REST API

API is based on JSON format.

Authentication

HTTP request:

PUT api/v1/authenticate

POST api/v1/authenticate

Both commands works same way.

URL query: none

Request body: JSON object with username, password and domain fields

Response Header: X-Security-Token

 

Example:

example

Example

import json

import requests

import warnings

 

warnings.filterwarnings('ignore')

 

EEI_USER = "Administrator" # Use your credentials here

EEI_PASSWORD = "admin123"

EEI_SERVER = 'localhost'

 

response = requests.put(f"https://{EEI_SERVER}/api/v1/authenticate", json.dumps({"username": EEI_USER, "password": EEI_PASSWORD, "domain":False}), verify=False)

if response.status_code == 200:

   session = requests.Session()

   session.headers={"Authorization": f"Bearer {response.headers['X-Security-Token']}"}

   session.verify=False

 

   UNRESOLVED_FILTER = "resolved eq 0"

   response = session.get(f"https://{EEI_SERVER}/api/v1/detections", params={"$count": 1, "$filter": UNRESOLVED_FILTER})

   count = response.json()["count"]

 

   PAGE_SIZE = 100

   for i in range(0, count, PAGE_SIZE):

       response = session.get(f"https://{EEI_SERVER}/api/v1/detections", params ={"$skip": i, "$top": PAGE_SIZE, "$filter": UNRESOLVED_FILTER})

       detections = response.json()["value"]

       for d in detections:

           print(d)