Jump to Content
Home
Guides
API Reference
Changelog
v1.0
v2.0
Log In
API Reference
Log In
Moon (Dark Mode)
Sun (Light Mode)
Stable
Home
Guides
API Reference
Changelog
Create a widget.
Search
JUMP TO
EclecticIQ Platform API
Aggregations
Get an aggregation that counts entities per field values usages
get
Get an aggregation that counts uploaded-blobs per field values usages
get
CSVMappings
Delete a set of CSV Mappings referenced by IDs.
delete
Returns the list of CSV Mappings on the platform.
get
Create a CSV Mapping.
post
Create (or modify if the name already exists) one or more csv-mappings.
put
Get Entity supported fields in a CSV Mapping.
get
Delete a CSV Mapping by ID.
delete
Get a CSV Mapping by ID.
get
Update a CSV Mapping.
patch
Content Blocks
Get a list of content blocks.
get
Get a content block by ID.
get
Datasets
Delete a set of datasets referenced by IDs.
delete
Get a list of datasets.
get
Create a dataset.
post
Create (or update if the name already exists) one or more datasets.
put
Bulk delete entities from a dataset.
put
Add entities to a dataset by query.
post
Delete a dataset.
delete
Get a dataset by ID.
get
Update a dataset.
patch
Delete a dataset in a background task.
delete
Discovery Rules
Delete a set of discovery_rules referenced by IDs.
delete
Get a list of discovery rules.
get
Create a new discovery rule.
post
Create (or update if the name already exists) one or more discovery rules.
put
Delete an discovery rule by ID.
delete
Get an discovery rule by ID.
get
Edit an discovery rule by ID.
patch
Enrichers
Get a list of enrichers.
get
Create a new enricher.
post
Create (or modify if the name already exists) one or more enrichers.
put
Enriches all given extracts and/or entities with a list of enrichers.
post
Get an enricher by ID.
get
Modify an enricher.
patch
Enrichment Rules
Delete a set of enrichment rules referenced by IDs.
delete
Get a list of enrichment rules.
get
Create a new enrichment rule.
post
Create (or update if the name already exists) one or more enrichment rules.
put
Delete an enrichment rule by ID.
delete
Get an enrichment rule by ID.
get
Edit an enrichment rule by ID.
patch
Entities
Delete a set of entities referenced by internal or STIX IDs.
delete
Get a list of entities.
get
Create an entity.
post
Create (or update/create a new version if the STIX ID already exists) one or more entities.
put
Delete the entities that match the specified search query.
post
Enrich entities by search query
post
Export the entities that match the specified search query.
post
Invoke a relational search query.
post
Applies a change to the entities that match the specified search query.
post
Delete an entity by ID.
delete
Get an entity by ID.
get
Update an entity by ID.
patch
Entity Attachments
Get content of an entity attachment by ID.
get
Entity Rules
Delete a set of entity rules referenced by IDs.
delete
Get a list of entity rules.
get
Create a new entity rule.
post
Create (or update if the name already exists) one or more entity rules.
put
Delete an entity rule by ID.
delete
Get an entity rule by ID.
get
Edit an entity rule by ID.
patch
Export Blocks
Get content of an export block by ID.
get
Files
Delete a set of entity attachments referenced by IDs.
delete
Delete a set of files referenced by IDs.
delete
Get a list of entity attachments.
get
Get a list of workspace files.
get
Create a new entity attachment.
post
Create a new file in a workspace.
post
Delete an entity attachment by ID.
delete
Delete a workspace file by ID.
delete
Get an entity attachment by ID.
get
Get a workspace file by ID.
get
Get content of a file by ID.
get
Download an entity attachment by ID.
get
Download a file by ID.
get
Groups
Delete a set of groups referenced by IDs.
delete
Returns a list of the groups on the platform.
get
Create a group.
post
Create (or modify if the name already exists) one or more groups.
put
Delete a group by ID.
delete
Get a group by ID.
get
Update a group.
patch
Incoming feeds
Delete a set of incoming feeds referenced by IDs.
delete
Get a list of incoming feeds.
get
Configure a new incoming feed.
post
Create (or update if the name already exists) an incoming feed.
put
Delete an incoming feed configuration by ID.
delete
Get an incoming feed by ID.
get
Edit an incoming feed configuration by ID.
patch
Knowledge Packs
Returns a list of knowledge packs.
get
Create a new knowledge pack.
post
Create (or modify if already exists) one or more knowledge packs.
put
Delete a knowledge pack as publisher.
delete
Get a Knowledge Pack by ID.
get
Update a knowledge pack.
patch
MITRE Attacks
Delete a set of Attack Analysis referenced by IDs.
delete
Get a list of Attack Analyses.
get
Create an Attack Analysis.
post
Delete a dataset from the scope of an Attack Analysis.
delete
Add a dataset to the scope of an Attack Analysis.
put
Bulk delete entities from the scope of an Attack Analysis.
delete
Bulk add entities to the scope of an Attack Analysis.
put
Delete an Attack Analysis by ID.
delete
Get an Attack Analysis by ID.
get
Update an Attack Analysis by ID.
patch
Get a list of Attack Analysis Annotations.
get
Create an Attack Analysis Annotation.
post
Create (or update) one or more Attack Analysis Annotations.
put
Delete an Attack Analysis Annotation by ID.
delete
Get an Attack Analysis Annotation by ID.
get
Update an Attack Analysis Annotation by ID.
patch
Get a list of MITRE Attack Defense Relationships.
get
Get a list of MITRE Attack Defenses.
get
Get a list of MITRE Attacks.
get
Get MITRE Attack by ID.
get
Observable Rules
Delete a set of observable rules referenced by IDs.
delete
Get a list of observable rules.
get
Create a new observable rule.
post
Create (or update if the name already exists) one or more observable rules.
put
Delete an observable rule by ID.
delete
Get an observable rule by ID.
get
Edit an observable rule by ID.
patch
Observables
Delete a set of observables referenced by IDs.
delete
Get a list of observables.
get
Create a new observable.
post
Create (or update if the (`type`, `value`) pair already exists) one or more observables.
put
Delete the extracts that match the specified search query. Only extracts matching the query are deleted.
post
Enrich the extracts that match the specified search query.
post
Export the extracts that match the specified search query.
post
Update risk score of extracts that match the specified search query and create score update records.
post
Update the extracts that match the specified search query.
post
Delete an observable by ID.
delete
Get an observable by ID.
get
Edit an observable by ID.
patch
Get a history of risk score changes for an observable.
get
Create an observable risk score update.
post
Outgoing feeds
Delete a set of outgoing feeds referenced by IDs.
delete
Get a list of outgoing feeds.
get
Configure a new outgoing feed.
post
Create (or update if the name already exists) one or more outgoing feeds.
put
Delete an outgoing feed configuration by ID.
delete
Get an outgoing feed by ID.
get
Edit an outgoing feed configuration by ID.
patch
Permissions
Returns a list of permissions on the platform.
get
Get a user permission by ID.
get
Relation
Generic endpoint for bulk deleting relations based on "main object" type and id and related objects type and ids (provided in request body).
delete
Generic endpoint for bulk adding relations based on "main object" type and id and related objects type and ids (provided in request body).
put
Generic endpoint for deleting a relation based on "main object" type and id and related object type and id.
delete
Generic endpoint for adding a relation based on "main object" type and id and related object type and id.
put
Relationships
Delete relationships based on source and/or target.
delete
Get a list of relationships.
get
Create a relationship.
post
Create (or update) one or more relationships.
put
Delete a relationship by ID.
delete
Get a relationship by ID.
get
Update a relationship by ID.
patch
Roles
Delete a set of roles referenced by IDs.
delete
Returns a list of roles on the platform.
get
Create a role.
post
Create (or modify if the name already exists) one or more roles.
put
Delete a role by ID.
delete
Get a role by ID.
get
Update a role.
patch
Sources
Get a list of all sources.
get
Get an source by ID.
get
Tasks
Get a list of tasks.
get
Get a list of task runs.
get
Run a task.
post
Get a task run group by ID.
get
Stop a task execution by task run ID.
delete
Get a task run by ID.
get
Get a task by ID.
get
Edit a task by ID.
patch
Taxonomies
Delete a set of taxonomies nodes referenced by IDs.
delete
Get a list of taxonomies.
get
Create taxonomy nodes by specifying a single node or a node path.
post
Create taxonomy nodes by specifying a single node or a node path.
put
Delete a taxonomy node or a sub-tree.
delete
Get a taxonomy node by ID.
get
Update a taxonomy node.
patch
Ticket Comments
Get a ticket comment by ID.
get
Create a comment on a ticket.
post
Tickets
Delete a set of tickets referenced by IDs.
delete
Get a list of all tickets.
get
Create a ticket.
post
Delete a ticket by ID.
delete
Get a ticket by ID.
get
Update a ticket by ID.
patch
Uploaded Blobs
Get a list of uploaded blobs.
get
Upload a new blob.
post
Delete blobs referenced by IDs.
post
Get an uploaded blob by ID.
get
Users
Returns a list of users on the platform.
get
Create a user.
post
Create (or update if the name already exists) one or more users.
put
Get a user by ID.
get
Update a user.
patch
Workspace Comments
Delete a set of workspace comments referenced by IDs.
delete
Delete a workspace comment by ID.
delete
Get a workspace comment by ID.
get
Modify a workspace comment by ID.
patch
Get the content of the comments of a workspace.
get
Create a new workspace comment.
post
Workspaces
Delete a set of workspaces referenced by IDs.
delete
Get a list of workspaces.
get
Create a new workspace.
post
Create (or update if the name already exists) one or more workspaces.
put
Delete a workspace by ID.
delete
Get a workspace by ID.
get
Edit a workspace by ID.
patch
Dashboards
Delete a set of dashboards referenced by IDs.
delete
Get a list of Dashboards.
get
Create a dashboard.
post
Delete a dashboard.
delete
Get a dashboard by ID.
get
Update a dashboard.
patch
Get a list of Overview Dashboards.
get
Create overview dashboard.
post
Delete an overview dashboard.
delete
Update Overview dashboard.
patch
Delete a set of widgets referenced by IDs.
delete
Get a list of widgets.
get
Create a widget.
post
Delete a widget.
delete
Get a widget by ID.
get
Update a widget.
patch
Get the widget dark thumbnail as binary.
get
Get the widget light thumbnail as binary.
get
Malware Sandbox
Get a list of Detonation Task
get
Get a Detonator Task by an ID
get
Update the detonation Task by an ID
patch
Delete a set of Sandbox Detonations referenced by IDs
delete
Get a list of Sandbox Detonations
get
Create Sandbox Detonation
post
Delete a Sandbox Detonations
delete
Get a Sandbox Detonation details by an ID
get
Get the Detonation Result by sandbox detonation ID
get
Intelligence Requirement Matches
Delete a set of matches between an entity and an intelligence requirement referenced by IDs.
delete
Get a list of intelligence requirement matches to an entity.
get
Create a new match object between an enity and an intelligence requirement.
post
Create (or update if the (entity_id, intel_requirement_id) combination already exists) one or more Intelligence Requirement Match objects.
put
Delete a match between an entity and an intelligence requirement by ID.
delete
Get an intelligence requirement match by ID.
get
Observable Risk Score
Get a list of risk score decay settings.
get
Create or update (if a setting for such observable type already exists) one or more risk score decay settings.
put
Get a list of risk score policies.
get
Create a risk score policy.
post
Create (or update if the name already exists) one or more policies.
put
Delete a risk score policy by ID.
delete
Get a risk score policy by ID
get
Edit a risk score policy by ID.
patch
Get a list of parameters for a policy.
get
Get a policy parameter by ID.
get
Edit a policy parameter by ID.
patch
Delete a set of parameter values by ID.
delete
Get a parameter values list.
get
Create a new parameter value.
post
Create or update one or more parameter values.
put
Delete a parameter value by ID.
delete
Get a parameter value by ID.
get
Edit a parameter value by ID.
patch
Preview a result of a risk score policy by ID run for a batch of up to 100 of extracts matching provided query.
post
Intelligence Requirements
Delete a set of intelligence requirements referenced by IDs.
delete
Get a list of intelligence requirements.
get
Create a new intelligence requirement.
post
Create (or update if the name already exists) one or more intelligence requirements.
put
Delete an intelligence requirement by ID.
delete
Get an intelligence requirement by ID.
get
Edit an Intelligence requirement by ID.
patch
Powered by
Create a widget.
post
https://ic-playground.eclecticiq.com/api/v2/widgets
Language
Shell
Node
Ruby
PHP
Python
Credentials
Bearer
RESPONSE
Click
Try It!
to start a request and see the response here!
