TIDE bulk export service endpoints

The TIDE bulk data export API allows for the accessing of active threats using the TIDE API and running the TIDE bulk data export API.

• To access active threats, use tide/api/data/threats/state/ and specify a provider organization using the "profile" query string parameter.
• The TIDE bulk data export API requires an endpoint to fetch the bulk threat data and allows specifying the “rlimit” query string parameter for limiting returned records. Note: The rlimit is set to a maximum of 100 responses.
• The authorization for this process is via the gateway, and the expected response is 200 OK with a file location provided.

Request: 

GET /tide/bulk-export/threats?type=<type>&rlimit=<limit

Headers: 
AuthContext

Note: This authorization is via the gateway.

Expected response: 
200 OK

{
“data_stream_location”:“https://csp.infoblox.com/tide/api/data/bulk-export/data_stream?file_id=ba06742e-8006-4171-89b0-29a641dc04f0"
}   

The file will be internally uploaded to an S3 bucket specifically dedicated to the client, using the file-id as the object name.

Note: Run the API again, this time using only the file id (ba06742e-8006-4171-89b0-29a641dc04f0).

Endpoint to access the threat data from the uploaded file

Sample request: 

GET  'https://csp.infoblox.com/tide/bulk-export/data-stream/file_id=ba06742e-8006-4171-89b0-29a641dc04f0"

Sample response from tide

"file_uploaded": true,
"pre_auth_url": "https://tide-prod-bulk-export.s3.amazonaws.com/1049207/ba06742e-8006-4171-89b0-29a641dc04f0/date.json?X-Amz-Algorithm=AW%4-
"pre_auth_url_expiry_nanosecs": "9999999999999",
"pre_auth_url_expiry": "2024-07-10 01:27:39.84706186 +0000 UTC m=+16242.785383444"

Note: When the generated url is clicked, the file can be directly downloaded.