Simple Rules

REST API operations for Simple/YAML Rules


The /simple-rules REST API operations are in open beta starting with Panther version 1.98, and are available to all customers. Please share any bug reports and feature requests with your Panther support team.

Use these API operations to interact with rules created as Simple Detections in the CLI workflow or in the Panther Console's Simple Detection Builder.

The simple rule API entity is only applicable to rules that are Simple Detections. To interact with rules created in Python, see Rules.

To call the API, see the How to use the Panther REST API instructions—including directions for how to invoke it directly from this documentation page.

Required permissions

  • For GET operations, your API token must have the View Rules permission.

  • For POST, PUT, and DELETE operations, your API token must have the Manage Rules permission.


Last updated