ueba management

Download Spec

get /connection-manager/api/v1/ueba/configure

Get Ueba configurations

Authorization

string

required

OAuth2 token

Default
"Bearer a-proper-token-goes-here"

Response

ExamplesSchema

Configuration file for UEBA install script

{
  "address": "string",
  "trust_anchors": "string"
}

post /connection-manager/api/v1/ueba/configure

Set Ueba configurations

address

string

trust_anchors

string

trust anchors for privx to trust customer created ueba server cert

Request

{
  "address": "string",
  "trust_anchors": "string"
}

Response

ExamplesSchema

Successfully set given Ueba configurations

Empty response

get /connection-manager/api/v1/ueba/anomaly-settings

Anomaly settings

Authorization

string

required

OAuth2 token

Default
"Bearer a-proper-token-goes-here"

Response

ExamplesSchema

Returns anomaly settings

{
  "action": "BLOCK",
  "threshold": 123.0
}

post /connection-manager/api/v1/ueba/anomaly-settings

Anomaly settings

action

string

required

Enum
  • BLOCK
  • AUDIT

threshold

number

required

float between 0.0-1.0. Loose - Strict

Request

{
  "action": "BLOCK",
  "threshold": 123.0
}

Response

ExamplesSchema

Anomaly settings saved

Empty response

post /connection-manager/api/v1/ueba/start-analyzing/{dataset_id}

Start analyzing connections with a saved dataset. Fails if training not done, has not finished or failed.

dataset_id

string

uuid

required

dataset_id to run

Response

ExamplesSchema

successful response

Empty response

post /connection-manager/api/v1/ueba/stop-analyzing

Stop analyzing connection anomalies

Authorization

string

required

OAuth2 token

Default
"Bearer a-proper-token-goes-here"

Response

ExamplesSchema

anomaly analysis stopped

Empty response

Was this page helpful?