Health Data Endpoints
Use the references for REST API V9.0 Health Data endpoints.
GET /health_data/security_data_count
Retrieves count of security artifacts in JSA
Table 1: GET /health_data/security_data_count Resource Details
MIME Type |
|---|
application/json |
Table 2: GET /health_data/security_data_count Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
fields | query | Optional | String | text/plain | Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
Table 3: GET /health_data/security_data_count Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
200 | The security count were retrieved. | |
403 | 1009 | Access Forbidden for Non Admin users. |
422 | 1005 | Unprocessable Entity. Invalid field parameter. |
Response Description
An array of SecurityDataCount objects. A SecurityDataCount object contains the following fields:
assets - Int - The number of assets in the system.
offenses - Int - The number of offenses in the system.
rules - Int - The number of rules in the system.
log_sources - Int - The number of log sources in the system.
vulnerabilities - Int - The number of vulnerabilities in the system.
Response Sample
{ "assets": 42, "log_sources": 42, "offenses": 42, "rules": 42, "vulnerabilities": 42 }
GET /health_data/top_offenses
Retrieves Top Offenses in the system sorted by update count.
Table 4: GET /health_data/top_offenses Resource Details
MIME Type |
|---|
application/json |
Table 5: GET /health_data/top_offenses Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
fields | query | Optional | String | text/plain | Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
Range | header | Optional | String | text/plain | Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero. |
filter | query | Optional | String | text/plain | Optional - This parameter is used to restrict the elements in a list base on the contents of various fields. |
Table 6: GET /health_data/top_offenses Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
200 | The Top Offenses were retrieved. | |
403 | 1009 | Access Forbidden for Non Admin users. |
422 | 1005 | Unprocessable Entity. Invalid field, filter or Range parameter. |
Response Description
An array of TopOffenseData objects. A TopOffenseData object contains the following fields:
offense_name - String - The offense name.
offense_id - Int - The offense id.
count - Long - The update count of an offense.
Response Sample
[ { "count": 42, "offense_id": 42, "offense_name": "String" } ]
GET /health_data/top_rules
Retrieves Top Rules in the system sorted by response count.
Table 7: GET /health_data/top_rules Resource Details
MIME Type |
|---|
application/json |
Table 8: GET /health_data/top_rules Request Parameter Details
Parameter | Type | Optionality | Data Type | MIME Type | Description |
|---|---|---|---|---|---|
fields | query | Optional | String | text/plain | Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
Range | header | Optional | String | text/plain | Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero. |
filter | query | Optional | String | text/plain | Optional - This parameter is used to restrict the elements in a list base on the contents of various fields. |
Table 9: GET /health_data/top_rules Response Codes
HTTP Response Code | Unique Code | Description |
|---|---|---|
200 | The Top Rules were retrieved. | |
403 | 1009 | Access Forbidden for Non Admin users. |
422 | 1005 | Unprocessable Entity. Invalid field, filter or Range parameter. |
Response Description
An array of TopRuleData objects. A TopRuleData object contains the following fields:
rule_name - String - The rule name.
rule_id - Int - The rule id.
count - Long - The response count of the rule.
Response Sample
[ { "count": 42, "rule_id": 42, "rule_name": "String" } ]