Log Sources
REST API operations for log sources
Overview
Use these API operations to interact with log sources in Panther. Currently, interactions with HTTP Sources are supported. (This does not include supported log sources that use HTTP as their transport mechanism.)
To call the API, see the How to use the Panther REST API instructions—including directions for how to invoke it directly from this documentation page.
Required permissions
For
GET
operations, your API token must have theView Log Sources
permission.For
POST
,PUT
, andDELETE
operations, your API token must have theManage Log Sources
permission.
Operations
The authentication bearer token value of the http source. Used for Bearer auth method
The authentication header key of the http source. Used for HMAC and SharedSecret auth methods
The authentication algorithm of the http source. Used for HMAC auth method
The authentication method of the http source
The authentication header password of the http source. Used for Basic auth method
The authentication header secret value of the http source. Used for HMAC and SharedSecret auth methods
The authentication header username of the http source. Used for Basic auth method
The integration label (name)
The log stream type. Supported log stream types: Auto, JSON, JsonArray, Lines, CloudWatchLogs, XML
The log types of the integration
Created response.
bad_request: Bad Request response.
exists: Conflict response.
service: Internal Server Error response.
POST /log-sources/http HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 293
{
"authBearerToken": "text",
"authHeaderKey": "text",
"authHmacAlg": "text",
"authMethod": "SharedSecret",
"authPassword": "text",
"authSecretValue": "text",
"authUsername": "text",
"integrationLabel": "text",
"logStreamType": "Auto",
"logStreamTypeOptions": {
"jsonArrayEnvelopeField": "text"
},
"logTypes": [
"text"
]
}
{
"authBearerToken": "text",
"authHeaderKey": "text",
"authHmacAlg": "text",
"authMethod": "SharedSecret",
"authPassword": "text",
"authSecretValue": "text",
"authUsername": "text",
"integrationId": "text",
"integrationLabel": "text",
"logStreamType": "Auto",
"logStreamTypeOptions": {
"jsonArrayEnvelopeField": "text"
},
"logTypes": [
"text"
]
}
ID of the http source to fetch
OK response.
bad_request: Bad Request response.
not_found: Not Found response.
service: Internal Server Error response.
GET /log-sources/http/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*
{
"authBearerToken": "text",
"authHeaderKey": "text",
"authHmacAlg": "text",
"authMethod": "SharedSecret",
"authPassword": "text",
"authSecretValue": "text",
"authUsername": "text",
"integrationId": "text",
"integrationLabel": "text",
"logStreamType": "Auto",
"logStreamTypeOptions": {
"jsonArrayEnvelopeField": "text"
},
"logTypes": [
"text"
]
}
put updates an http source
ID of the http source to update
The authentication bearer token value of the http source. Used for Bearer auth method
The authentication header key of the http source. Used for HMAC and SharedSecret auth methods
The authentication algorithm of the http source. Used for HMAC auth method
The authentication method of the http source
The authentication header password of the http source. Used for Basic auth method
The authentication header secret value of the http source. Used for HMAC and SharedSecret auth methods
The authentication header username of the http source. Used for Basic auth method
The integration label (name)
The log stream type. Supported log stream types: Auto, JSON, JsonArray, Lines, CloudWatchLogs, XML
The log types of the integration
OK response.
bad_request: Bad Request response.
not_found: Not Found response.
exists: Conflict response.
service: Internal Server Error response.
PUT /log-sources/http/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 293
{
"authBearerToken": "text",
"authHeaderKey": "text",
"authHmacAlg": "text",
"authMethod": "SharedSecret",
"authPassword": "text",
"authSecretValue": "text",
"authUsername": "text",
"integrationLabel": "text",
"logStreamType": "Auto",
"logStreamTypeOptions": {
"jsonArrayEnvelopeField": "text"
},
"logTypes": [
"text"
]
}
{
"authBearerToken": "text",
"authHeaderKey": "text",
"authHmacAlg": "text",
"authMethod": "SharedSecret",
"authPassword": "text",
"authSecretValue": "text",
"authUsername": "text",
"integrationId": "text",
"integrationLabel": "text",
"logStreamType": "Auto",
"logStreamTypeOptions": {
"jsonArrayEnvelopeField": "text"
},
"logTypes": [
"text"
]
}
ID of the http source to delete
No Content response.
bad_request: Bad Request response.
service: Internal Server Error response.
DELETE /log-sources/http/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*
No content
Last updated
Was this helpful?