Skip to Content

v4.0 Event Receivers API

TrueSight Network Automation REST API – EventReceiverService
The base URL for the API is:

https://serverName:portNumber/bca-networks/api

event_receivers

{{status subtle="false" colour="Blue" title="GET"/}}

 /v4.0/event_receivers
Click here to expand...


Parameters

Name

Located in

Description

Default

Schema

filter.enabled

query

Filter for enabled or disabled event receivers, when true, returns only enabled event receivers; when false, returns only disabled event receivers; when this filter is absent, no filtering is done


boolean

orderBy

query

Sort by the specified attribute (address, annotation, enabledFlag, eventCategoryIds, eventSeverityIds, port, or a listable event receiver dynamic field name) in the specified order (prefix with a '+' for ascending or a '-' for descending)

"+address"

string 
Enum: [
 "+address",
 "-address",
 "+annotation",
 "-annotation",
 "+enabledFlag",
 "-enabledFlag",
 "+eventCategoryIds",
 "-eventCategoryIds",
 "+eventSeverityIds",
 "-eventSeverityIds",
 "+port",
 "-port"
]

offset

query

Return the specified page number

1

integer

limit

query

Define the number of rows in a page or the maximum number of event receivers to return

25

integer

Authorization

header

Authorization token formatted as 'Bearer [token]'


string *

Responses

Code

Description

Schema

200

successful operation

401

Unauthorized: Failed to provide a suitable Authorization header or accessToken cookie, or the specified user is not logged in


403

Forbidden: Not allowed to access event receivers


500

Internal server error: Unexpected exception occurred


{{status subtle="false" colour="Green" title="POST"/}}

 /v4.0/event_receivers
Click here to expand...


Parameters

Name

Located in

Description

Default

Schema

body

body

Complete attributes of the new event receiver


Authorization

header

Authorization token formatted as 'Bearer [token]'


string *

Responses

Code

Description

Schema

201

Created: New event receiver successfully added


400

Bad request: Input event receiver DTO is missing or new event receiver is invalid


401

Unauthorized: Failed to provide a suitable Authorization header or accessToken cookie, or the specified user is not logged in


403

Forbidden: Not allowed to add a new event receiver


500

Internal server error: Unexpected exception occurred


{{status subtle="false" colour="Blue" title="GET"/}}

 /v4.0/event_receivers/{addressOrKey}
Click here to expand...


Parameters

Name

Located in

Description

Default

Schema

addressOrKey

path

Address or database key of the event receiver of interest


string *

Authorization

header

Authorization token formatted as 'Bearer [token]'


string *

Responses

Code

Description

Schema

200

successful operation

401

Unauthorized: Failed to provide a suitable Authorization header or accessToken cookie, or the specified user is not logged in


403

Forbidden: Not allowed to access event receivers


404

Not found: No single matching event receiver found


500

Internal server error: Unexpected exception occurred


{{status subtle="false" colour="Yellow" title="PUT"/}}

 /v4.0/event_receivers/{addressOrKey}
Click here to expand...


Parameters

Name

Located in

Description

Default

Schema

addressOrKey

path

Address or database key of the event receiver to be modified


string *

body

body

Complete new attribute values for the event receiver; anything left out will be considered to be null and will be nulled out in the event receiver


Authorization

header

Authorization token formatted as 'Bearer [token]'


string *

Responses

Code

Description

Schema

200

successful operation

400

Bad request: Input event receiver DTO is missing or modified event receiver is invalid


401

Unauthorized: Failed to provide a suitable Authorization header or accessToken cookie, or the specified user is not logged in


403

Forbidden: Not allowed to modify the event receiver


404

Not found: No single matching event receiver found


500

Internal server error: Unexpected exception occurred


{{status subtle="false" colour="Red" title="DELETE"/}}

 /v4.0/event_receivers/{addressOrKey}
Click here to expand...


Parameters

Name

Located in

Description

Default

Schema

addressOrKey

path

Address or database key of the event receiver to be deleted


string *

Authorization

header

Authorization token formatted as 'Bearer [token]'


string *

Responses

Code

Description

Schema

200

successful operation

string

401

Unauthorized: Failed to provide a suitable Authorization header or accessToken cookie, or the specified user is not logged in


403

Forbidden: Not allowed to delete the event receiver


404

Not found: No single matching event receiver found


500

Internal server error: Unexpected exception occurred


{{status subtle="false" colour="Yellow" title="PATCH"/}}

 /v4.0/event_receivers/{addressOrKey}
Click here to expand...


Parameters

Name

Located in

Description

Default

Schema

addressOrKey

path

Address or database key of the event receiver to be modified


string *

body

body

New attribute values for the event receiver, in JSON Patch format


Authorization

header

Authorization token formatted as 'Bearer [token]'


string *

Responses

Code

Description

Schema

200

successful operation

400

Bad request: Input JSON patch information is missing or modified event receiver is invalid


401

Unauthorized: Failed to provide a suitable Authorization header or accessToken cookie, or the specified user is not logged in


403

Forbidden: Not allowed to modify the event receiver


404

Not found: No single matching event receiver found


500

Internal server error: Unexpected exception occurred


Object Definitions

Object

Schema

DynamicFieldValueDTO


Click here to expand...


{ 
    id: string 
    The database key of the dynamic field whose value this is (read-only) 

     name: string 
    The name of the dynamic field (read-only) 

     values: [ 
      The value(s) for the dynamic field; for a single-value field, only the first entry is relevant; read-only for Auto Derived and Configuration Profiled types 

       string 
    ] 

     dynamicFieldDetailsLink: string 
    Link to get more detailed information about the dynamic field (read-only) 
}

EventReceiverDTO


Click here to expand...


{ 
    id: string 
    The event receiver's unique database key (read-only) 

     address: string * 
    Host name or IP address of the event receiver 

     annotation: string 
    Notes, comments, description, explanation 

     enabledFlag: boolean 
    Whether or not this event receiver is enabled; when true (enabled), new events are forwarded to the receiver; when false (disabled), no events are sent to the receiver 

     eventCategoryIds: [ 
      Selects which events are forwarded to the event receiver, by category 

       integer 
    ] * 

     eventSeverityIds: [ 
      Selects which events are forwarded to the event receiver, by severity 

       integer 
    ] * 

     port: integer * 
    TCP/UDP port number where the event receiver is listening for input events 

     protocolId: integer * 
    The protocol used to transmit events to the event receiver; allowed values are 1 for UDP and 2 for TLS 

     protocolName: string 
    The meaning of the numeric protocolId (read-only) 

     syslogHeaderHostname: string 
    When sending events to the event receiver as syslog messages, specifies the local host name to be included in the header; when null, the system looks up the local host name defined by the host operating system 

     syslogMessageFormatId: integer * 
    How events are formatted into syslog messages; allowed values are 1 for RFC 5424 and 2 for ArcSight Common Event Format (CEF) 

     syslogMessageFormatName: string 
    The meaning of the numeric syslogMessageFormatId (read-only) 

     timeoutMinutes: integer 
    When sending an event to the event receiver via TLS, how long to wait (in minutes) for a response before declaring a send failure; required when the protocol is TLS 

     dynamicFields: [ 
      The dynamic fields 

       DynamicFieldValueDTO
    ] 
}

JsonPatch


Click here to expand...


[ 
    A list of JSON Patch operations 

     JsonPatch.OneOperation
  ]

JsonPatch.OneOperation

JsonPatch.Pointer


Click here to expand...


string 
  Pointer or path to an element or property

JsonPatch.Add


Click here to expand...


{ 
    op: string * 
   Enum: [
     "add"
   ]
    value: any * 
    path: JsonPatch.Pointer*
}

JsonPatch.Remove


Click here to expand...


{ 
    op: string * 
   Enum: [
     "remove"
   ]
    path: JsonPatch.Pointer*
}

JsonPatch.Replace


Click here to expand...


{ 
    op: string * 
   Enum: [
     "replace"
   ]
    value: any * 
    path: JsonPatch.Pointer*
}

JsonPatch.Move


Click here to expand...


{ 
    op: string * 
   Enum: [
     "move"
   ]
    path: JsonPatch.Pointer*
    from: JsonPatch.Pointer*
}

JsonPatch.Copy


Click here to expand...


{ 
    op: string * 
   Enum: [
     "copy"
   ]
    path: JsonPatch.Pointer*
    from: JsonPatch.Pointer*
}

JsonPatch.Test


Click here to expand...


{ 
    op: string * 
   Enum: [
     "test"
   ]
    value: any * 
    path: JsonPatch.Pointer*
}

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

TrueSight Network Automation 23.4