Enrichment source addition and management endpoints in the REST API

Add and manage enrichment sources that are used to enrich logs.

POST/enrichment_sources

Add DNS, GeoIP, and LDAP enrichment sources

Request URL

/logs-service/api/v1.0/logs/enrichment_sources

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/enrichment_sources

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

Example request body

{
"name": "Enrichment Source",
"description": "Enrichment Source Description",
"state": "ACTIVE",
"enabled": true,
"execution_order": 1,
"type": "LDAP",
"connection_parameters": {
   "URL": "https://get.geojs.io/v1/dns/ptr/{ipaddress}.json",
   "header": {
     "Content-Type": "application/json"
   },
   "method": "GET",
   "type": "Microsoft Authentication",
   "api_key": "$.accessToken",
   "client_id": "<client_ID_value>",
   "tenant_id": "<tenant_ID_value>",
   "client_secret": "<client_secret_key>",
   "scope": ".default",
   "security_scheme": {
     "type": "http",
     "scheme": "bearer",
     "bearerFormat": "Azure"
   }
},
"source_params": [
   {
     "name": "ipaddress",
     "label": "Your Machine IP Address",
     "is_mandatory": true
   }
  ],
"target_fields": {
   "hostname": "$.ptr",
   "orgnization": "$.org"
},
"reference_data": {
   "name": "dns_24sep",
   "description": "dns",
   "ipAddress": "111.1.1.1",
   "state": "ACTIVE"
},
"additionalParams": {}
}

Response codes

Code	Description
201	Enrichment source is created successfully. Returns the enrichment source ID in the payload.
400	Error for invalid data. Check if all input values are valid.
401	Authorization failure. Verify JWT.
403	Permission denied. Verify roles assigned to you.
415	Incorrect request format. Ensure that the request format is JSON.
500	Unexpected condition encountered. Contact BMC Support.

POST/enrichment_sources/test_connection

Test connection to an enrichment source

Request URL

/logs-service/api/v1.0/logs/enrichment_sources/testconnection

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/enrichment_sources/testconnection

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

Example request body

{
"enrichment_source": {
"connection_parameters": {
"URL": "https://<hostname>/v1.0/users/{val}",
"header": {
"Content-Type": "application/json"
},
"method": "GET",
"type": "Microsoft Authentication",
"api_key": "$.accessToken",
"client_id": "<client_ID_value>",
"tenant_id": "<tenant_ID_value>",
"client_secret": "<client_secret_key>",
"scope": ".default",
"security_scheme": {
"type": "http",
"scheme": "bearer",
"bearerFormat": "Azure"
}
}
},
"source_params_values": {
"val": "jdoe@bmchelix00.onmicrosoft.com"
}
}

Response codes

Code	Description
200	Connected with the enrichment source successfully.
400	Error for invalid data. Check if all input values are valid.
401	Authorization failure. Verify JWT.
403	Permission denied. Verify the roles assigned to you.
404	Incorrect request format. Ensure that the request format is JSON and connection parameters are set correctly.
500	Unexpected condition encountered. Contact BMC Support.

PUT/enrichment_sources/{id}

Update DNS, GeoIP, or LDAP enrichment source by ID

Request URL

/logs-service/api/v1.0/logs/enrichment_sources/{id}

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/enrichment_sources/a00a0a00-a000-00a0-a000-0a000aa0a0a0

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

Parameter details

Example request body

{
"name": "Enrichment Source",
"description": "Enrichment source description",
"state": "ACTIVE",
"enabled": true,
"execution_order": 1,
"type": "LDAP",
"connection_parameters": {
   "URL": "https://get.geojs.io/v1/dns/ptr/{ipaddress}.json",
   "header": {
     "Content-Type": "application/json"
   },
   "method": "GET",
   "type": "Microsoft Authentication",
   "api_key": "$.accessToken",
   "client_id": "<client_ID_value>",
   "tenant_id": "<tenant_ID_value>",
   "client_secret": "<client_secret_key>.",
   "scope": ".default",
   "security_scheme": {
     "type": "http",
     "scheme": "bearer",
     "bearerFormat": "Azure"
   }
},
"source_params": [
   {
     "name": "ipaddress",
     "label": "Your machine IP address",
     "is_mandatory": true
   }
  ],
"target_fields": {
   "hostname": "$.ptr",
   "orgnization": "$.org"
},
"reference_data": {
   "name": "dns_24sep",
   "description": "dns",
   "ipAddress": "111.1.1.1",
   "state": "ACTIVE"
},
"additionalParams": {}
}

Response codes

Code	Description
200	Enrichment source is updated successfully.
400	Error for invalid data. Check if all input values are valid.
401	Authorization failure. Verify JWT.
403	Permission denied. Verify the roles assigned to you.
404	The enrichment source ID is not found.
415	Incorrect request format. Ensure that the request format is JSON and enrichment source IDs are correct.
500	Unexpected condition encountered. Contact BMC Support.

POST/enrichment_sources/upload

Add a CSV enrichment source

Request URL

/logs-service/api/v1.0/logs/enrichment_sources/upload

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/upload

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

Example request body

{
"name": "string",
"description": "string",
"enabled": true,
"enrich_params": "string",
"file": {},
"file_name": "string",
"source_field": "string",
"state": "ACTIVE",
"target_field": "string"
}

Response codes

Code	Description
201	Enrichment source of type CSV is created. Returns source details in the payload.
400	Error for invalid data. Check if all input values are valid.
401	Authorization failure. Verify JWT.
403	Permission denied. Verify the roles assigned to you.
415	Incorrect request format. Ensure that the request format is JSON and enrichment source IDs are correct.
500	Unexpected condition encountered. Contact BMC Support.

PUT/enrichment_sources/{id}/upload

Update CSV enrichment source by ID

Request URL

/logs-service/api/v1.0/logs/enrichment_sources/{id}/upload

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/enrichment_sources/a00a0a00-a000-00a0-a000-0a000aa0a0a0/upload

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

Parameter details

Example request body

{
"name": "string",
"description": "string",
"enabled": true,
"enrich_params": "string",
"file": {},
"file_name": "string",
"source_field": "string",
"state": "ACTIVE",
"target_field": "string"
}

Response codes

Code	Description
200	Enrichment source of type CSV is updated successfully.
400	Error for invalid data. Check if all input values are valid.
401	Authorization failure. Verify JWT.
403	Permission denied. Verify the roles assigned to you.
404	The enrichment source ID is not found.
415	Incorrect request format. Ensure that the request format is JSON and enrichment source IDs are correct.
500	Unexpected condition encountered. Contact BMC Support.

GET/enrichment_sources/{id}

Get an enrichment source by ID

Request URL

/logs-service/api/v1.0/logs/enrichment_sources/{IDs}

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/enrichment_sources/00a0a00-a000-00a0-a000-0a000aa0a0a0

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

Parameter details

Response codes

Code	Description
200	Enrichment sources returned successfully.
401	Authorization failure. Verify JWT.
403	Permission denied. Verify the roles assigned to you.
404	The enrichment source ID is not found.
500	Unexpected condition encountered. Contact BMC Support.

POST/enrichment_sources/enable

Enable enrichment sources

Request URL

/logs-service/api/v1.0/logs/enrichment_sources/enable

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/enrichment_sources/enable

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

Example request body

{
"ids": [
"a00a0a00-a000-00a0-a000-0a000aa0a0a0"
]
}

Response codes

Code	Description
200	Enrichment sources are enabled successfully.
207	Some enrichment sources are enabled. IDs of the sources that are not enabled are returned.
400	Error for invalid data. Check if all input values are valid.
401	Authorization failure. Verify JWT.
403	Permission denied. Verify the roles assigned to you.
415	Incorrect request format. Ensure that the request format is JSON and enrichment source IDs are correct.
500	Unexpected condition encountered. Contact BMC Support.

POST/enrichment_sources/disable

Disable enrichment sources

Request URL

/logs-service/api/v1.0/logs/enrichment_sources/disable

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/enrichment_sources/disable

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

Example request body

{
"ids": [
"a00a0a00-a000-00a0-a000-0a000aa0a0a0"
]
}

Response codes

Code	Description
200	Enrichment sources are disabled successfully.
207	Some enrichment sources are disabled. IDs of the sources that are not disabled are returned.
400	Error for invalid data. Check if all input values are valid.
401	Authorization failure. Verify JWT.
403	Permission denied. Verify the roles assigned to you.
415	Incorrect request format. Ensure that the request format is JSON and enrichment source IDs are correct.
500	Unexpected condition encountered. Contact BMC Support.

POST/enrichment_sources/search

Search enrichment sources

Request URL

/logs-service/api/v1.0/logs/enrichment_sources/search

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/search

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

Parameter details

Example request body

{
"page_index": 1,
"page_size": 100,
"search_string": "name = 'CSV Log Enrichment Source' and enabled = true",
"sort_criteria": "name DESC, enabled ASC"
}

Response codes

Code	Description
200	Enrichment sources are found. Returns source details in the payload.
400	Error for invalid data. Check if all input values are valid.
401	Authorization failure. Verify roles assigned to you and JWT.
403	Permission denied. Verify the roles assigned to you.
415	Incorrect request format. Ensure that the request format is JSON and enrichment source IDs are correct.
500	Unexpected condition encountered. Contact BMC Support.

DELETE/enrichment_sources/{id}

Delete an enrichment source by ID

Request URL

/logs-service/api/v1.0/logs/enrichment_sources/{id}

Example request URL

https://HostA.bmc.com/logs-service/api/v1.0/logs/enrichment_sources/a00a0a00-a000-00a0-a000-0a000aa0a0a0

Request Header

Content-Type: application/json
Authorization: Bearer <JWT_token>

For instructions on obtaining the JWT token, see Access and authentication for the REST API..

Parameter details

Response codes

Code	Description
200	Enrichment source is deleted successfully.
401	Authorization failure. Verify roles assigned to you and JWT.
403	Permission denied. Verify the roles assigned to you.
404	The enrichment source ID is not found.
500	Unexpected condition encountered. Contact BMC Support.

Enrichment source addition and management endpoints in the REST API

POST/enrichment_sources

POST/enrichment_sources/test_connection

PUT/enrichment_sources/{id}

POST/enrichment_sources/upload

PUT/enrichment_sources/{id}/upload

GET/enrichment_sources/{id}

POST/enrichment_sources/enable

POST/enrichment_sources/disable

POST/enrichment_sources/search

DELETE/enrichment_sources/{id}

BMC Helix Log Analytics 26.1

On this page