Knowledge BaseCommunityRelease NotesRequest Demo

Log Sources

REST API operations for log sources

Overview

The /log-sources REST API operations are in open beta starting with Panther version 1.111, and are available to all customers. Please share any bug reports and feature requests with your Panther support team.

Use these API operations to interact with log sources in Panther. Currently, interactions with HTTP Sources are supported. (This does not include supported log sources that use HTTP as their transport mechanism.)

To call the API, see the How to use the Panther REST API instructions—including directions for how to invoke it directly from this documentation page.

Required permissions

  • For GET operations, your API token must have the View Log Sources permission.

  • For POST, PUT, and DELETE operations, your API token must have the Manage Log Sources permission.

Operations

create http source

post
Authorizations
Body
authBearerTokenstringOptional

The authentication bearer token value of the http source. Used for Bearer auth method

authHeaderKeystringOptional

The authentication header key of the http source. Used for HMAC and SharedSecret auth methods

authHmacAlgstringOptional

The authentication algorithm of the http source. Used for HMAC auth method

authMethodstring · enumRequired

The authentication method of the http source

Possible values:
authPasswordstringOptional

The authentication header password of the http source. Used for Basic auth method

authSecretValuestringOptional

The authentication header secret value of the http source. Used for HMAC and SharedSecret auth methods

authUsernamestringOptional

The authentication header username of the http source. Used for Basic auth method

integrationLabelstringRequired

The integration label (name)

logStreamTypestring · enumRequired

The log stream type. Supported log stream types: Auto, JSON, JsonArray, Lines, CloudWatchLogs, XML

Possible values:
logTypesstring[]Required

The log types of the integration

Responses
201

Created response.

application/json
post
POST /log-sources/http HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 293

{
  "authBearerToken": "text",
  "authHeaderKey": "text",
  "authHmacAlg": "text",
  "authMethod": "SharedSecret",
  "authPassword": "text",
  "authSecretValue": "text",
  "authUsername": "text",
  "integrationLabel": "text",
  "logStreamType": "Auto",
  "logStreamTypeOptions": {
    "jsonArrayEnvelopeField": "text"
  },
  "logTypes": [
    "text"
  ]
}
{
  "authBearerToken": "text",
  "authHeaderKey": "text",
  "authHmacAlg": "text",
  "authMethod": "SharedSecret",
  "authPassword": "text",
  "authSecretValue": "text",
  "authUsername": "text",
  "integrationId": "text",
  "integrationLabel": "text",
  "logStreamType": "Auto",
  "logStreamTypeOptions": {
    "jsonArrayEnvelopeField": "text"
  },
  "logTypes": [
    "text"
  ]
}

get http source

get
Authorizations
Path parameters
idstringRequired

ID of the http source to fetch

Responses
200

OK response.

application/json
get
GET /log-sources/http/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

{
  "authBearerToken": "text",
  "authHeaderKey": "text",
  "authHmacAlg": "text",
  "authMethod": "SharedSecret",
  "authPassword": "text",
  "authSecretValue": "text",
  "authUsername": "text",
  "integrationId": "text",
  "integrationLabel": "text",
  "logStreamType": "Auto",
  "logStreamTypeOptions": {
    "jsonArrayEnvelopeField": "text"
  },
  "logTypes": [
    "text"
  ]
}

put http source

put

put updates an http source

Authorizations
Path parameters
idstringRequired

ID of the http source to update

Body
authBearerTokenstringOptional

The authentication bearer token value of the http source. Used for Bearer auth method

authHeaderKeystringOptional

The authentication header key of the http source. Used for HMAC and SharedSecret auth methods

authHmacAlgstringOptional

The authentication algorithm of the http source. Used for HMAC auth method

authMethodstring · enumRequired

The authentication method of the http source

Possible values:
authPasswordstringOptional

The authentication header password of the http source. Used for Basic auth method

authSecretValuestringOptional

The authentication header secret value of the http source. Used for HMAC and SharedSecret auth methods

authUsernamestringOptional

The authentication header username of the http source. Used for Basic auth method

integrationLabelstringRequired

The integration label (name)

logStreamTypestring · enumRequired

The log stream type. Supported log stream types: Auto, JSON, JsonArray, Lines, CloudWatchLogs, XML

Possible values:
logTypesstring[]Required

The log types of the integration

Responses
200

OK response.

application/json
put
PUT /log-sources/http/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 293

{
  "authBearerToken": "text",
  "authHeaderKey": "text",
  "authHmacAlg": "text",
  "authMethod": "SharedSecret",
  "authPassword": "text",
  "authSecretValue": "text",
  "authUsername": "text",
  "integrationLabel": "text",
  "logStreamType": "Auto",
  "logStreamTypeOptions": {
    "jsonArrayEnvelopeField": "text"
  },
  "logTypes": [
    "text"
  ]
}
{
  "authBearerToken": "text",
  "authHeaderKey": "text",
  "authHmacAlg": "text",
  "authMethod": "SharedSecret",
  "authPassword": "text",
  "authSecretValue": "text",
  "authUsername": "text",
  "integrationId": "text",
  "integrationLabel": "text",
  "logStreamType": "Auto",
  "logStreamTypeOptions": {
    "jsonArrayEnvelopeField": "text"
  },
  "logTypes": [
    "text"
  ]
}

delete http source

delete
Authorizations
Path parameters
idstringRequired

ID of the http source to delete

Responses
204

No Content response.

delete
DELETE /log-sources/http/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

No content
PreviousGlobalsNextQueries

Last updated

Was this helpful?