Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

GET /siem/source_addresses/{source_address_id}

 

Retrieve an offense source address.

Retrieve an offense source address.

Table 1: GET /siem/source_addresses/{source_address_id} Resource Details

MIME Type

application/json

Table 2: GET /siem/source_addresses/{source_address_id} Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

source_

address_id

path

Required

Number (Integer)

text/plain

Required - The ID of the source address to retrieve.

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 3: GET /siem/source_addresses/{source_address_id} Response Codes

HTTP Response Code

Unique Code

Description

200

 

The source address was retrieved.

404

1002

No source address was found for the provided source_address_id.

422

1005

A request parameter is not valid.

500

1020

An error occurred while the source address was being retrieved.

Response Description

A source address object. A source address object contains the following fields:

  • id - Number - The ID of the source.

  • source_ip - String - The IP address.

  • magnitude - Number - The magnitude of the source address.

  • network - String - The network of the source address.

  • offense_ids - Array of Numbers - List of offense IDs the source is part of.

  • local_destination_address_ids - Array of Numbers - List of local destination address IDs associated with the source address.

  • event_flow_count - Number - The number of events and flows that are associated with the source.

  • first_event_flow_seen - Number - The number of milliseconds since epoch when the first event or flow was seen.

  • last_event_flow_seen - Number - The number of milliseconds since epoch when the last event or flow was seen.

  • domain_id - Number - The ID of associated domain.

Response Sample