Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Accessing the Interactive API Documentation Page

Use the interactive API documentation page to access technical details for the RESTful APIs and experiment with making API requests to your server.

The API documentation user interface provides descriptions and the ability to use the following REST API interfaces:

Table 1: REST API Interfaces




Create, update, and remove custom actions for rules.


View event and flow properties, create event and flow searches, and manage searches.


Returns a list of all assets in the model. You can also list all available asset property types and saved searches, and update an asset.


Log out and invalidate the current session.


View and manage tenants, domains, and JSA extensions.


View all high and low-level categories, QRadar Identifier (QID) records, and event mappings. You can also create or edit QID records and mappings.


Install and manage applications that are created by using the GUI Application Framework Software Development Kit.


Returns a list of API capabilities.


Manage QRM saved search groups, question groups, simulation groups, topology saved search groups, and model groups.


Retrieves assets, vulnerabilities, networks, open services, networks, and filters. You can also create or update remediation tickets.


View and manage reference data collections.


View, create, or start a remote scan that is related to a scan profile.


Perform tasks such as WHOIS lookups, port scan lookups, DNS lookups, and DIG lookups. You can also retrieve geolocation data for an IP or set of IP addresses.


View, update, and close offenses. You can also add notes and manage offense closing reasons.


Manage server hosts, network interfaces, and firewall rules.

  1. To access the interactive API documentation interface, enter the following URL in your web browser: https://ConsoleIPaddress/api_doc/.
  2. Select the API version that you want to use from the list.
  3. Go to the endpoint that you want to access.
  4. Read the endpoint documentation and complete the request parameters.
  5. Click Try it out to send the API request to your console and receive a properly formatted HTTPS response.

    When you click Try it out, the action is performed on the JSA system. Not all actions can be reversed, for example, you cannot reopen an offense after you close it.

  6. Review and gather the information that you need to integrate with JSA.