Incident Management

In Incident Management, there are two versions of API calls: v1 and v2. You can see the version number in the API call URL.

•v1 API calls are implemented for both ESET PROTECT and ESET Inspect products.

•v2 API calls are implemented for ESET Inspect except for the GET /v2/detections call, which is specifically implemented for ESET Cloud Office Security.

If you have an ESET PROTECT instance only, you can use:

•GET /v1/detections call that returns a list of detections.

•GET /v1/detections/{detectionUuid} call that returns detailed information about the specified detection.

If you have an ESET Inspect instance, you can use all Incident Management API calls with the exception of GET /v2/detections:

•Detections API calls enable you to get all detections, get details about a specific detection and resolve detections.

•DetectionGroups API calls enable you to get groups of detections and their details, search for detection groups matching given criteria and resolve detections in groups.

•EdrRules API calls enable you to create and manage Endpoint Detection and Response (EDR) rules.

•EdrRuleExclusions API calls enable you to create and manage EDR rules exclusions.

If you have an ESET Cloud Office Security subscription, you can use the GET /v2/detections call to retrieve the list of detections by your ESET Cloud Office Security instance.

The GET /v2/detections API call is not available in the Japanese region.

See detailed information about required input fields, parameters and responses for each API call on dedicated pages.

Browse the methods below or in Table of Contents.

Detections

Method	Path	Summary
	/v1/detections	Get list of detections
	/v1/detections/{detectionUuid}	Get detection
	/v2/detections	List detections
	/v2/detections/{detectionUuid}	Get detection details
	/v2/detections/{detectionUuid}:resolve	Resolve detection
	/v2/detections:batchGet	Get batch of detections

DetectionGroups

Method	Path	Summary
	/v2/detection-groups	List detection groups
	/v2/detection-groups/{detectionGroupUuid}	Get detection group details
	/v2/detection-groups/{detectionGroupUuid}:resolve	Resolve all detections in group
	/v2/detection-groups:search	Search for detection group

EdrRuleExclusions

Method	Path	Summary
	/v2/edr-rule-exclusions	List EDR rule exclusions by criteria
	/v2/edr-rule-exclusions	Create [EDR rule exclusion].
	/v2/edr-rule-exclusions/{exclusionUuid}	Get details of [EDR rule exclusion]
	/v2/edr-rule-exclusions/{exclusionUuid}	Delete [EDR rule exclusion]
	/v2/edr-rule-exclusions/{exclusionUuid}:updateDefinition	Update definition of [EDR rule exclusion]

EdrRules

Method	Path	Summary
	/v2/edr-rules	List EDR rules
	/v2/edr-rules	Create an [EDR rule]
	/v2/edr-rules/{ruleUuid}	Get [EDR rule] details
	/v2/edr-rules/{ruleUuid}	Delete [EDR rule]
	/v2/edr-rules/{ruleUuid}:disable	Disable [EDR rule]
	/v2/edr-rules/{ruleUuid}:enable	Enable [EDR rule]
	/v2/edr-rules/{ruleUuid}:updateDefinition	Update [EDR rule] definition

˄˅