Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagebash
curl -X POST -H "Argus-API-Key: $API_KEY_ENV_VAR" -H "Content-Type: application/json" https://api.mnemonic.no/alarms/v1/alarm/search -d '{
  "alarm": [ "1000", "1d105abb-db02-11eb-91d4-005056beea2d" ],
  "keywordFieldStrategy": [ "id", "shortName" ],
  "keywordMatchStrategy": "any"
}'

ResponseThe response returns the same format as listing alarms.

Adding an alarm

Request:

Code Block
collapselanguagetruebash
{
curl  "responseCode": 200,
  "limit": 25,
  "offset": 0,
  "count": 2,
  "metaData": {}-X POST -H "Argus-API-Key: $API_KEY_ENV_VAR" -H "Content-Type: application/json" https://api.mnemonic.no/alarms/v1/alarm -d '{
  "attackCategoryID": 5,
  "messagesshortName" : []"alarmShortName",
  "datadescription" : [
    {
    "alarm description",
  "idinfo" : 1000,
      "shortName": "1d0e64f7-db02-11eb-91d4-005056beea2d",
      "attackCategory": {
        "id": 35,
        "shortName": "6842f63e-db2a-11eb-91d4-005056beea2d",
        ...
      },
      "mappings": [
        {
          "attackIdentifier": "ISSRS-HTTP_Whois",
          "lastUpdatedByUser": null,
          "lastUpdatedTimestamp": 1000,
          "comments": [],
          "mappedTimestamp": 0,
          "firstTriggeredTimestamp": 1620007638173,
          "lastTriggeredTimestamp": 1650613236907,
          "triggerAmount": 3,
          "signature": "ISSRS-HTTP_Whois",
            ...
        }
      ],
      ...
    },
    {
      "id": 2000,
      "shortName": "1d105abb-db02-11eb-91d4-005056beea2d",
      "attackCategory": {
        "id": 35,
        "shortName": "6842f63e-db2a-11eb-91d4-005056beea2d",
        ...
      },
      "mappings": [
        {
          "attackIdentifier": "ISSRS-HTTP_Translate_F_SourceRead",
          "comments": [],
          "mappedTimestamp": 0,
          "firstTriggeredTimestamp": 1500891040906,
          "lastTriggeredTimestamp": 1650613236795,
          "triggerAmount": 796,
          "signature": "ISSRS-HTTP_Translate_F_SourceRead",
           ...
        },
        {
          "attackIdentifier": "NITRO-Microsoft_IIS_Translate_F_Header_Source_Disclosure_Vulnerability",
          "comments": [],
          "mappedTimestamp": 0,
          "firstTriggeredTimestamp": 0,
          "lastTriggeredTimestamp": 1650613244252,
          "triggerAmount": 1,
          "signature": "NITRO-Microsoft_IIS_Translate_F_Header_Source_Disclosure_Vulnerability",
           ...
        }
      ],
      ...
    }
  ],
  "size": 2
}

Adding an alarm

Request:

Code Block
languagebash
curl -X POST -H "Argus-API-Key: $API_KEY_ENV_VAR" -H "Content-Type: application/json" https://api.mnemonic.no/alarms/v1/alarm -d '{
  "attackCategoryID": 5,
  "shortName" : "alarmShortName",
  "description" : "alarm description",
  "info" : "alarm info"
}

Response:

Code Block
collapsetrue
{
  "responseCode": 201,
  "limit": 0,
  "offset": 0,
  "count": 0,
  "metaData": {},
  "messages": [],
  "data": {
    "id": 56960,
    "shortName": "alarmShortName",
    "attackCategory": {
      "id": 5,
      "shortName": "6842e8ef-db2a-11eb-91d4-005056beea2d",
      ...
    },
    "mappings": [],
    "comments": [],
    "references": [],
    "labels": [],
    "info": "alarm info",
    "description": "alarm description",
    "internalReference": null,
    "links": [],
    ....
    "flags": []
  },
  "size": 0
}

Updating an alarm

Request:

Code Block
languagebash
curl -X PUT -H "Argus-API-Key: $API_KEY_ENV_VAR" -H "Content-Type: application/json" https://api.mnemonic.no/alarms/v1/alarm/56960 -d '{
  "info": "updated alarm info",
  "description": "updated alarm description",
  "addLabels": [ "some label" ]
}

Response:

Code Block
collapsetrue
{
  "responseCode": 200,
  "limit": 0,
  "offset": 0,
  "count": 0,
  "metaData": {},
  "messages": [],
  "data": {
    "id": 56960,
    "shortName": "alarmShortName",
    "attackCategory": {
      "id": 5,
      "shortName": "6842e8ef-db2a-11eb-91d4-005056beea2d",
      ...
    },
    "mappings": [],
    "comments": [],
    "references": [],
    "labels": [
      "some label"
    ],
    "info": "updated alarm info",
    "description": "updated alarm description",
    "internalReference": null,
    "links": [],
    ....
    "flags": []
  },
  "size": 0
}

Deleting an alarm

Request:

Code Block
languagebash
curl -X DELETE -H "Argus-API-Key: $API_KEY_ENV_VAR" https://devapi.mnemonic.no/alarms/v1/alarm/56960

Response:

Code Block
collapsetrue
{
  "responseCode": 200,
  "limit": 0,
  "offset": 0,
  "count": 0,
  "metaData": {},
  "messages": [],
  "data": {
    "id": 56960,
    "shortName": "alarmShortName",
    "attackCategory": {
      "id": 5,
      "shortName": "6842e8ef-db2a-11eb-91d4-005056beea2d",
      ...
    },
    "mappings": [],
    "comments": [],
    "references": [],
    "labels": [
      "some label"
    ],
    "info": "updated alarm info",
    "description": "updated alarm description",
    "internalReference": null,
    "links": [],
    ....
    "flags": [
      "DELETED"
    ]
  },
  "size": 0
}"alarm info"
}

The response returns the created alarm.

Updating an alarm

Request:

Code Block
languagebash
curl -X PUT -H "Argus-API-Key: $API_KEY_ENV_VAR" -H "Content-Type: application/json" https://api.mnemonic.no/alarms/v1/alarm/56960 -d '{
  "info": "updated alarm info",
  "description": "updated alarm description",
  "addLabels": [ "some label" ]
}

The response returns the updated alarm.

Deleting an alarm

The response returns the deleted alarm.

Code Block
languagebash
curl -X DELETE -H "Argus-API-Key: $API_KEY_ENV_VAR" https://devapi.mnemonic.no/alarms/v1/alarm/56960


Mapping an alarm to signatures

...