Upload assets to the inventory

Cortex XSIAM Platform APIs
post /public_api/v1/asm_management/upload_asm_data

Upload domains (paid-level domains (PLD) and subdomains) and IPv4 address ranges. You can upload up to 500 IP address ranges or domains in each request.

You must have Instance Administrator permissions to run this endpoint.

Required license: Cortex XSIAM Premium or Cortex XSIAM Enterprise Plus. In Cortex XSIAM Enterprise and Cortex NG SIEM, requires the ASM add-on.

Request headers
Authorization String required

{api_key}
Example: authorization_example
x-xdr-auth-id String required

{api_key_id}
Example: xXdrAuthId_example
CLIENT REQUEST
curl -X 'POST'
-H 'Accept: application/json'
-H 'Content-Type: application/json'
-H 'Authorization: authorization_example' -H 'x-xdr-auth-id: xXdrAuthId_example'
'https://api-yourfqdn/public_api/v1/asm_management/upload_asm_data'
-d ''
import http.client conn = http.client.HTTPSConnection("api-yourfqdn") payload = "{\"request_data\":{\"request_type\":\"Addition\",\"asset_type\":\"ip_range\",\"asset_identifiers\":[\"string\"],\"business_units\":[\"string\"]}}" headers = { 'Authorization': "SOME_STRING_VALUE", 'x-xdr-auth-id': "SOME_STRING_VALUE", 'content-type': "application/json" } conn.request("POST", "/public_api/v1/asm_management/upload_asm_data", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
require 'uri' require 'net/http' require 'openssl' url = URI("https://api-yourfqdn/public_api/v1/asm_management/upload_asm_data") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE request = Net::HTTP::Post.new(url) request["Authorization"] = 'SOME_STRING_VALUE' request["x-xdr-auth-id"] = 'SOME_STRING_VALUE' request["content-type"] = 'application/json' request.body = "{\"request_data\":{\"request_type\":\"Addition\",\"asset_type\":\"ip_range\",\"asset_identifiers\":[\"string\"],\"business_units\":[\"string\"]}}" response = http.request(request) puts response.read_body
const data = JSON.stringify({ "request_data": { "request_type": "Addition", "asset_type": "ip_range", "asset_identifiers": [ "string" ], "business_units": [ "string" ] } }); const xhr = new XMLHttpRequest(); xhr.withCredentials = true; xhr.addEventListener("readystatechange", function () { if (this.readyState === this.DONE) { console.log(this.responseText); } }); xhr.open("POST", "https://api-yourfqdn/public_api/v1/asm_management/upload_asm_data"); xhr.setRequestHeader("Authorization", "SOME_STRING_VALUE"); xhr.setRequestHeader("x-xdr-auth-id", "SOME_STRING_VALUE"); xhr.setRequestHeader("content-type", "application/json"); xhr.send(data);
HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/asm_management/upload_asm_data") .header("Authorization", "SOME_STRING_VALUE") .header("x-xdr-auth-id", "SOME_STRING_VALUE") .header("content-type", "application/json") .body("{\"request_data\":{\"request_type\":\"Addition\",\"asset_type\":\"ip_range\",\"asset_identifiers\":[\"string\"],\"business_units\":[\"string\"]}}") .asString();
import Foundation let headers = [ "Authorization": "SOME_STRING_VALUE", "x-xdr-auth-id": "SOME_STRING_VALUE", "content-type": "application/json" ] let parameters = ["request_data": [ "request_type": "Addition", "asset_type": "ip_range", "asset_identifiers": ["string"], "business_units": ["string"] ]] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/asm_management/upload_asm_data")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "POST" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume()
<?php $curl = curl_init(); curl_setopt_array($curl, [ CURLOPT_URL => "https://api-yourfqdn/public_api/v1/asm_management/upload_asm_data", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => "{\"request_data\":{\"request_type\":\"Addition\",\"asset_type\":\"ip_range\",\"asset_identifiers\":[\"string\"],\"business_units\":[\"string\"]}}", CURLOPT_HTTPHEADER => [ "Authorization: SOME_STRING_VALUE", "content-type: application/json", "x-xdr-auth-id: SOME_STRING_VALUE" ], ]); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { echo "cURL Error #:" . $err; } else { echo $response; }
CURL *hnd = curl_easy_init(); curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST"); curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/asm_management/upload_asm_data"); struct curl_slist *headers = NULL; headers = curl_slist_append(headers, "Authorization: SOME_STRING_VALUE"); headers = curl_slist_append(headers, "x-xdr-auth-id: SOME_STRING_VALUE"); headers = curl_slist_append(headers, "content-type: application/json"); curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers); curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"request_type\":\"Addition\",\"asset_type\":\"ip_range\",\"asset_identifiers\":[\"string\"],\"business_units\":[\"string\"]}}"); CURLcode ret = curl_easy_perform(hnd);
var client = new RestClient("https://api-yourfqdn/public_api/v1/asm_management/upload_asm_data"); var request = new RestRequest(Method.POST); request.AddHeader("Authorization", "SOME_STRING_VALUE"); request.AddHeader("x-xdr-auth-id", "SOME_STRING_VALUE"); request.AddHeader("content-type", "application/json"); request.AddParameter("application/json", "{\"request_data\":{\"request_type\":\"Addition\",\"asset_type\":\"ip_range\",\"asset_identifiers\":[\"string\"],\"business_units\":[\"string\"]}}", ParameterType.RequestBody); IRestResponse response = client.Execute(request);
Body parameters
application/json
request_dataobject

A dictionary containing the API request fields.

request_typestring (Enum)required

The action to take on the specified assets. Currently only addition is supported, to add the assets to the inventory.

Allowed values:"Addition"
asset_typestring (Enum)required

The type of asset being added.

Allowed values:"ip_range""domain"
asset_identifiersarray[string]required

A list of one or more assets you want to add to the inventory in the specified asset type. For IP ranges, the accepted format is first-last or CIDR format. Individual IP addresses can be listed using either CIDR notation (for example, 8.8.8.8/32) or first-last format (for example, 8.8.8.8-8.8.8.8).

business_unitsarray[string]

List of business unit IDs or names that the assets will be applied to. If the business unit is not specified, the default is the top-level business unit.

REQUEST
{ "request_data": { "request_type": "Addition", "asset_type": "ip_range", "asset_identifiers": [ "192.84.12.55-192.84.12.68", "12.156.37.64/27" ] } }
{ "request_data": { "request_type": "Addition", "asset_type": "ip_range", "asset_identifiers": [ "192.84.12.55-192.84.12.68" ], "business_units": [ "BU:1", "BU:2" ] } }
{ "request_data": { "request_type": "Addition", "asset_type": "domain", "asset_identifiers": [ "netflix.com", "blockbuster.com" ] } }
{ "request_data": { "request_type": "Addition", "asset_type": "ip_range", "asset_identifiers": [ "192.84.12.55/32", "8.8.8.8-8.8.8.8" ] } }
Responses

OK

Body
application/json
replystring
RESPONSE
{ "reply": "succeeded" }

Bad Request

Body
application/json

The query result upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

Example:"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"
err_extrastring

Additional information describing the error.

RESPONSE
{ "err_code": "example", "err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}", "err_extra": "example" }

Unauthorized

Body
application/json

The query result upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

Example:"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"
err_extrastring

Additional information describing the error.

RESPONSE
{ "err_code": "example", "err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}", "err_extra": "example" }

Payment Required

Body
application/json

The query result upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

Example:"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"
err_extrastring

Additional information describing the error.

RESPONSE
{ "err_code": "example", "err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}", "err_extra": "example" }

Forbidden

Body
application/json

The query result upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

Example:"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"
err_extrastring

Additional information describing the error.

RESPONSE
{ "err_code": "example", "err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}", "err_extra": "example" }

Internal Server Error

Body
application/json

The query result upon error.

err_codestring

HTTP response code.

err_msgstring

Error message.

Example:"{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}"
err_extrastring

Additional information describing the error.

RESPONSE
{ "err_code": "example", "err_msg": "{\"line\": 1, \"column\": 19, \"message\": \"no viable alternative at input '|alter2'\"}", "err_extra": "example" }