This package is used to create an API client for Vectra Detect SaaS brains.
This package can be installed via NPM with the following command npm i vectra-saas-api-client
Once this package is installed it can be initialised like this
const SaaSClient = require("vectra-saas-api-client");
const client = new SaaSClient("BrainURL", "ClientID", "Secret");
All functions of this client are asynchronous and so require either Promises or Await syntax to function correctly.
For example, to retrieve all detections on your brain with a Threat score greater than 1, you would use the following functions:
client
.getAllDetections({ t_score_gte: 1 })
.then((results) => {
//Do something with the results
})
.catch((err) => {
//Handle error
});
try {
let results = await client.getAllDetections({ t_score_gte: 1 });
} catch (err) {
//Handle error
}
Creates a new SaaS Client Object.
Name | Type | Description |
---|---|---|
siteURL |
string | The URL Where your SaaS Brain is located. e.g. https://000000000000.foo.portal.vectra.ai |
clientID |
string | OAuth Client ID. Generated in Manage/API Clients. |
secret |
string | OAuth Secret. Generated in Manage/API Clients. |
version |
number | API Version number. Defaults to 3. 3.3 and above support Hosts endpoints |
Add a note to a specific account.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
note |
text | The text body of the note. |
Object containing details of the new note.
Add tags to an account.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
tags |
Array. | Array of tags to add. |
Object containing details of the new tags.
Add a note to a specific detection.
Name | Type | Description |
---|---|---|
detectionID |
number | The ID of the detection. |
note |
text | The text body of the note. |
Object containing details of the new note.
Add tags to a detection.
Name | Type | Description |
---|---|---|
detectionID |
number | The ID of the detection. |
tags |
Array. | Array of tags to add. |
Object containing details of the new tags.
Assign an account to a specific user.
Name | Type | Description |
---|---|---|
accountID |
number | ID of the account to be assigned. |
userID |
number | ID of the user the account will be assigned to. |
Object containing details of the assignment.
Get a specific account Assignment details.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
resolved |
boolean | If this should also return resolved assignments. |
Object containing details of the account assignments.
Get a specific host Assignment details.
Name | Type | Description |
---|---|---|
hostID |
number | The ID of the host. |
resolved |
boolean | If this should also return resolved assignments. |
Object containing details of the account assignments.
Assign a host to a specific user.
Name | Type | Description |
---|---|---|
hostID |
number | ID of the host to be assigned. |
userID |
number | ID of the user the account will be assigned to. |
Object containing details of the assignment.
Clear all tags from a specific account.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
Object containing details of the cleared tags.
Clear all tags from a specific detection.
Name | Type | Description |
---|---|---|
detectionID |
number | The ID of the detection. |
Object containing details of the cleared tags.
Create a triage rule.
Name | Type | Description |
---|---|---|
rule |
object | JSON object containing the triage rule details. |
Object containing details of the new triage rule.
Delete a specific note for an account.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
noteID |
number | The ID of the note. |
Object containing details of the deleted note.
Delete a tag from a specific account.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
tag |
text | Value of the tag to be deleted. |
Object containing details of the deleted tag.
Delete a specific note for a detection.
Name | Type | Description |
---|---|---|
detectionID |
number | The ID of the detection. |
noteID |
number | The ID of the note. |
Object containing details of the deleted note.
Delete a tag from a specific detection.
Name | Type | Description |
---|---|---|
detectionID |
number | The ID of the detection. |
tag |
text | Value of the tag to be deleted. |
Object containing details of the deleted tag.
Delete an existing triage rule.
Name | Type | Description |
---|---|---|
ruleID |
number | ID of the rule to be deleted. |
Object containing details of the deleted triage rule.
Filter detections with a specific value.
Name | Type | Description |
---|---|---|
detectionIDs |
Array. | Array of detection IDs to be marked as fixed. |
value |
text | Value of the new detection subject. |
Object containing details of filtered detections.
Return a specific account based on the ID
Name | Type | Description |
---|---|---|
accountID |
number | ID of the account. |
Object containing all the data on the account.
Return accounts based on an array of account IDs
Name | Type | Description |
---|---|---|
accountIDs |
number[] | IDs of the accounts. |
Array containing all accounts specified.
Get account changes from a specific checkpoint
Name | Type | Attributes | Default | Description |
---|---|---|---|---|
checkpoint |
number | optional | 0 | Starting point to retrieve changes from (0 by default). |
Array containing all account changes since the provided checkpoint.
Return a specific note for an account.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
noteID |
number | The ID of the note. |
Object containing details of the note.
Return the notes for a specific account.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
Array of objects containing details of the notes.
Get tags for a specific account.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
Array of tags in text form.
Return all accounts
Name | Type | Description |
---|---|---|
options |
object | Search options. |
Array containing all account objects.
Return all detections
Name | Type | Description |
---|---|---|
options |
object | Search options. |
Array containing all detection objects.
Get a specific account Assignment.
Name | Type | Description |
---|---|---|
assignmentID |
number | ID of the assignment to be retrieved. |
Object containing details of an assignment.
Get all account Assignments.
Array of objects containing details of assignments.
Return a specific detection based on the ID
Name | Type | Description |
---|---|---|
detectionID |
number | ID of the detection. |
Object containing all the data on the detection.
Return detections based on an array of detection IDs
Name | Type | Description |
---|---|---|
detectionIDs |
number[] | IDs of the detections. |
Array containing all detections specified.
Get detection changes from a specific checkpoint
Name | Type | Attributes | Default | Description |
---|---|---|---|---|
checkpoint |
number | optional | 0 | Starting point to retrieve changes from (0 by default). |
Array containing all account changes since the provided checkpoint.
Return a specific note for a detection.
Name | Type | Description |
---|---|---|
detectionID |
number | The ID of the detection. |
noteID |
number | The ID of the note. |
Object containing details of the note.
Return the notes for a specific detection.
Name | Type | Description |
---|---|---|
detectionID |
number | The ID of the detection. |
Array of objects containing details of the notes.
Get tags for a specific detection.
Name | Type | Description |
---|---|---|
detectionID |
number | The ID of the detection. |
Array of tags in text form.
Get a single triage rule by ID.
Name | Type | Description |
---|---|---|
ruleID |
number | The ID of the account. |
Object containing details of the triage rule.
Return all triage rules on the brain.
Array of objects containing details of the triage rules.
Get a list of all user accounts in the system.
Array of objects containing details of all user accounts.
Get a list of all user accounts in the system.
Name | Type | Description |
---|---|---|
userID |
number | ID of the user account to be retrieved. |
Array of objects containing details of all user accounts.
Get a list of all user accounts in the system.
Name | Type | Description |
---|---|---|
userID |
number | ID of the user account to be retrieved. |
Array of objects containing details of all user accounts.
Mark specific detections as fixed.
Name | Type | Description |
---|---|---|
detectionIDs |
Array. | Array of detection IDs to be marked as fixed. |
Object containing details of fixed detections.
Modify or reassign an existing assignment.
Name | Type | Description |
---|---|---|
assignmentID |
number | ID of the assignment to be modified. |
accountID |
number | ID of the account to be assigned. |
userID |
number | ID of the user the account will be assigned to. |
Object containing details of the modified assignment.
Delete an existing assignment.
Name | Type | Description |
---|---|---|
assignmentID |
number | ID of the assignment to be deleted. |
Object containing details of the deleted assignment.
Updated a specific note for an account.
Name | Type | Description |
---|---|---|
accountID |
number | The ID of the account. |
noteID |
number | The ID of the note. |
note |
text | The text body to update the note with. |
Object containing details of the new note.
Updated a specific note for a detection.
Name | Type | Description |
---|---|---|
detectionID |
number | The ID of the detection. |
noteID |
number | The ID of the note. |
note |
text | The text body to update the note with. |
Object containing details of the new note.
Update an existing triage rule.
Name | Type | Description |
---|---|---|
ruleID |
number | ID of the rule to be updated. |
rule |
object | JSON object containing the new triage rule details. |
Object containing details of the updated triage rule.