> For the complete documentation index, see [llms.txt](https://docs.panther.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.panther.com/ko/panther/api/rest/data-models.md). # 데이터 모델 ## 개요 다음 API 작업을 사용하여 상호 작용합니다 [데이터 모델](/ko/detections/rules/python/data-models.md) Panther에서. API를 호출하려면 다음을 참조하세요 [Panther REST API 사용 방법](/ko/panther/api/rest.md#how-to-use-the-panther-rest-api) 지침—포함하여 [이 문서 페이지에서 직접 호출하는 방법에 대한 안내](/ko/panther/api/rest.md#step-3-invoke-the-panther-rest-api). ## 필수 권한 * 대상 `GET` 작업을 수행하려면, API 토큰에 다음이 포함되어 있어야 합니다 `로그 소스 보기` 권한. * 대상 `POST`, `PUT`, 그리고 `DELETE` 작업을 수행하려면, API 토큰에 다음이 포함되어 있어야 합니다 `로그 소스 관리` 권한. ## 작업 ## POST /data-models > create data model ```json {"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"data model","description":"The data model api handles all operations for data models"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"DataModelAPI.ModifyDataModel":{"type":"object","properties":{"body":{"type":"string","description":"The python body of the data model"},"description":{"type":"string","description":"The description of the data model"},"displayName":{"type":"string","description":"The name used for the data model"},"enabled":{"type":"boolean","description":"enables/disables a data model"},"id":{"type":"string","description":"The id of the data model"},"logTypes":{"type":"array","items":{"type":"string"},"description":"The log type this data model should associate to. NOTE: only one data model can be assigned to a log type"},"mappings":{"type":"array","items":{"$ref":"#/components/schemas/DataModelAPI.DataModelMapping"}}},"required":["id"]},"DataModelAPI.DataModelMapping":{"type":"object","properties":{"method":{"type":"string","description":"the python function name that should be called"},"name":{"type":"string","description":"the name of the mapping"},"path":{"type":"string","description":"the json path"}},"required":["name"]},"DataModelAPI.DataModel":{"type":"object","properties":{"body":{"type":"string","description":"The python body of the data model"},"createdAt":{"type":"string"},"description":{"type":"string","description":"The description of the data model"},"displayName":{"type":"string","description":"The name used for the data model"},"enabled":{"type":"boolean","description":"enables/disables a data model"},"id":{"type":"string","description":"The id of the data model"},"lastModified":{"type":"string"},"logTypes":{"type":"array","items":{"type":"string"},"description":"The log type this data model should associate to. NOTE: only one data model can be assigned to a log type"},"mappings":{"type":"array","items":{"$ref":"#/components/schemas/DataModelAPI.DataModelMapping"}}}},"DataModelAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"DataModelAPI.ExistsError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/data-models":{"post":{"tags":["data model"],"summary":"create data model","operationId":"data model#create","requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.ModifyDataModel"}}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.DataModel"}}}},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.BadRequestError"}}}},"409":{"description":"exists: Conflict response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.ExistsError"}}}}}}}}} ``` ## GET /data-models/{id} > get data model ```json {"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"data model","description":"The data model api handles all operations for data models"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"DataModelAPI.DataModel":{"type":"object","properties":{"body":{"type":"string","description":"The python body of the data model"},"createdAt":{"type":"string"},"description":{"type":"string","description":"The description of the data model"},"displayName":{"type":"string","description":"The name used for the data model"},"enabled":{"type":"boolean","description":"enables/disables a data model"},"id":{"type":"string","description":"The id of the data model"},"lastModified":{"type":"string"},"logTypes":{"type":"array","items":{"type":"string"},"description":"The log type this data model should associate to. NOTE: only one data model can be assigned to a log type"},"mappings":{"type":"array","items":{"$ref":"#/components/schemas/DataModelAPI.DataModelMapping"}}}},"DataModelAPI.DataModelMapping":{"type":"object","properties":{"method":{"type":"string","description":"the python function name that should be called"},"name":{"type":"string","description":"the name of the mapping"},"path":{"type":"string","description":"the json path"}},"required":["name"]},"DataModelAPI.NotFoundError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/data-models/{id}":{"get":{"tags":["data model"],"summary":"get data model","operationId":"data model#get","parameters":[{"name":"id","in":"path","description":"ID of the data model to fetch","required":true,"schema":{"type":"string","description":"ID of the data model to fetch"}}],"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.DataModel"}}}},"404":{"description":"not_found: Not Found response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.NotFoundError"}}}}}}}}} ``` ## put data model > put creates or updates a data model ```json {"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"data model","description":"The data model api handles all operations for data models"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"DataModelAPI.ModifyDataModel":{"type":"object","properties":{"body":{"type":"string","description":"The python body of the data model"},"description":{"type":"string","description":"The description of the data model"},"displayName":{"type":"string","description":"The name used for the data model"},"enabled":{"type":"boolean","description":"enables/disables a data model"},"id":{"type":"string","description":"The id of the data model"},"logTypes":{"type":"array","items":{"type":"string"},"description":"The log type this data model should associate to. NOTE: only one data model can be assigned to a log type"},"mappings":{"type":"array","items":{"$ref":"#/components/schemas/DataModelAPI.DataModelMapping"}}},"required":["id"]},"DataModelAPI.DataModelMapping":{"type":"object","properties":{"method":{"type":"string","description":"the python function name that should be called"},"name":{"type":"string","description":"the name of the mapping"},"path":{"type":"string","description":"the json path"}},"required":["name"]},"DataModelAPI.DataModel":{"type":"object","properties":{"body":{"type":"string","description":"The python body of the data model"},"createdAt":{"type":"string"},"description":{"type":"string","description":"The description of the data model"},"displayName":{"type":"string","description":"The name used for the data model"},"enabled":{"type":"boolean","description":"enables/disables a data model"},"id":{"type":"string","description":"The id of the data model"},"lastModified":{"type":"string"},"logTypes":{"type":"array","items":{"type":"string"},"description":"The log type this data model should associate to. NOTE: only one data model can be assigned to a log type"},"mappings":{"type":"array","items":{"$ref":"#/components/schemas/DataModelAPI.DataModelMapping"}}}},"DataModelAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/data-models/{id}":{"put":{"tags":["data model"],"summary":"put data model","description":"put creates or updates a data model","operationId":"data model#put","parameters":[{"name":"id","in":"path","description":"the id of the data model","required":true,"schema":{"type":"string","description":"the id of the data model"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.ModifyDataModel"}}}},"responses":{"200":{"description":"200 returned if the item already existed","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.DataModel"}}}},"201":{"description":"201 returned if the item was created","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.DataModel"}}}},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.BadRequestError"}}}}}}}}} ``` ## DELETE /data-models/{id} > delete data model ```json {"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"data model","description":"The data model api handles all operations for data models"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"DataModelAPI.BadRequestError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]},"DataModelAPI.NotFoundError":{"type":"object","properties":{"message":{"type":"string"}},"required":["message"]}}},"paths":{"/data-models/{id}":{"delete":{"tags":["data model"],"summary":"delete data model","operationId":"data model#delete","parameters":[{"name":"id","in":"path","description":"ID of the data model to delete","required":true,"schema":{"type":"string","description":"ID of the data model to delete"}}],"responses":{"204":{"description":"No Content response."},"400":{"description":"bad_request: Bad Request response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.BadRequestError"}}}},"404":{"description":"not_found: Not Found response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.NotFoundError"}}}}}}}}} ``` ## GET /data-models > list data models ```json {"openapi":"3.0.3","info":{"title":"Panther REST API","version":"1.0"},"tags":[{"name":"data model","description":"The data model api handles all operations for data models"}],"servers":[{"url":"https://{api_host}","variables":{"api_host":{"default":"your-api-host"}}}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"X-API-Key","in":"header"}},"schemas":{"DataModelAPI.ListResp":{"type":"object","properties":{"next":{"type":"string","description":"pagination token for the next page of results"},"results":{"type":"array","items":{"$ref":"#/components/schemas/DataModelAPI.DataModel"}}}},"DataModelAPI.DataModel":{"type":"object","properties":{"body":{"type":"string","description":"The python body of the data model"},"createdAt":{"type":"string"},"description":{"type":"string","description":"The description of the data model"},"displayName":{"type":"string","description":"The name used for the data model"},"enabled":{"type":"boolean","description":"enables/disables a data model"},"id":{"type":"string","description":"The id of the data model"},"lastModified":{"type":"string"},"logTypes":{"type":"array","items":{"type":"string"},"description":"The log type this data model should associate to. NOTE: only one data model can be assigned to a log type"},"mappings":{"type":"array","items":{"$ref":"#/components/schemas/DataModelAPI.DataModelMapping"}}}},"DataModelAPI.DataModelMapping":{"type":"object","properties":{"method":{"type":"string","description":"the python function name that should be called"},"name":{"type":"string","description":"the name of the mapping"},"path":{"type":"string","description":"the json path"}},"required":["name"]}}},"paths":{"/data-models":{"get":{"tags":["data model"],"summary":"list data models","operationId":"data model#list","parameters":[{"name":"cursor","in":"query","description":"the pagination token","allowEmptyValue":true,"schema":{"type":"string","description":"the pagination token"}},{"name":"limit","in":"query","description":"the maximum results to return","allowEmptyValue":true,"schema":{"type":"integer","description":"the maximum results to return","default":100,"format":"int64"}}],"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DataModelAPI.ListResp"}}}}}}}}} ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.panther.com/ko/panther/api/rest/data-models.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.