TIDE bulk export service endpoints
The TIDE bulk data export API allows for the accessing of active threats using the TIDE API and running the TIDE bulk data export API.
- To access active threats, use tide/api/data/threats/state/ and specify a provider organization using the "profile" query string parameter.
- The TIDE bulk data export API requires an endpoint to fetch the bulk threat data and allows specifying the “rlimit” query string parameter for limiting returned records. Note: The rlimit is limited to 100 responses.
- The authorization for this process is via the gateway, and the expected response is 200 OK with a file location provided.
Request:
GET /tide/bulk-export?type=<type> |
Headers:
AuthContext
Note: This authorization is via the gateway.
Expected response:
200 OK
{ |
The file will be internally uploaded to an S3 bucket specifically dedicated to the client, using the file-id as the object name.
Sample request:
GET 'https://csp.infoblox.com/tide/bulk-export?type=host' --header 'Authorization: Token <token>' |
Sample response:
{ “file-location”:“https://csp.infoblox.com/tide/bulk-export/file-access/abcd123” |
Note: The requestID serves as a reference for verifying the completion status of your upload.
Note | ||
---|---|---|
| ||
|
Note | ||
---|---|---|
| ||
|
Endpoint to access the threat data from the uploaded file
Sample request:
GET 'https://csp.infoblox.com/tide/bulk-export/file-access/<file-id≥ |
Response from atk-gateway:
{ |
Response from tide-service:
{ |
Note: Implementing Endpoint Handlers in Tide-ng-atk-gateway and Managing Redirection for File Access.
Note | ||
---|---|---|
| ||
Additional Scenario:
|