Sensor Type/Application#
A Sensor Type/Application describes the software category/manufacturer to which the Sensor belongs i.e:
Snort (none)
SiteProtector Proventia 3.2 (none)
Checkpoint FW-1 (log)
Generic (log)
SiteProtector Proventia 4.3 (none)
SiteProtector Proventia X (none)
SiteProtector Proventia 4.6 (none)
Microsoft Windows DNS (log)
Netscape Enterprise Server (log)
Microsoft Windows DHCP (log)
Estmon (none)
Trend Micro Interscan VirusWall (log)
EnVision (none)
Internet Information Server (log)
Apache HTTP Server (log)
Microsoft Exchange Server (log)
FrontPage Server Extensions (log)
Cisco ISE (log)
McAfee Endpoint Security (log)
Symantec Endpoint Protection (log)
ISS Server Sensor (none)
BlueCoat ProxySG (log)
Finjan (log)
IronPort (log)
ArcSight Logger (log)
ArcSight Connector (log)
Cisco (log)
ArcSight ESM (log)
test (infrastructure)
Microsoft Windows (log)
SourceFire (none)
FireEye (log)
Suricata (none)
Microsoft Azure (log)
Bind DNS (log)
MSN messenger (log)
Websphere Application Server (log)
Internet Explorer (log)
F5 big-ip (log)
OpenSSH (log)
Sendmail (log)
Postfix (log)
Trend (log)
–Ikke relevant– (none)
–Andre– (none)
Tipping Point UnityOne (none)
WebSense (log)
Citrix Netscaler (log)
Microsoft IIS (log)
Passive DNS Sensor (none)
Argus Sample Carver (none)
SiteProtector Proventia XGS (none)
Agent Canary (none)
Fortigate Firewall (log)
Create a Sensor Type/Application#
To create a Sensor Type/Application POST
a SensorTypeAddRequest
to the
base url:
curl -X POST "https://api.mnemonic.no/sensors/v1/type" -H "accept: application/json" -H "Content-Type: application/json" -H "Argus-API-Key: my/api/key"
-d '{
"shortName": "st1",
"name": "sensorType1",
"url": "www.sensortype.no",
"expectedSensorUpdateTime": 1,
"department": "none"
}'
For the request to be successful:
The user must have the
registerApplication
permission, a role that grants it, or belong to a group with said permissionThe short name must be unique
Note
Deleting Sensor Types/Applications
There currently is no endpoint for deleting Sensor Types/Application so be careful when creating a new one
Get all Sensor Types/Applications#
To list all Sensor Type/Application submit a GET
request to the base URL:
curl -X GET "https://api.mnemonic.no/sensors/type" -H "Argus-API-Key: my/api/key"
For the request to be successful
The user must have the
viewApplications
permission, a role that grants it, or belong to a group with said permission
Get a Sensor Type/Application#
To GET
a Sensor Type/Application append its ID or shortname to the base
URL:
curl -X GET "https://api.mnemonic.no/sensors/type/{idOrShortname}/interface/{idOrName}" -H "Argus-API-Key: my/api/key"
For the request to be successful
The user must have the
viewApplications
permission, a role that grants it, or belong to a group with said permissionThe short name must be unique
Update a Sensor Type/Application#
To update a Sensor Type/Application PUT
a SensorTypeUpdateRequest
to its
path:
curl -X PUT "https://api.mnemonic.no/sensors/v1/type/{idOrShortname}" -H "accept: application/json" -H "Content-Type: application/json" -H "Argus-API-Key: my/api/key"
-d '{
"shortName": "newst1",
"name": "newSensorType1",
"url": "www.newsensortype.no",
"expectedSensorUpdateTime": 2,
"department": "none"
}'
For the request to be successful:
The user must have the
updateApplication
permission, a role that grants it, or belong to a group with said permissionThe Type/Application must exist
The request must be valid
Any new short name must be unique