================== API ================== DTonomy provides a REST API web service to achieve full automation. There're 6 categories that process 6 different kind of data objects: * `Alert`_ * `Alert Schema`_ * `User`_ * `Workflow`_ * `Workflow Activity`_ * `Workflow AI Assistance`_ ######################## Authorization ######################## * First you need to set up authorization in http request by adding an Access Key to the header "Authorization". To find out the Access Key for your DTonomy instance, you need to log into the website, navigate to Settings => Profile, then click on the third tab of "ACCESS KEY": .. image:: /picture/api/access-key.png :width: 600pt You can copy either the primary or the secondary key. * Second you need to append the target tenant ID as a parameter at the end of request URL always, such as "?tenantId=*" To find out the target tenant's ID, you need to log into the website, navigate to Settings => Profile, then check the first tab of "USER PROFILE": .. image:: /picture/api/tenant-id.png :width: 600pt ######################## Alert ######################## ----------------------- Post an Alert (Legacy) ----------------------- * URL: /api/agent/v1/event-data * Method: POST * Payload: Event object ------------------- Post an Alert ------------------- * URL: /api/agent/v1/event-data/postevents2 * Method: POST * Payload: Event object ------------------- Get Alerts ------------------- * URL: /api/agent/v1/event-data/ * Method: GET -------------------------- Update an Existing Alert -------------------------- * URL: /api/agent/v1/event-data/ * Method: PUT ----------------------- Get Alerts by Filter ----------------------- * URL: /api/agent/v1/event-data/getEventFilterKey * Method: GET ------------------- Delete an Alert ------------------- * URL: /api/agent/v1/event-data/deleteEvent * Method: POST * Payload: Event object ------------------- Get Alerts' Count ------------------- * URL: /api/agent/v1/event-data/count * Method: GET ----------------------- Update an Alert List ----------------------- * URL: /api/agent/v1/event-data/updateEventList * Method: POST -------------------------------- Build Artificial Intelligence -------------------------------- * URL: /api/agent/v1/event-data/buildIntelligence * Method: POST ------------------- Post a Comment ------------------- * URL: /api/agent/v1/event-data/comment * Method: POST ------------------ Get Comments ------------------ * URL: /api/agent/v1/event-data/comment * Method: GET ------------------ Create a Task ------------------ * URL: /api/agent/v1/event-data/task * Method: POST ------------------------------- Create a Task from a Workflow ------------------------------- * URL: /api/agent/v1/event-data/task2 * Method: POST ------------------ Get Tasks ------------------ * URL: /api/agent/v1/event-data/task * Method: GET ------------------- Update a Task ------------------- * URL: /api/agent/v1/event-data/task * Method: PUT ------------------- Get a Pattern ------------------- * URL: /api/agent/v1/event-data/:patternId * Method: GET ------------------- Get Similar Alerts ------------------- * URL: /api/agent/v1/event-data/similar * Method: POST ######################## Alert Schema ######################## ------------------- Get Alert Schemas ------------------- * URL: /api/agent/v1/event-data-schema * Method: GET ------------------------- Create an Alert Schema ------------------------- * URL: /api/agent/v1/event-data-schema * Method: POST --------------------------- Get an Alert Schema by ID --------------------------- * URL: /api/agent/v1/event-data-schema/:id * Method: GET ------------------------- Update an Alert Schema ------------------------- * URL: /api/agent/v1/event-data-schema/:id * Method: PUT ------------------------------ Get an Alert Schema by Name ------------------------------ * URL: /api/agent/v1/event-data-schema/:schemaName * Method: GET ######################## User ######################## ------------------ Get Users ------------------ * URL: /api/agent/v1/user * Method: GET ------------------ Get Current User ------------------ * URL: /api/agent/v1/user/current * Method: GET ------------------ Get Tenants ------------------ * URL: /api/agent/v1/user/tenants * Method: GET ------------------ Get User Names ------------------ * URL: /api/agent/v1/user/names * Method: GET ------------------ Create a User ------------------ * URL: /api/agent/v1/user * Method: POST ------------------ Update a User ------------------ * URL: /api/agent/v1/user * Method: PUT ------------------ Delete a User ------------------ * URL: /api/agent/v1/user/:id * Method: DELETE ######################## Workflow ######################## ------------------ Get a Workflow ------------------ * URL: /api/agent/v1/workflow * Method: GET ------------------ Get Workflows ------------------ * URL: /api/agent/v1/workflow/flows * Method: GET ------------------ Post Workflows ------------------ * URL: /api/agent/v1/workflow/flows * Method: POST ----------------------- Get Nodes by Category ----------------------- * URL: /api/agent/v1/workflow/nodes * Method: GET ######################## Workflow Activity ######################## ---------------------------- Create a Workflow Activity ---------------------------- * URL: /api/agent/v1/workflow-activity * Method: POST -------------------------- Get Workflow Activities -------------------------- * URL: /api/agent/v1/workflow-activity/:keyword? * Method: GET ######################## Workflow AI Assistance ######################## ---------------------------- Get Workflow AI Assistance ---------------------------- * URL: /api/agent/v1/workflow-ai-assistance * Method: GET ######################## Artifact ######################## ---------------------------- Add an Artifact ---------------------------- * URL: /api/agent/v1/artifact/addArtifact * Method: POST * Payload: Artifact object ---------------------------- Get the list of Artifacts ---------------------------- * URL: /api/agent/v1/artifact * Method: GET ---------------------------- Find Artifacts by Name & Value ---------------------------- * URL: /api/agent/v1/artifact/findArtifactByNameValue * Method: POST * Payload: the search query such as: { "name": "email", "value": "abc@xyz.com" } ---------------------------- Find Artifacts by Name ---------------------------- * URL: /api/agent/v1/artifact/findArtifactByName * Method: POST * Payload: the search query such as: { "name": "email" } ---------------------------- Find Artifacts by Name and Detection Type ---------------------------- * URL: /api/agent/v1/artifact/findArtifactByNameWithDetection * Method: POST * Payload: the search query such as: { "name": "email", "detectionType": "malicious" } ---------------------------- Delete an Artifact ---------------------------- * URL: /api/agent/v1/artifact/delete/{{the artifact id to delete}} * Method: GET