cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

API logging and profiles

Hello ! 

Customer is concerned about API logging, generally they want to see logs from API requests/responses in TE blade log in SmartLog. Is that possible ?  If not, what is the way to get similar logging ? (Verdict, filename, malware, etc).

Another question is about NGTX profile - how to apply it to API requests ? 

Thanks in advance !

7 Replies
Admin
Admin

Re: API logging and profiles

Are you querying against the API on a local Threat Emulation appliance or ThreatCloud? 

For a local Threat Emulation appliance, this information should log the same way as if a gateway generated the request.

See also: /var/log/huntress_api_logs 

For ThreatCloud, I'm not sure that's possible.

For your second question, I'm not sure I understand, can you clarify?

Re: API logging and profiles

We are quering local TE appliance.

Regarding second question - how do we define protection profile for API queries ?

Just like we do for protection scope in Threat Prevention tab, or differently ? 

0 Kudos
Admin
Admin

Re: API logging and profiles

Profiles do not apply to API calls.

It is up to the application calling the API to determine what to do with the result of the API call.

Re: API logging and profiles

Thank you for quick reply!

But then how do we define emulation environment for API calls ?

0 Kudos
Admin
Admin

Re: API logging and profiles

The images you wish to emulate against are specified in the API call.

0 Kudos

Re: API logging and profiles

We are quering local TE appliance.

Regarding second question - how do we define protection profile for API queries ?

Just like we do for protection scope in Threat Prevention tab, or differently ?  Thanks for This MAmazing Forum.

0 Kudos
Admin
Admin

Re: API logging and profiles

Threat Prevention profiles don't make sense when you're calling the API directly, which gives you the raw verdict on a given file.

The actual enforcement decision/logic lies elsewhere in this case.