|
1. Enable API on your Sophos Cloud Optix Account
2. Authentication/Authorization
curl -X GET \ optix.sophos.com/.../whitelistIPs \ -H 'Authorization: ApiKey <API_KEY>' |
3. API Examples
a. GET - Alert Count Example
- The example below gets the unfiltered alert count in Optix
curl -X GET \ optix.sophos.com/.../count \ -H 'Authorization: ApiKey <API_KEY>' |
- The example below gets a filtered list of suppressed alerts in Optix
curl -X GET \ 'optix.sophos.com/.../count \ -H 'Authorization: ApiKey <API_KEY>' |
- The example below gives a filtered list of Azure CIS alerts on Optix
curl -X GET \ 'optix.sophos.com/.../count \ -H 'Authorization: ApiKey <API_KEY>' |
b. GET - Alerts Example
- The example below returns one alert from the first page of alerts in Optix
curl -X GET \ 'optix.sophos.com/.../alerts \ -H 'Authorization: ApiKey <API_KEY>' |
c. POST - IP Whitelist Example
- The example below shows how to add IP whitelist to Optix using data supplied directly on the command line
curl -X POST \ optix.sophos.com/.../whitelistIPs \ -H 'Authorization: ApiKey <API_KEY>' \ -H 'Content-Type: application/json' \ -d '{ "accountIds": null, "data": { "ips": [ "2.2.2.2", "3.3.3.3" ] } }' |
d. POST - IP Whitelist Example (using JSON file)
- The example below shows how to add IP whitelist to Optix using data supplied in a JSON file
# Create a JSON file with the following content { "accountIds": null, "data": { "ips": [ "2.2.2.2", "3.3.3.3" ] } } # Post the request and reference the JSON file. E.g. If the file is called "ipwhitelist.json" curl -X POST \ optix.sophos.com/.../whitelistIPs \ -H 'Authorization: ApiKey <API_KEY>' \ -H 'Content-Type: application/json' \ -d @ipwhitelist.json |