Detect and Respond Detection Categories

List Detection Categories

get

Returns an array of Detection Categories.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Responses

200

List of Requested Detection Categories

application/json

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

get

/api/v1/rule-engine/categories

GET /api/v1/rule-engine/categories HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "meta": {
    "code": 200,
    "count": 1
  },
  "data": [
    {
      "description": "T1041 Exfiltration Over C2 Channel",
      "name": "t1041",
      "system": false,
      "systemdefault": false
    }
  ]
}

Delete All Custom Detection Categories

delete

Deletes all custom detection categories.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Responses

204

An empty array

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

delete

/api/v1/rule-engine/categories

DELETE /api/v1/rule-engine/categories HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

Fetch Detection Category

get

Fetches a specific detection category from the NAME supplied in the path.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

namestringRequired

The NAME of the detection category to be returned.

Responses

200

Requested Detection Category

application/json

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

get

/api/v1/rule-engine/category/{name}

GET /api/v1/rule-engine/category/{name} HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "meta": {
    "code": 200,
    "count": 1
  },
  "data": {
    "description": "T1041 Exfiltration Over C2 Channel",
    "name": "t1041",
    "system": false,
    "systemdefault": false
  }
}

Create or Update Detection Category

put

Create or update a detection category given the provided object.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

namestringRequired

The NAME of the detection category to be created or updeted.

Body

Detection Category Create or Update Config

descriptionstringOptional

Detection category description

Example: T1041 Exfiltration Over C2 Channel

Responses

200

Requested Detection Category

application/json

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

put

/api/v1/rule-engine/category/{name}

PUT /api/v1/rule-engine/category/{name} HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 52

{
  "description": "T1041 Exfiltration Over C2 Channel"
}

{
  "meta": {
    "code": 200,
    "count": 1
  },
  "data": {
    "description": "T1041 Exfiltration Over C2 Channel",
    "name": "t1041",
    "system": false,
    "systemdefault": false
  }
}

Delete Detection Model

delete

Deletes a detection model

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

namestringRequired

The NAME of the detection category to be deleted.

Responses

204

An empty array

400

Bad Request. Typically due to a malformatted JSON body, or parameter values are not validating.

application/json

401

Access token is missing or invalid

application/json

403

Access is forbidden

application/json

default

Unknown Error Occurred

application/json

delete

/api/v1/rule-engine/category/{name}

DELETE /api/v1/rule-engine/category/{name} HTTP/1.1
Host: api.netography.com
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

No content

PreviousConfiguration NextDetect and Respond Traffic Detection Models

Last updated 1 month ago

Good morning

hashtagList Detection Categories

hashtagDelete All Custom Detection Categories

hashtagFetch Detection Category

hashtagCreate or Update Detection Category

hashtagDelete Detection Model

List Detection Categories

Delete All Custom Detection Categories

Fetch Detection Category

Create or Update Detection Category

Delete Detection Model