I am trying to find API list for SIEM but unable to get it.
I have SOAR Swagger API, but not able to find SIEM. Please let me know if anyone has any idea.
+10Details on the APIs available for the SIEM are here: https://cloud.google.com/chronicle/docs/reference/backstory-api-quotas
If you'd like to see an example of them implemented, I highly recommend the SecOps CLI: https://github.com/chronicle/cli
-mike
+4Adding the urls for the search and ingestion APIs and Chronicle API Samples in Python:
https://cloud.google.com/chronicle/docs/reference/search-api
https://cloud.google.com/chronicle/docs/reference/ingestion-api
https://github.com/chronicle/api-samples-python
Hope this helps.
+2- Bronze 1
Oh also take a look at https://cloud.google.com/chronicle/docs/reference/rest
It has a lot of API calls that are not in the normal ones that the google staff posted! GL!
But especially the payload for some of the rest endpoints does not work cause documentation is NOT correct. Where can the swagger be found, like for the soar api, it might be somewhere hidden?
- Silver 2
But especially the payload for some of the rest endpoints does not work cause documentation is NOT correct. Where can the swagger be found, like for the soar api, it might be somewhere hidden?
Hello
I haven't found swagger till now for SIEM. where as for SOAR its present - https://docs.cloud.google.com/chronicle/docs/soar/reference/working-with-chronicle-soar-apis
I am using SIEM API’s by taking reference from documents mentioned earlier by
and if I want specific to automate, then I use Inspect Element on browser and analyze the payload and headers. use the same to work using JavaScript, etc.
Hi, know that this is available for SOAR, I've noticed the SIEM documentation is still incomplete. I’m happy to debug the source code myself—is the API source code available anywhere for me to review?
Login to the community
Login with SSO
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.