MetaDefender OT Security will utilize multiple APIs to communicate with its products. Access to the API is validated via a combination of credentials (Token). This user requires a minimum access level; do not use a Super Administrator account.
Create a user from Enterprise -> User Management → User → Create User → {Create a user, ensure that you use the Role of API-Client }
Clicking on the Save button → Create user successfully → Copy this API-Client Token to be used for authentication
- [Device] Get the server IP address
| Title | [Device] Get the server IP address |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure/v1/managements/components |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Response | |
- Response, 401 - Unauthorized
| Title | [Device] Get device list |
|---|
| URL Path | https://{IP_Enterprise}:3003/neu-exposure/exposure-external/asset-main/exposure/v1/sensor/device/items |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch device data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description: Pagination Info
- “limit”: Number of records
- “page”: The value should ALWAYS be 1.
- "sortBy": "discovTime"
- "sortType": "desc"
Example:{"limit":20,"page":1,"sortBy":"discovTime","sortType":"desc"}
|
| Response | Response, 200 OK
Ex: |
| Title | [Device] Get device list by site id |
|---|
| URL Path | https://{IP_Enterprise}:3003/neu-exposure/exposure/v1/devices/items?siteId=[2]&data={"isAll":false} |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteId:
- Type:
number[]
- Description: The IP address of the site to fetch device data for.
- Example:
[1,2]
data:
{"limit":20,"page":1,"sortBy":"discovTime","sortType":"desc"} |
| Response | Response, 200 OK
Ex: |
| Title | [Device] Get a device alert list |
|---|
| URL Path | https://{IP_Enterprise}:3003/neu-exposure/exposure-external/alert-main/exposure/v1/sensor/device-alert/items? |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch conn alert list data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description: Pagination Info
- “limit”: {Number of records}
- “page”: The value should ALWAYS be 1.
- "sortBy":"alertStarted"
- "sortType": "desc"
Example:{"limit":200,"page":1,"sortBy":"alertStarted","sortType":"desc"}
|
| Response | Response, 200 OK
Ex: |
| Title | [Device] Get the connection alert list |
|---|
| URL Path | https://{IP_Enterprise}:3003/neu-exposure/exposure-external/alert-main/exposure/v1/sensor/conn-alert/items |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch conn alert list data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description: Pagination Info
- “limit”: {Number of records}
- “page”: The value should ALWAYS be 1.
- "sortBy":"alertStarted"
- "sortType": "desc"
Example:{"limit":200,"page":1,"sortBy":"alertStarted","sortType":"desc"}
|
| Response | Response, 200 OK
Ex: |
| Title | [Device] Get the Suricata alert list |
|---|
| URL Path | https://{IP_Enterprise}:3003/neu-exposure/exposure-external/alert-main/exposure/v1/sensor/suricata-alert/items |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch conn alert list data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description: Pagination Info
- “limit”: {Number of records}
- “page”: The value should ALWAYS be 1.
- "sortBy":"alertStarted"
- "sortType": "desc"
Example:{"limit":200,"page":1,"sortBy":"alertStarted","sortType":"desc"}
|
| Response | Response, 200 OK
Ex: |
| Title | [Device] Get the list of CVEs for the device |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-report/exposure/v1/sensor/device-cves/items |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch conn alert list data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description: Pagination Info
- “limit”: {Number of records}
- “page”: The value should ALWAYS be 1.
- "sortBy":"alertStarted"
- "sortType": "desc"
Example:{"limit":250,"page":1,"sortBy":"name","sortType":"desc"}
|
| Response | Response, 200 OK
Ex: |
| Title | [Device] Get the list of CVEs for the device by site id |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure/v1/devices/items?siteId=[2]&data={"isAll":false} |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch conn alert list data for.
- Example:
"10.40.172.144"
data:
Type: Object
Description: Pagination Info
- “limit”: {Number of records}
- “page”: The value should ALWAYS be 1.
- "sortBy":"alertStarted"
- "sortType": "desc"
Example:{"limit":20,"page":1,"sortBy":"discovTime","sortType":"desc"}
|
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized
| Title | [Components] Get the list of Site and Sensor infor |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure/v1/managements/components |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params | |
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized
| Title | [Device] Get sites address |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure/v1/managements/sites |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params | |
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized
Navigate to the Enterprise Manager → Settings → Update Signatures & Definitions → PLC Firmware
Get from Cloud Repo: we can filter by a specific Article/Part No.
| Title | [Device Firmware File] Get available version |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure/v1/device-firmware-files/check-available-version |
| Method | POST |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
Request body:
Response:
- Response, 401 - Unauthorized
| Title | [Device] Get the device ID for patching |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-main/exposure/v1/sensor/device/items |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params | Get based on IPv4 or the MAC address of the Device
siteIp:
- Type:
string
- Description: The IP address of the site to fetch device data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description: Pagination Info
- “limit”: Number of records
- “page”: The value should ALWAYS be 1.
- "sortBy": "discovTime"
- "sortType": "desc"
- “properties“: {"ipv4":"", "mac":""}
Example:
{"limit":20,"page":1,"sortBy":"discovTime","sortType":"desc","properties":{"ipv4":"192.168.1.103","mac":"E0:DC:A0:C4:6A:42"}}
|
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized
| Title | [Device] Get the list of CVEs for the device |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-main/exposure/v1/sensor/device/cves |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch device data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
|
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized
| Title | [Request Patching] Get list |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-main/exposure/v1/sensor/request-patching/items |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch device data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
|
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized
| Title | [Request Patching] Get detail |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-report/exposure/v1/sensor/device-cves/items |
| Method | GET |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch device data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description:
- “id”: the id of the request patching
Example:{"id": 3}
|
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized
| Title | [Request Patching] Create request |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-main/exposure/v1/sensor/request-patching/item |
| Method | POST |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch conn alert list data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
|
Request body
Response
- Response, 401 - Unauthorized
| Title | [Request Patching] Create request |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-main/exposure/v1/sensor/request-patching/item |
| Method | PUT |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch conn alert list data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
|
Request body
Response
- Response, 401 - Unauthorized
| Title | [Request Patching] Approve request |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-main/exposure/v1/sensor/request-patching/approve |
| Method | PUT |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch device data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description:
- “id”: the id of the request patching
Example:
{"id": 6}
|
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized
| Title | [Request Patching] Reject request |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-main/exposure/v1/sensor/request-patching/reject |
| Method | PUT |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch device data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description:
- “id”: the id of the request patching
Example:
{"id": 5}
|
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized
| Title | [Request Patching] Delete request |
|---|
| URL Path | https://{IP of Enterprise Manager}:3003/neu-exposure/exposure-external/asset-main/exposure/v1/sensor/request-patching/item |
| Method | DELETE |
| Authentication method | Bearer Token |
| Request headers |
- Bearer Token: retrieved after creating API-Client user (mandatory)
- This API requires Bearer Token Authentication. You must include a valid Bearer token in the
Authorization header.
- Format:
Authorization: Bearer <token>
|
| Params |
siteIp:
- Type:
string
- Description: The IP address of the site to fetch device data for.
- Example:
"10.40.172.144"
sensorIp:
- Type:
string
- Description: The IP address of the sensor associated with the site.
- Example:
"10.40.172.172"
data:
Type: Object
Description:
- “id”: the id of the request patching
Example:
{"id": 5}
|
| Response | Response, 200 OK
Ex: |
- Response, 401 - Unauthorized