Create Custom Threat Source using API

Create Custom Threat Source using API

The article includes the API query to create and update the threat source.

We support uploading CSV as of now.
To create Threat source:
curl --location --request POST 'https://app.uptycs.io/public/api/customers/11111111-1111-1111-1111-111111111111/threatSources' \
--header 'Authorization: Bearer XXXXXXXXXX' \
--form 'name=Uptycs test' \
--form 'description=Uptycs description' \
--form 'file=@/Users/XXXX/Documents/threats.csv'



To add more indicators for above threat source, USE id of threat source in the below call:
curl --location --request POST 'https://app.uptycs.io/public/api/customers/11111111-1111-1111-1111-111111111111/threatSources/0a6b4175-d347-4827-8f9e-bbd3c73a00c4/threatIndicators' \
--header 'Authorization: Bearer XXXX' \
--form 'file=@/Users/XXXXXXX/Documents/threats.csv'


Please contact us at support@uptycs.com for any further issues


    • Related Articles

    • Create Custom Event Exclusion Profile via API

      It may be a lengthy process to create an event exclusion profile with many entries using the GUI. This article shows how to create two custom event exclusion profiles via the API. The urestapi tool is used (https://pypi.org/project/urestapi/).  ...
    • Provisioning roles using API

      Overview Starting with Uptycs portal release 46025, Uptycs provides entity level granular user permissions through roles. This document outlines the process to create roles using API - with examples. Procedure -- Create a new role $ urestapi -k ...
    • Create AWS Integration account from CLI

      aws_cloud_account_create.py Usage:   python3 cloud_account_create.py <uptycs_apikey_file> <account_name> <service_list_file.json> [--domainsuffix <domain>] Example: python3 aws_cloud_account_create.py john_apikey.json perf_test ...
    • Creating and testing multiple similar alerts using API

      This article shows how to create or update multiple Alert Rules using SQL script with up to 4 parameters. Save SQL script in a separate file.  The script can have up to 4 variables Edit the config file and update all variables as needed. The script ...
    • Delete duplicate assets using the API

      Duplicate asset (hostname) on Uptycs platform could be a result of particular asset being in rotation or being used a a loaner laptop in which case, uuid of the asset remains the same and the asset is recorded under different hostnames. Following ...