Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Health Data Endpoints

 

Use the references for REST API V9.0 Health Data endpoints.

GET /health_data/security_data_count

Retrieves count of security artifacts in JSA

Table 1: GET /health_data/security_data_count Resource Details

MIME Type

application/json

Table 2: GET /health_data/security_data_count Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 3: GET /health_data/security_data_count Response Codes

HTTP Response Code

Unique Code

Description

200

 

The security count were retrieved.

403

1009

Access Forbidden for Non Admin users.

422

1005

Unprocessable Entity. Invalid field parameter.

Response Description

An array of SecurityDataCount objects. A SecurityDataCount object contains the following fields:

  • assets - Int - The number of assets in the system.

  • offenses - Int - The number of offenses in the system.

  • rules - Int - The number of rules in the system.

  • log_sources - Int - The number of log sources in the system.

  • vulnerabilities - Int - The number of vulnerabilities in the system.

Response Sample

{ "assets": 42, "log_sources": 42, "offenses": 42, "rules": 42, "vulnerabilities": 42 }

GET /health_data/top_offenses

Retrieves Top Offenses in the system sorted by update count.

Table 4: GET /health_data/top_offenses Resource Details

MIME Type

application/json

Table 5: GET /health_data/top_offenses Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

Table 6: GET /health_data/top_offenses Response Codes

HTTP Response Code

Unique Code

Description

200

 

The Top Offenses were retrieved.

403

1009

Access Forbidden for Non Admin users.

422

1005

Unprocessable Entity. Invalid field, filter or Range parameter.

Response Description

An array of TopOffenseData objects. A TopOffenseData object contains the following fields:

  • offense_name - String - The offense name.

  • offense_id - Int - The offense id.

  • count - Long - The update count of an offense.

Response Sample

[ { "count": 42, "offense_id": 42, "offense_name": "String" } ]

GET /health_data/top_rules

Retrieves Top Rules in the system sorted by response count.

Table 7: GET /health_data/top_rules Resource Details

MIME Type

application/json

Table 8: GET /health_data/top_rules Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

Table 9: GET /health_data/top_rules Response Codes

HTTP Response Code

Unique Code

Description

200

 

The Top Rules were retrieved.

403

1009

Access Forbidden for Non Admin users.

422

1005

Unprocessable Entity. Invalid field, filter or Range parameter.

Response Description

An array of TopRuleData objects. A TopRuleData object contains the following fields:

  • rule_name - String - The rule name.

  • rule_id - Int - The rule id.

  • count - Long - The response count of the rule.

Response Sample

[ { "count": 42, "rule_id": 42, "rule_name": "String" } ]