|
1. Enable API on your Sophos Cloud Optix Account
2. Authentication/Authorization
curl -X GET \ optix.sophos.com/.../whitelistIPs \ -H 'Authorization: ApiKey <API_KEY>' |
3. API Examples
a. GET - Alert Count Example
- The example below gets the unfiltered alert count in Optix
curl -X GET \ optix.sophos.com/.../count \ -H 'Authorization: ApiKey <API_KEY>' |
- The example below gets a filtered list of suppressed alerts in Optix
curl -X GET \ 'optix.sophos.com/.../count \ -H 'Authorization: ApiKey <API_KEY>' |
- The example below gives a filtered list of Azure CIS alerts on Optix
curl -X GET \ 'optix.sophos.com/.../count \ -H 'Authorization: ApiKey <API_KEY>' |
b. GET - Alerts Example
- The example below returns one alert from the first page of alerts in Optix
curl -X GET \ 'optix.sophos.com/.../alerts \ -H 'Authorization: ApiKey <API_KEY>' |
c. POST - IP Whitelist Example
- The example below shows how to add IP whitelist to Optix using data supplied directly on the command line
curl -X POST \ optix.sophos.com/.../whitelistIPs \ -H 'Authorization: ApiKey <API_KEY>' \ -H 'Content-Type: application/json' \ -d '{ "accountIds": null, "data": { "ips": [ "2.2.2.2", "3.3.3.3" ] } }' |
d. POST - IP Whitelist Example (using JSON file)
- The example below shows how to add IP whitelist to Optix using data supplied in a JSON file
# Create a JSON file with the following content
{
"accountIds": null,
"data": {
"ips": [
"2.2.2.2",
"3.3.3.3"
]
}
}
# Post the request and reference the JSON file. E.g. If the file is called "ipwhitelist.json"
curl -X POST \
optix.sophos.com/.../whitelistIPs \
-H 'Authorization: ApiKey <API_KEY>' \
-H 'Content-Type: application/json' \
-d @ipwhitelist.json
|
