| Parameter | Type | Default Value | Description |
|---|---|---|---|
query |
string | [no filter] | The TinyQ language filter that specifies a subset of all available records. |
field |
string | not present | The name or names of fields whose values are to be returned. The field item may appear zero or more times in the URI query parameters. A single value of "[none]" indicates return only metadata. The absence of any field parameter indicates return all field values, |
page |
integer | 1 | The 1-based offset into the total records based on page size. Actual offset is (page - 1) * pagesize. |
pagesize |
integer | [unlimited] | The maximum number of object records to return as a result of the request. |
| Object type: page | |
|---|---|
| A container for one or more objects in the result listing. There may be multiple pages in a listing if a page size is specified that is less than the total number of objects in the listing. | |
| Field | Description |
| next | A URL addressing the subsequent page of objects in the total set of available objects. |
| objects | The list of objects returned in the page of results. |
| prev | A URL addressing the previous page of objects in the total set of available objects. |
| Object type: role | |
|---|---|
| A UserGroup, or Role, defines permissions and other information that user accounts may have. User accounts gain permissions by virtue of role membership. | |
| Field | Description |
| all-events | If true, users belong to this role may view all events unfiltered, including system events. If false, the filter value is applied limiting the events role members may view. |
| createdate | The date and time when the object was created. |
| creator | The URL of the Sentinel User object that represents the creator of the object. |
| desc | A short description of the Role to help users understand the Role's purpose. |
| filter | The filter that is applied to event searches performed by users belonging to this role. The event filter is only applied if all-events is false. |
| isadmin | If true, indicates that members of this role have administrator privileges. |
| members | A list of references to user objects that are members of this role. |
| meta | The metadata for an object, including the object type name and the URL reference to the object. Definition |
| moddate | The date and time when the object was last modified. |
| modifier | The URL of the Sentinel User object that represents the last modifier of the object. |
| name | The name by which the Role is referred to in the user interface and APIs. |
| perms | The collection of permission definitions assigned to this role. Definition |
| readonly | If true, indicates that this role may not be modified. |
| search-initiators | A list of references to any search initiator objects that are associated with this role for the purposes of Distributed Search. |
| tags | A list of tag names that are associated with this role. |
| Object type: meta | |
|---|---|
| The metadata for an object, including the object type name and the URL reference to the object. | |
| Field | Description |
| @href | The URL reference to the object. |
| type | The name of the object type |
| Object type: group-perm | |
|---|---|
| A UserGroupPermission object associates a Permission with a UserGroup and defines whether the UserGroup grants or denies the privilege associated with the Permission. | |
| Field | Description |
| def | The URL of the Permission object that is associated with the UserGroup by the UserGroupPermission object. |
| name | The name of the Permission object associated with the UserGroup object. |
| value | The value assigned to the UserGroup-Permission relationship. Currently only "true" and "false" are supported, and imply "GRANT" and "DENY", respectively. |
GET https://164.99.19.131:8443/SentinelRESTServices/objects/role?page=2&pagesize=1
{
"objects":[
{
"meta":{
"type":"role",
"@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/role/79600390-9B73-102E-A3E2-001676E4A757"
},
"moddate":"2012-04-25T13:33:44.703Z",
"desc":"This role is intended to be used for our company's internal network administrators that need access to collected Sentinel events relating to the internal network.",
"all-events":false,
"name":"Internal Network Administrator",
"createdate":"2012-04-25T13:33:44.703Z",
"readonly":false,
"isadmin":false,
"filter":"rv145:\"Network\"",
"tags":[
"PCI"
],
"perms":[
{
"name":"shareFilters",
"value":"true",
"def":{
"@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/permission/shareFilters"
}
}
],
"members":[
"https://164.99.19.131:8443/SentinelRESTServices/objects/user/42"
],
"search-initiators":[
"https://164.99.19.131:8443/SentinelRESTServices/objects/search-initiator/79600390-9B73-102E-A3E2-001676E4A757"
]
}
],
"prev":{
"@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/role?pagesize=1&page=1"
},
"next":{
"@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/role?pagesize=1&page=3"
}
}
| Object type: role | ||
|---|---|---|
| A UserGroup, or Role, defines permissions and other information that user accounts may have. User accounts gain permissions by virtue of role membership. | ||
| Field | Required | Description |
| all-events | false | If true, users belong to this role may view all events unfiltered, including system events. If false, the filter value is applied limiting the events role members may view. |
| desc | false | A short description of the Role to help users understand the Role's purpose. |
| filter | false | The filter that is applied to event searches performed by users belonging to this role. The event filter is only applied if all-events is false. |
| members | false | A list of references to user objects that are members of this role. |
| name | true | The name by which the Role is referred to in the user interface and APIs. |
| perms | false | The collection of permission definitions assigned to this role. Definition |
| tags | false | A list of tag names that are associated with this role. |
| Object type: meta | ||
|---|---|---|
| The metadata for an object, including the object type name and the URL reference to the object. | ||
| Field | Required | Description |
| @href | false | The URL reference to the object. |
| type | false | The name of the object type |
| Object type: group-perm | ||
|---|---|---|
| A UserGroupPermission object associates a Permission with a UserGroup and defines whether the UserGroup grants or denies the privilege associated with the Permission. | ||
| Field | Required | Description |
| def | false | The URL of the Permission object that is associated with the UserGroup by the UserGroupPermission object. |
| name | true | The name of the Permission object associated with the UserGroup object. |
| value | false | The value assigned to the UserGroup-Permission relationship. Currently only "true" and "false" are supported, and imply "GRANT" and "DENY", respectively. |
| Object type: | |
|---|---|
| The metadata representation of the newly-created role object, including the URL reference to the new object. | |
| Field | Description |
| meta | The metadata for an object, including the object type name and the URL reference to the object. Definition |
| Object type: meta | |
|---|---|
| The metadata for an object, including the object type name and the URL reference to the object. | |
| Field | Description |
| @href | The URL reference to the object. |
| type | The name of the object type |
| Object type: group-perm | |
|---|---|
| A UserGroupPermission object associates a Permission with a UserGroup and defines whether the UserGroup grants or denies the privilege associated with the Permission. | |
| Field | Description |
| def | The URL of the Permission object that is associated with the UserGroup by the UserGroupPermission object. |
| name | The name of the Permission object associated with the UserGroup object. |
| value | The value assigned to the UserGroup-Permission relationship. Currently only "true" and "false" are supported, and imply "GRANT" and "DENY", respectively. |
POST https://164.99.19.131:8443/SentinelRESTServices/objects/role
{
"desc":"This role is intended to be used for our company's internal network administrators that need access to collected Sentinel events relating to the internal network.",
"all-events":false,
"name":"Internal Network Administrator",
"filter":"rv145:\"Network\"",
"tags":[
"PCI"
],
"perms":[
{
"name":"shareFilters",
"value":"true",
"def":{
"@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/permission/shareFilters"
}
}
],
"members":[
"https://164.99.19.131:8443/SentinelRESTServices/objects/user/42"
]
}
Location:https://164.99.19.131:8443/SentinelRESTServices/objects/role/79600390-9B73-102E-A3E2-001676E4A757
{
"meta":{
"type":"role",
"@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/role/79600390-9B73-102E-A3E2-001676E4A757"
}
}