API
How to Retrieve Software Bill of Materials (SBOM) Using the Uptycs API: A Step-by-Step Guide
To get SBOM(Software Bill of Material) information for your resource through Uptycs API, follow below step → Obtain Access Keys: • Login to the Uptycs console • Go to Account Settings • Create an API Key • Download the API Key in JSON format. For ...
How to configure Query job API in service now
Steps : Submit query job with POST /queryJobs , get the job id in response Poll query job with GET /queryJobs/{job_id} , if status received is “FINISHED“, go to next step. Get query job results with GET /queryjobs/${job_id}/results. Add A REST ...
API calling via Swagger
Go To the "Account Settings". Click the "CREATE" button to generate API keys, which will be downloaded in JSON format. The downloaded JSON will contain information such as customerId, API key, API Secret, Domain, DomainSuffix, and other relevant ...
Generate JWT Token using PowerShell CMDLETS
With just PowerShell Cmdlets, you can generate a Bearer Auth Token using the following steps. # please install JWT module in PowerShell Install-Module JWT # cmdlet to generate JWT Token New-Jwt -Header '{"alg": "HS256", "typ": "JWT"}' -PayloadJson ...
Python script to delete asset by providing the hostname
To use this python script, place the API credentials json file and this script in the same folder and run this script from that folder. Inputs to this script : fileName of the JSON Credentials file HostName of asset to be deleted External modules ...
Uptycs APIs to get the list of vulnerabilities for a Host, CVE or Package
This document outlines the APIs required to retrieve the vulnerability data for a given host / CVE / package. Sample python scripts attached to this document (vulnerabilities_api_sample.zip): The attached package contains a list of sample python ...
Delete assets offline since a particular date using the API
This script / procedure outlines the process to delete assets which have been offline before a particular date. Prerequisite tools iusql urestapi Procedure Download api key from Uptycs UI Download attached script, delete_offline_assets_since.sh ...
Create AWS Integration account from CLI
aws_cloud_account_create.py Usage: python3 cloud_account_create.py <uptycs_apikey_file> <account_name> <service_list_file.json> [--domainsuffix <domain>] Example: python3 aws_cloud_account_create.py john_apikey.json perf_test ...
How to check Audit logs under upi_api_audit_logs
The article contains useful queries about how to use the upt_api_audit_logs to capture audit log events. The api_name column in the table suggests how the api call was made. the following are the different values that can be present: Api call Query ...
Create Custom Threat Source using API
The article includes the API query to create and update the threat source. We support uploading CSV as of now. To create Threat source: curl --location --request POST ...
Delete duplicate assets using the API
Duplicate asset (hostname) on Uptycs platform could be a result of particular asset being in rotation or being used a a loaner laptop in which case, uuid of the asset remains the same and the asset is recorded under different hostnames. Following ...
Provisioning roles using API
Overview Starting with Uptycs portal release 46025, Uptycs provides entity level granular user permissions through roles. This document outlines the process to create roles using API - with examples. Procedure -- Create a new role $ urestapi -k ...
API: Scheduled Queries
Following is an example for creating Scheduled Queries scheduledquery.json { "name": "Test query scheduled 10", "type": "scheduled", "description": "demo query", "query": "SELECT pid FROM processes where upt_server_time between :from and :to LIMIT ...
Create Custom Event Exclusion Profile via API
It may be a lengthy process to create an event exclusion profile with many entries using the GUI. This article shows how to create two custom event exclusion profiles via the API. The urestapi tool is used (https://pypi.org/project/urestapi/). ...
Python helper module for Uptycs API
The attached helper module (uptapi.py) and demo program (uptdemo.py) show how to access Uptycs API from Python 3.
Uptycs Alert Triggers API Call
This python module can be run to trigger Uptycs API calls from Uptycs alerts. Example: An alert is configured to fire when asset location is not in USA (possible GDPR issue). This python can then be run to automatically make an API call to disable ...
Creating and testing multiple similar alerts using API
This article shows how to create or update multiple Alert Rules using SQL script with up to 4 parameters. Save SQL script in a separate file. The script can have up to 4 variables Edit the config file and update all variables as needed. The script ...
Announcements
Release notes-Release 106069
June 2, 2022 XDR New Feature Global Threat Intelligence (GTI) Uptycs GTI feature for the Security/SOC analyst to identify threat indicators such as bad IP addresses or suspicious domains, along with evidential data and insightful information from various
Release notes-Release 105051
May 15, 2022 XDR Enhancements Support to attach global rule exceptions to event rules and alert rules automatically based on matching table name. For more information, see Global Rule Exceptions. Kubernetes Security Posture Management (KSPM) Enhancements
Release notes-Release 104065
April 29, 2022 SaaS New Feature Zero Trust Score Capability to specify severity for a compliance check per OS. When a compliance check runs on an endpoint, a zero trust score is calculated by the pass/fail status of the compliance check and the specified
Release notes-Release 103055
April 10, 2022 SaaS New Feature Exploit Tracker New dashboards to monitor Spring Shell and Spring Cloud vulnerabilities. For more information, see Exploit Tracker. Enhancements Bulk enable, disable, or delete Global Rule Exceptions. For more information,
Release notes-Release 102039
March 27, 2022 SaaS New Feature Managed Anti-virus (AV) Dashboard - Beta Managed AV dashboards to monitor Windows defender status and threat history of Windows endpoints. For more information, see Managed AV Dashboards. New Feature Disk Scans - Beta