Skip to main content
POST
/
v1
/
detection-rules
Create Detection Rule
curl --request POST \
  --url https://api.example.com/v1/detection-rules \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "source_rule_id": "<string>",
  "source_name": "<string>",
  "severity": "<string>",
  "is_active": true,
  "mitre_tactics": [
    "<string>"
  ],
  "mitre_techniques": [
    "<string>"
  ],
  "mitre_subtechniques": [
    "<string>"
  ],
  "data_sources": [
    "<string>"
  ],
  "run_frequency": "<string>",
  "created_by": "<string>",
  "documentation": "<string>"
}
'
{
  "data": {
    "uuid": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
    "name": "<string>",
    "source_rule_id": "<string>",
    "source_name": "<string>",
    "severity": "<string>",
    "is_active": true,
    "mitre_tactics": [
      "<string>"
    ],
    "mitre_techniques": [
      "<string>"
    ],
    "mitre_subtechniques": [
      "<string>"
    ],
    "data_sources": [
      "<string>"
    ],
    "run_frequency": "<string>",
    "created_by": "<string>",
    "documentation": "<string>",
    "created_at": "2023-11-07T05:31:56Z",
    "updated_at": "2023-11-07T05:31:56Z"
  },
  "meta": {}
}

Body

application/json
name
string
required
Required string length: 1 - 500
source_rule_id
string | null
source_name
string | null
severity
string | null
is_active
boolean
default:true
mitre_tactics
string[]
mitre_techniques
string[]
mitre_subtechniques
string[]
data_sources
string[]
run_frequency
string | null
created_by
string | null
documentation
string | null

Response

Successful Response

data
DetectionRuleResponse · object
required
meta
Meta · object