-
Notifications
You must be signed in to change notification settings - Fork 472
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add threat intel source apis for create delete get search operations #7847
Conversation
Thank you for submitting your PR. The PR states are In progress (or Draft) -> Tech review -> Doc review -> Editorial review -> Merged. Before you submit your PR for doc review, make sure the content is technically accurate. If you need help finding a tech reviewer, tag a maintainer. When you're ready for doc review, tag the assignee of this PR. The doc reviewer may push edits to the PR directly or leave comments and editorial suggestions for you to address (let us know in a comment if you have a preference). The doc reviewer will arrange for an editorial review. |
@AWSHurneyt plz review |
"bucket_name": "threat-intel-s3-test-bucket", | ||
"object_key": "alltypess3object", | ||
"region": "us-west-2", | ||
"role_arn": "arn:aws:iam::248279774929:role/threat_intel_s3_test_role" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we instead use a placeholder here like <ROLE_ARN>
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. It's a dummy aws account but will let @Naarcha-AWS and @hdhalter recommned the right practice.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm okay with a dummy account, personally.
|
||
# Threat Intelligence Source Configuration APIs | ||
|
||
The following APIs can be used for tasks related to threat intelligence source configurations. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@eirsep Would it be helpful to define what a source
is for our purposes?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Started off with the APIs
Once that's done, similar to detectors, I will define entities and detail them out in another commit to this PR
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
added a page for Threat intel overview plz check
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice job, @eirsep! I entered a few suggestion so you can see what we are looking for in a more thorough doc review. Thanks.
_security-analytics/api-tools/threat-intel/threat-intel-source.md
Outdated
Show resolved
Hide resolved
_security-analytics/api-tools/threat-intel/threat-intel-source.md
Outdated
Show resolved
Hide resolved
_security-analytics/api-tools/threat-intel/threat-intel-source.md
Outdated
Show resolved
Hide resolved
|
||
# Threat Intelligence Source Configuration APIs | ||
|
||
The following APIs can be used for tasks related to threat intelligence source configurations. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The following APIs can be used for tasks related to threat intelligence source configurations. | |
You can use threat intelligence source API to configure tasks related to threat intelligence sources. |
_security-analytics/api-tools/threat-intel/threat-intel-source.md
Outdated
Show resolved
Hide resolved
--- | ||
## Create Threat intel source API | ||
|
||
Creates a new threat intel source. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Creates a new threat intel source. | |
The following command creates a new threat intelligence source. |
_security-analytics/api-tools/threat-intel/threat-intel-source.md
Outdated
Show resolved
Hide resolved
_security-analytics/api-tools/threat-intel/threat-intel-source.md
Outdated
Show resolved
Hide resolved
_security-analytics/api-tools/threat-intel/threat-intel-source.md
Outdated
Show resolved
Hide resolved
_security-analytics/api-tools/threat-intel/threat-intel-source.md
Outdated
Show resolved
Hide resolved
@AWSHurneyt what documentation should we add related to the S3 Role ARN on what needs to be configured? |
@AWSHurneyt @Naarcha-AWS plz review |
Signed-off-by: Surya Sashank Nistala <[email protected]>
Signed-off-by: Surya Sashank Nistala <[email protected]>
Co-authored-by: Heather Halter <[email protected]> Signed-off-by: Surya Sashank Nistala <[email protected]>
Co-authored-by: Heather Halter <[email protected]> Signed-off-by: Surya Sashank Nistala <[email protected]>
Co-authored-by: Heather Halter <[email protected]> Signed-off-by: Surya Sashank Nistala <[email protected]>
Co-authored-by: Heather Halter <[email protected]> Signed-off-by: Surya Sashank Nistala <[email protected]>
Co-authored-by: Heather Halter <[email protected]> Signed-off-by: Surya Sashank Nistala <[email protected]>
Co-authored-by: Heather Halter <[email protected]> Signed-off-by: Surya Sashank Nistala <[email protected]>
Co-authored-by: Heather Halter <[email protected]> Signed-off-by: Surya Sashank Nistala <[email protected]>
Co-authored-by: Heather Halter <[email protected]> Signed-off-by: Surya Sashank Nistala <[email protected]>
Signed-off-by: Surya Sashank Nistala <[email protected]>
Signed-off-by: Surya Sashank Nistala <[email protected]>
Signed-off-by: Surya Sashank Nistala <[email protected]>
Signed-off-by: Surya Sashank Nistala <[email protected]>
Closing in favor of #7905 |
Description
added threat intel source apis for create delete get search operations
Issues Resolved
Closes #7714
Version
2.16
Checklist
For more information on following Developer Certificate of Origin and signing off your commits, please check here.