Logpoint

the logpoint connector allows for use of the logpoint security information and event management (siem) product capabilities the logpoint connector provides the following capabilities add incident comment assign or reassign incident close incident get devices get incident by id get incident users get incidents get livesearches get logpoint get query by searchid get repos get user timezone reopen incidents resolve incidents run adhoc query asset setup the asset requires a host , username , and secret key tasks setup for tasks that take datetime inputs, you can use any standard datetime format, or put in a relative time configurations logpoint authentication authenticates using username and secret key configuration parameters parameter description type required url a url to the target host string required username username string required password secret key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions add incident comment add a comments to incidents endpoint url /add incident comment method post input argument name type required description requestdata object optional response data version string optional parameter for add incident comment states array optional parameter for add incident comment id string optional unique identifier comments array optional parameter for add incident comment headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] assign or reassign incident assign or reassign incident endpoint url /assign incident method post input argument name type required description requestdata object optional response data version string optional parameter for assign or reassign incident incident ids array optional unique identifier new assignee string optional parameter for assign or reassign incident headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] close incident close an incident endpoint url /close incident method post input argument name type required description requestdata object optional response data version string optional parameter for close incident incident ids array optional unique identifier headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get devices retrieve devices endpoint url /getalloweddata method post input argument name type required description data body object optional response data type string optional type of the resource headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get incident by id retrieve information associated with a particular incident endpoint url /get data from incident method get input argument name type required description requestdata object optional response data incident obj id string optional unique identifier incident id string optional unique identifier headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get incident users get users and user groups involved in any logpoint recorded incidents endpoint url /get users method get input argument name type required description headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get incidents retrieve incidents from a specific time range endpoint url /incidents method get input argument name type required description requestdata object optional response data version string optional parameter for get incidents ts from number optional parameter for get incidents ts to number optional parameter for get incidents headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get livesearches get livesearches endpoint url /getalloweddata method post input argument name type required description data body object optional response data type string optional type of the resource headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get logpoint retrieve logpoint(s) endpoint url /getalloweddata method post input argument name type required description data body object optional response data type string optional type of the resource headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get query by searchid retrieve a query by search id endpoint url /getsearchlogs method post input argument name type required description data body object required response data search id string required unique identifier headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get repos retrieve repos endpoint url /getalloweddata method post input argument name type required description data body object optional response data type string optional type of the resource headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get user timezone retrieve a user's timezone endpoint url /getalloweddata method post input argument name type required description data body object optional response data type string optional type of the resource headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] reopen incidents reopen incident by incident id endpoint url /reopen incident method post input argument name type required description requestdata object optional response data version string optional parameter for reopen incidents incident ids array optional unique identifier headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] resolve incidents resolve an incident endpoint url /resolve incident method post input argument name type required description requestdata object optional response data version string optional parameter for resolve incidents incident ids array optional unique identifier headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] run adhoc query run ad hoc query/get search results endpoint url /getsearchlogs method post input argument name type required description data body object optional response data requestdata object optional response data query string optional parameter for run adhoc query time range string optional parameter for run adhoc query limit number optional parameter for run adhoc query repos array optional parameter for run adhoc query headers object optional http headers for the request output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] notes for more information on logpoint logpoint api documentation https //docs logpoint com/docs/logpoint api reference/en/latest/