Comments (5)
Hi,
checkout this script here
https://github.com/ibm-security-intelligence/data-import/blob/master/assets/update_assets.py
It updates assets from a .csv file using the same rest end point
essentially you can update any asset field returned by the "asset_model/properties endpoint". That includes all the 'out of the box' asset fields, as well as any custom ones you add.
The key thing to note is that you need to use the id of the property in the update, not the name.
e.g. this body updates the business owner of an asset
{
"properties": [
{
"type_id": 1006,
"value": "Chris Meenan"
}
]
}
Chris
from api-samples.
thanks, what the API expects as input structure was what i was looking for.
I looked at the data importer and imho building json with string concatination is a very bad habit.
it would be much cleaner to understand and use
json.dumps({'properties':[ {'type_id': 1006, 'value': 'Chris Meenan' }]})
Is it possible to update other fields which are not properties, like interfaces or the mac address?
Too bad the REST API is not very verbose when it comes to invalid input ... :)
from api-samples.
thanks,
the structure of the input is also outlined in the online API documentation available at https:///restapi/doc. If you open the end point and click on the 'View' link you will see a sample for each parameter. I just copied and pasted that and inserted a couple of examples as above.
I think they could be more verbose, but thankfully the data structures are pretty straightforward.
Currently the asset API only accepts properties returned by the properties end point, but we do want to expand it to include MACs, interfaces and IPs. Those can be feed in via identity events into QRAdar, but I do admit via the API would be much better (in this instance!).
from api-samples.
In the previous version of Qradar the sample was not very helpful and stated for the sample something like this: {'key1' :'value1'}
which was not really helpful. I am glad this changed :D
For me (QRadar v7.2.3 Build 918945) the api for /asset_model//properties returns nothing, but of course i can just fill an asset with all the data available and check out what /asset_model/assets returns.
Thanks for the support, it still would be great if this repository has an example for updating an asset :) or at least a link to the repository you mentioned before.
from api-samples.
i hope that qradar will have an 'asset insert' soon :)
from api-samples.
Related Issues (17)
- Certificate verification failed HOT 7
- Wroking version confirmation HOT 1
- Accessing QRadar HOT 1
- Can I have a simplest Api usage example
- Field requirements in Show offenses api
- Using "Contains" for a list with no key/value pairs HOT 4
- Script for integrating threat intelligence platform
- Please, provide API Guidelines for QRadar 7.3.2
- Tags please! HOT 2
- Please provide `/config/event_sources/log_source_management/log_sources` examples HOT 1
- doesn't prompt to enter configs in first time
- WARNING: The version of the endpoint is deprecated
- Not following PEP8 for Python Code HOT 2
- 414 Request-URI Too Large
- Sample for /ariel/searches filter HOT 5
- Update Asset Operating System HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from api-samples.