ESET Online Help

Search
Select the category
Select the topic

Incident Management

In Incident Management, there are two versions of API calls: v1 and v2. You can see the version number in the API call URL.

v1 API calls are implemented for both ESET PROTECT and ESET Inspect products.

v2 API calls are implemented for ESET Inspect except for the GET /v2/detections call, which is specifically implemented for ESET Cloud Office Security.

If you have an ESET PROTECT instance only, you can use:

GET /v1/detections call that returns a list of detections.

GET /v1/detections/{detectionUuid} call that returns detailed information about the specified detection.

If you have an ESET Inspect instance, you can use all Incident Management API calls with the exception of GET /v2/detections:

Detections API calls enable you to get all detections, get details about a specific detection and resolve detections.

DetectionGroups API calls enable you to get groups of detections and their details, search for detection groups matching given criteria and resolve detections in groups.

EdrRules API calls enable you to create and manage Endpoint Detection and Response (EDR) rules.

EdrRuleExclusions API calls enable you to create and manage EDR rules exclusions.

If you have an ESET Cloud Office Security subscription, you can use the GET /v2/detections call to retrieve the list of detections by your ESET Cloud Office Security instance.


note

The GET /v2/detections API call is not available in the Japanese region.

See detailed information about required input fields, parameters and responses for each API call on dedicated pages.

Browse the methods below or in Table of Contents.

Detections

Method

Path

Summary

GET

/v1/detections

List detections

GET

/v1/detections/{detectionUuid}

Get detection

GET

/v2/detections

List detections

GET

/v2/detections/{detectionUuid}

Get detection

POST

/v2/detections/{detectionUuid}:resolve

Resolve detection

POST

/v2/detections:batchGet

Batch get detections

DetectionGroups

Method

Path

Summary

GET

/v2/detection-groups

List detection groups

GET

/v2/detection-groups/{detectionGroupUuid}

Get detection group

POST

/v2/detection-groups/{detectionGroupUuid}:resolve

Resolve detection group

POST

/v2/detection-groups:search

Search detection groups

EdrRuleExclusions

Method

Path

Summary

GET

/v2/edr-rule-exclusions

List EDR rule exclusions

POST

/v2/edr-rule-exclusions

Create EDR rule exclusion

GET

/v2/edr-rule-exclusions/{exclusionUuid}

Get EDR rule exclusion

DELETE

/v2/edr-rule-exclusions/{exclusionUuid}

Delete EDR rule exclusion

POST

/v2/edr-rule-exclusions/{exclusionUuid}:updateDefinition

Update EDR rule exclusion definition

EdrRules

Method

Path

Summary

GET

/v2/edr-rules

List EDR rules

POST

/v2/edr-rules

Create EDR rule

GET

/v2/edr-rules/{ruleUuid}

Get EDR rule

DELETE

/v2/edr-rules/{ruleUuid}

Delete EDR rule

POST

/v2/edr-rules/{ruleUuid}:disable

Disable EDR rule

POST

/v2/edr-rules/{ruleUuid}:enable

Enable EDR rule

POST

/v2/edr-rules/{ruleUuid}:updateDefinition

Update EDR rule definition