Skip to main content
GET
/
idp
/
alerts
List IDP Alerts
curl --request GET \
  --url https://api.leen.dev/v1/idp/alerts \
  --header 'X-API-KEY: <api-key>' \
  --header 'X-CONNECTION-ID: <api-key>'
{
  "count": 123,
  "total": 123,
  "items": [
    {
      "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "activity_id": 123,
      "activity_name": "<string>",
      "category_name": "<string>",
      "category_uid": 123,
      "class_name": "<string>",
      "class_uid": 123,
      "enrichments": [
        {
          "name": "<string>",
          "value": "<string>",
          "data": {},
          "created_time": "2023-11-07T05:31:56Z",
          "provider": "<string>",
          "short_desc": "<string>",
          "src_url": "<string>",
          "type": "<string>",
          "created_time_dt": "2023-11-07T05:31:56Z",
          "desc": "<string>",
          "reputation": {
            "base_score": 123,
            "score_id": 0,
            "provider": "<string>",
            "score": "UNKNOWN"
          }
        }
      ],
      "evidences": [
        {
          "actor": {
            "process": {},
            "user": {},
            "app_uid": "<string>",
            "app_name": "<string>",
            "authorizations": [
              "<any>"
            ],
            "idp": {},
            "invoked_by": "<string>",
            "session": {}
          },
          "api": {
            "operation": "<string>",
            "request": {},
            "response": {},
            "group": {},
            "service": {},
            "version": "<string>"
          },
          "connection_info": {
            "direction_id": 0,
            "protocol_name": "<string>",
            "protocol_num": 123,
            "protocol_ver_id": 0,
            "boundary_id": 0,
            "uid": "<string>",
            "boundary": "<string>",
            "direction": "<string>",
            "protocol_ver": "<string>",
            "session": {},
            "tcp_flags": 123
          },
          "container": {
            "hash": {},
            "image": {},
            "name": "<string>",
            "size": 123,
            "uid": "<string>",
            "tag": "<string>",
            "network_driver": "<string>",
            "orchestrator": "<string>",
            "pod_uuid": "<string>",
            "runtime": "<string>"
          },
          "database": {
            "type_id": 0,
            "name": "<string>",
            "type": "<string>",
            "uid": "<string>",
            "created_time": "2023-11-07T05:31:56Z",
            "desc": "<string>",
            "groups": [
              "<any>"
            ],
            "modified_time": "2023-11-07T05:31:56Z",
            "size": 123
          },
          "databucket": {
            "type_id": 0,
            "uid": "<string>",
            "type": "<string>",
            "name": "<string>",
            "size": 123,
            "modified_time": "2023-11-07T05:31:56Z",
            "groups": [
              "<any>"
            ],
            "file": {},
            "desc": "<string>",
            "created_time": "2023-11-07T05:31:56Z"
          },
          "device": {
            "type_id": 0,
            "uid": "<string>",
            "type": "<string>",
            "region": "<string>",
            "owner": {},
            "interface_name": "<string>",
            "interface_uid": "<string>",
            "instance_uid": "<string>",
            "hostname": "<string>",
            "vpc_uid": "<string>",
            "vlan_uid": "<string>",
            "agent_list": [
              "<any>"
            ],
            "uid_alt": "<string>",
            "autoscale_uid": "<string>",
            "boot_time": "2023-11-07T05:31:56Z",
            "is_compliant": true,
            "created_time": "2023-11-07T05:31:56Z",
            "desc": "<string>",
            "domain": "<string>",
            "first_seen_time": "2023-11-07T05:31:56Z",
            "location": {},
            "groups": [
              "<any>"
            ],
            "hw_info": {},
            "hypervisor": "<string>",
            "imei": "<string>",
            "ip": "<string>",
            "image": {},
            "last_seen_time": "2023-11-07T05:31:56Z",
            "mac": "<string>",
            "is_managed": true,
            "modified_time": "2023-11-07T05:31:56Z",
            "name": "<string>",
            "network_interfaces": [
              "<any>"
            ],
            "zone": "<string>",
            "os": {},
            "org": {},
            "is_personal": true,
            "risk_level": "<string>",
            "risk_level_id": 123,
            "risk_score": 123,
            "subnet": "<string>",
            "subnet_uid": "<string>",
            "is_trusted": true
          },
          "dst_endpoint": {
            "container": {},
            "hostname": "<string>",
            "instance_uid": "<string>",
            "interface_name": "<string>",
            "interface_uid": "<string>",
            "ip": "<string>",
            "name": "<string>",
            "namespace_pid": 123,
            "owner": {},
            "port": 123,
            "svc_name": "<string>",
            "type_id": 0,
            "uid": "<string>",
            "agent_list": [
              "<any>"
            ],
            "autonomous_system": {},
            "domain": "<string>",
            "hw_info": {},
            "intermediate_ips": [
              "<any>"
            ],
            "location": {},
            "mac": "<string>",
            "os": {},
            "proxy_endpoint": {},
            "subnet_uid": "<string>",
            "type": "Unknown",
            "vlan_uid": "<string>",
            "vpc_uid": "<string>",
            "zone": "<string>"
          },
          "email": {
            "from": "<string>",
            "to": [
              "<any>"
            ],
            "message_uid": "<string>",
            "reply_to": "<string>",
            "size": 123,
            "smtp_from": "<string>",
            "smtp_to": [
              "<any>"
            ],
            "subject": "<string>",
            "uid": "<string>",
            "cc": [
              "<any>"
            ],
            "delivered_to": "<string>",
            "raw_header": "<string>",
            "x_originating_ip": [
              "<any>"
            ]
          },
          "file": {},
          "job": {},
          "process": {},
          "query": {},
          "reg_key": {},
          "reg_value": {},
          "src_endpoint": {
            "container": {},
            "hostname": "<string>",
            "instance_uid": "<string>",
            "interface_name": "<string>",
            "interface_uid": "<string>",
            "ip": "<string>",
            "name": "<string>",
            "namespace_pid": 123,
            "owner": {},
            "port": 123,
            "svc_name": "<string>",
            "type_id": 0,
            "uid": "<string>",
            "agent_list": [
              "<any>"
            ],
            "autonomous_system": {},
            "domain": "<string>",
            "hw_info": {},
            "intermediate_ips": [
              "<any>"
            ],
            "location": {},
            "mac": "<string>",
            "os": {},
            "proxy_endpoint": {},
            "subnet_uid": "<string>",
            "type": "Unknown",
            "vlan_uid": "<string>",
            "vpc_uid": "<string>",
            "zone": "<string>"
          },
          "url": {},
          "user": {
            "name": "<any>",
            "type_id": "<any>",
            "uid": "<any>",
            "account": "<any>",
            "credential_uid": "<any>",
            "domain": "<any>",
            "email_addr": "<any>",
            "full_name": "<any>",
            "groups": "<any>",
            "ldap_person": "<any>",
            "org": "<any>",
            "risk_level": "<any>",
            "risk_level_id": "<any>",
            "risk_score": "<any>",
            "type": "<any>",
            "uid_alt": "<any>"
          },
          "win_service": {},
          "data": {}
        }
      ],
      "finding_info": {
        "title": "<string>",
        "uid": "<string>",
        "analytic": {
          "type_id": 0,
          "name": "<string>",
          "uid": "<string>",
          "category": "<string>",
          "desc": "<string>",
          "type": "<string>",
          "version": "<string>"
        },
        "attacks": [
          {}
        ],
        "created_time": "2023-11-07T05:31:56Z",
        "data_sources": [
          "<string>"
        ],
        "desc": "<string>",
        "first_seen_time": "2023-11-07T05:31:56Z",
        "kill_chain": [
          {}
        ],
        "last_seen_time": "2023-11-07T05:31:56Z",
        "modified_time": "2023-11-07T05:31:56Z",
        "product_uid": "<string>",
        "related_analytics": [
          {
            "type_id": 0,
            "name": "<string>",
            "uid": "<string>",
            "category": "<string>",
            "desc": "<string>",
            "type": "<string>",
            "version": "<string>"
          }
        ],
        "related_events": [
          {}
        ],
        "src_url": "<string>",
        "types": [
          "<string>"
        ]
      },
      "metadata": {
        "product": {
          "vendor_name": "<string>",
          "name": "<string>",
          "uid": "<string>",
          "version": "<string>",
          "cpe_name": "<string>",
          "feature": {},
          "lang": "<string>",
          "path": "<string>",
          "url_string": "<string>"
        },
        "version": "<string>",
        "log_name": "<string>",
        "log_provider": "<string>",
        "original_time": "<string>",
        "tenant_uid": "<string>",
        "correlation_uid": "<string>",
        "event_code": "<string>",
        "uid": "<string>",
        "labels": [
          "<string>"
        ],
        "log_level": "<string>",
        "log_version": "<string>",
        "logged_time": "2023-11-07T05:31:56Z",
        "loggers": [
          {}
        ],
        "modified_time": "2023-11-07T05:31:56Z",
        "processed_time": "2023-11-07T05:31:56Z",
        "profiles": [
          "<string>"
        ],
        "extensions": [
          {}
        ],
        "sequence": 123
      },
      "message": "<string>",
      "severity": "UNKNOWN",
      "severity_id": 0,
      "type_uid": 200400,
      "type_name": "Detection Finding: Unknown",
      "time": "2023-11-07T05:31:56Z",
      "end_time": "2023-11-07T05:31:56Z",
      "status": "Unknown",
      "status_id": 0,
      "risk_level": "Unknown",
      "risk_level_id": 0,
      "risk_details": "<string>",
      "resources": [
        {
          "uid": "<string>",
          "name": "<string>",
          "type": "<string>",
          "version": "<string>",
          "namespace": "<string>",
          "criticality": "<string>",
          "owner": {
            "name": "<any>",
            "type_id": "<any>",
            "uid": "<any>",
            "account": "<any>",
            "credential_uid": "<any>",
            "domain": "<any>",
            "email_addr": "<any>",
            "full_name": "<any>",
            "groups": "<any>",
            "ldap_person": "<any>",
            "org": "<any>",
            "risk_level": "<any>",
            "risk_level_id": "<any>",
            "risk_score": "<any>",
            "type": "<any>",
            "uid_alt": "<any>"
          },
          "group": {
            "uid": "<string>",
            "name": "<string>",
            "desc": "<string>",
            "type": "<string>",
            "domain": "<string>",
            "privileges": [
              "<any>"
            ]
          },
          "agent_list": [
            {}
          ],
          "labels": [
            "<string>"
          ],
          "data": {}
        }
      ]
    }
  ]
}

Authorizations

X-CONNECTION-ID
string
header
required
X-API-KEY
string
header
required

Query Parameters

sort
string | null

Sort by field

enableCursor
boolean
default:false

Enable cursor based pagination instead of default offset-based pagination

updatedSince
string<date-time> | null

Datetime filter, only return items updated since this datetime. Example format: 2021-01-01T00:00:00+00:00

limit
integer
default:100

Limit size (page size)

Required range: x >= 0
offset
integer
default:0

Offset index (starting index of page)

Required range: x >= 0
excludeTotal
boolean
default:false

Skips returning the total rows, total is set to null when true

cursor
string | null

Skip token to continue from the last item in the previous page

severity
string | null

Severity filter, comma separated

use_pool
boolean
default:true

Response

Successful Response

  • OffsetPaginatedResponse[ScopedIDPAlertRespModel]
  • KeySetPaginatedResponse[ScopedIDPAlertRespModel]
count
integer
required

Number of items return in the response

items
ScopedIDPAlertRespModel · object[]
required

List of items returned in the response

total
integer | null

Total number of items that can be returned