post
/public_api/v1/issue/schema/
This endpoint retrieves the schema definition for issues, including core fields, normalized fields, and custom fields. Each field includes its name, pretty name, and data type.
Required license: Cortex XSIAM Premium or Cortex XSIAM Enterprise or Cortex XSIAM NG SIEM or Cortex XSIAM Enterprise Plus.
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json'
'https://api-yourfqdn/public_api/v1/issue/schema/'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
conn.request("POST", "/public_api/v1/issue/schema/")
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v1/issue/schema/")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
response = http.request(request)
puts response.read_bodyconst data = null;
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/v1/issue/schema/");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/issue/schema/")
.asString();import Foundation
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/issue/schema/")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v1/issue/schema/",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/issue/schema/");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v1/issue/schema/");
var request = new RestRequest(Method.POST);
IRestResponse response = client.Execute(request);Responses
Successful response with issue schema
Body
application/json
replyobject
DATAarray
[field_namestring
field_pretty_namestring
data_typestring
]
field_namestring
Example:
"xdm.issue.name"field_pretty_namestring
Example:
"Name"data_typestring
Example:
"TEXT"RESPONSE
{
"reply": {
"DATA": [
{
"field_name": "_insert_time",
"field_pretty_name": "Insert Time",
"data_type": "TIMESTAMP"
},
{
"field_name": "xdm.issue.id",
"field_pretty_name": "Issue Id",
"data_type": "INT"
},
{
"field_name": "xdm.issue.name",
"field_pretty_name": "Name",
"data_type": "TEXT"
},
{
"field_name": "xdm.issue.is_starred",
"field_pretty_name": "Is Starred",
"data_type": "BOOLEAN"
},
{
"field_name": "xdm.vulnerability.cvss_score",
"field_pretty_name": "CVSS Score",
"data_type": "FLOAT"
},
{
"field_name": "xdm.source.host.os_family",
"field_pretty_name": "Source Host OS Family",
"data_type": "ENUM"
},
{
"field_name": "my_custom_field",
"field_pretty_name": "My Custom Field",
"data_type": "TEXT"
}
]
}
}Unauthorized access
Body
application/json
errorstring
Example:
"Unauthorized request"RESPONSE
{
"error": "Unauthorized request"
}Internal server error
Body
application/json
errorstring
Example:
"Internal server error"RESPONSE
{
"error": "Internal server error"
}