
||
Notification Service |
The Notification service handles user notifications by email, SMS and app. The service provides endpoints for registering mobile devices, and to manage user notification settings. |
||
Passive DNS Service |
The Passive DNS Service provides access to the domain/IP database based on passive DNS sensors. For external users, see our simplified integration guide for querying public PassiveDNS data. |
||
Reputation Services |
The Reputation service provides methods for querying and updating reputation sources and reputation overrides, and for querying for calculated reputation values for domains and IPs. |
||
Sample Service |
The sample service is a database used for storing and retrieving sample files that may or may not be malicious. |
||
Sensor Service |
The Sensor service provides methods for querying and updating sensors and defining new sensors. The service also provides status information for each sensor. |
||
User Service |
The User service provides methods for querying users and groups, and for user administration. |