Detect and Respond Detection Categories

List Detection Categories

get

Returns an array of Detection Categories.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Responses

200

List of Requested Detection Categories

application/json

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

get

/api/v1/rule-engine/categories

GET /api/v1/rule-engine/categories HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "meta": {
    "code": 200,
    "count": 1
  },
  "data": [
    {
      "description": "T1041 Exfiltration Over C2 Channel",
      "name": "t1041",
      "system": false,
      "systemdefault": false
    }
  ]
}

Delete All Custom Detection Categories

delete

Deletes all custom detection categories.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Responses

204

An empty array

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

delete

/api/v1/rule-engine/categories

DELETE /api/v1/rule-engine/categories HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

Fetch Detection Category

get

Fetches a specific detection category from the NAME supplied in the path.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

namestringRequired

The NAME of the detection category to be returned.

Responses

200

Requested Detection Category

application/json

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

get

/api/v1/rule-engine/category/{name}

GET /api/v1/rule-engine/category/{name} HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "meta": {
    "code": 200,
    "count": 1
  },
  "data": {
    "description": "T1041 Exfiltration Over C2 Channel",
    "name": "t1041",
    "system": false,
    "systemdefault": false
  }
}

Create or Update Detection Category

put

Create or update a detection category given the provided object.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

namestringRequired

The NAME of the detection category to be created or updeted.

Body

Detection Category Create or Update Config

descriptionstringOptional

Detection category description

Example: T1041 Exfiltration Over C2 Channel

Responses

200

Requested Detection Category

application/json

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

put

/api/v1/rule-engine/category/{name}

PUT /api/v1/rule-engine/category/{name} HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 52

{
  "description": "T1041 Exfiltration Over C2 Channel"
}

{
  "meta": {
    "code": 200,
    "count": 1
  },
  "data": {
    "description": "T1041 Exfiltration Over C2 Channel",
    "name": "t1041",
    "system": false,
    "systemdefault": false
  }
}

Delete Detection Model

delete

Deletes a detection model

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

namestringRequired

The NAME of the detection category to be deleted.

Responses

204

An empty array

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

delete

/api/v1/rule-engine/category/{name}

DELETE /api/v1/rule-engine/category/{name} HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

PreviousConfiguration NextDetect and Respond Traffic Detection Models

Last updated 8 hours ago

Good evening

List Detection Categories

Delete All Custom Detection Categories

Fetch Detection Category

Create or Update Detection Category

Delete Detection Model