ESET Online Help

Search
Select the category
Select the topic

Incident Management

In Incident Management, there are two versions of API calls: v1 and v2. You can see the version number in the API call URL.

v1 API calls are implemented for both ESET PROTECT and ESET Inspect products.

v2 API calls are implemented for ESET Inspect except for the GET /v2/detections call, which is specifically implemented for ESET Cloud Office Security.

If you have an ESET PROTECT instance only, you can use:

GET /v1/detections call that returns a list of detections.

GET /v1/detections/{detectionUuid} call that returns detailed information about the specified detection.

If you have an ESET Inspect instance, you can use all Incident Management API calls with the exception of GET /v2/detections:

Detections API calls enable you to get all detections, get details about a specific detection and resolve detections.

DetectionGroups API calls enable you to get groups of detections and their details, search for detection groups matching given criteria and resolve detections in groups.

EdrRules API calls enable you to create and manage Endpoint Detection and Response (EDR) rules.

EdrRuleExclusions API calls enable you to create and manage EDR rules exclusions.

If you have an ESET Cloud Office Security subscription, you can use the GET /v2/detections call to retrieve the list of detections by your ESET Cloud Office Security instance.


note

The GET /v2/detections API call is not available in the Japanese region.

See detailed information about required input fields, parameters and responses for each API call on dedicated pages.

Browse the methods below or in Table of Contents.

Detections

Method

Path

Summary

GET

/v1/detections

Get list of detections

GET

/v1/detections/{detectionUuid}

Get detection

GET

/v2/detections

List detections

GET

/v2/detections/{detectionUuid}

Get detection details

POST

/v2/detections/{detectionUuid}:resolve

Resolve detection

POST

/v2/detections:batchGet

Get batch of detections

DetectionGroups

Method

Path

Summary

GET

/v2/detection-groups

List detection groups

GET

/v2/detection-groups/{detectionGroupUuid}

Get detection group details

POST

/v2/detection-groups/{detectionGroupUuid}:resolve

Resolve all detections in group

POST

/v2/detection-groups:search

Search for detection group

EdrRuleExclusions

Method

Path

Summary

GET

/v2/edr-rule-exclusions

List EDR rule exclusions by criteria

POST

/v2/edr-rule-exclusions

Create [EDR rule exclusion].

GET

/v2/edr-rule-exclusions/{exclusionUuid}

Get details of [EDR rule exclusion]

DELETE

/v2/edr-rule-exclusions/{exclusionUuid}

Delete [EDR rule exclusion]

POST

/v2/edr-rule-exclusions/{exclusionUuid}:updateDefinition

Update definition of [EDR rule exclusion]

EdrRules

Method

Path

Summary

GET

/v2/edr-rules

List EDR rules

POST

/v2/edr-rules

Create an [EDR rule]

GET

/v2/edr-rules/{ruleUuid}

Get [EDR rule] details

DELETE

/v2/edr-rules/{ruleUuid}

Delete [EDR rule]

POST

/v2/edr-rules/{ruleUuid}:disable

Disable [EDR rule]

POST

/v2/edr-rules/{ruleUuid}:enable

Enable [EDR rule]

POST

/v2/edr-rules/{ruleUuid}:updateDefinition

Update [EDR rule] definition