Management, Networking, Logging and Reporting UTM API Log Search Capability

UTM Firewall requires membership for participation - click to join

Thread Info

State Suggested Answer
Locked Locked
Replies 3 replies
Answers 1 answer
Subscribers 4 subscribers
Views 1705 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM API Log Search Capability

Ryan Miller2 over 4 years ago

Does the UTM API have the ability to take a list of URLs/IPs/Domains in TXT or CSV, and run it against the logs?

This thread was automatically locked due to age.

Top Replies

Ryan Miller2 over 4 years ago in reply to BAlfson +1 suggested

I know there's a remote syslog function, but I would much rather pull than push. Anyway, I poured over the swagger API docs and it's clear that the API is for administration only.

0 BAlfson over 4 years ago

Hi Ryan and welcome to the UTM Community!

What are you hoping to get out of doing what you suggest? If the answer to your API question isn't positive (I don't know), maybe there's another way to approach this.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 Ryan Miller2 over 4 years ago in reply to BAlfson

Threat hunting using IoC's from various CTI platforms. I run them through Threat Search but the journaling is a little selective, but my 135 has logs going back a couple of years and is comprehensive. I need bulk search capability.
Cancel
Vote Up 0 Vote Down

Cancel
0 Ryan Miller2 over 4 years ago in reply to BAlfson

I know there's a remote syslog function, but I would much rather pull than push. Anyway, I poured over the swagger API docs and it's clear that the API is for administration only.
Cancel
Vote Up +1 Vote Down

Cancel