To create a request to display information about Kaspersky Anti Targeted Attack Platform alerts, the HTTP GET
method is used. You can create a request by using the cURL command-line utility, for example.
Command syntax
curl --cert <path to the TLS certificate file> --key <path to the private key file> -X GET "<URL of the server with the Central Node component>:<port, 443 by default>/kata/scanner/v1/sensors/<sensorId>/detects?detect_type=<one or more technologies that were used to generate the alert>&limit=<number of alerts in the response to the request>&token=<request ID>"
If the request is processed successfully, you will see a list of alerts generated by Kaspersky Anti Targeted Attack Platform on the server of the external system.
Settings
Parameter |
Type |
Description |
---|---|---|
|
String |
Unique ID of the external system used for authorization in Kaspersky Anti Targeted Attack Platform. |
|
Array |
Technology that was used to generate the alert. You can specify a comma-separated list of technologies. Possible values:
If the parameter is not specified, information about all alerts is provided. |
|
Integer |
Number of objects for which information is provided in response to the request. Allowed values: integers from 1 to 10,000. The default value is |
|
String |
Request ID. If this parameter is specified, a repeated request does not show alert information that was obtained by prior requests. This helps avoid the duplication of information about the same alerts in case of repeated requests. If this parameter is not specified, information about all alerts is provided. |
Response
HTTP code: 200
Format: JSON
|
Returned value
Return code |
Description |
---|---|
|
Incorrect parameters. |
|
Number of requests exceeded. |
|
Authorization required. |
|
Internal server error. Repeat the request later. |
Example of entering a command with switches
|