TIDE bulk export service endpoints
The TIDE bulk data export API allows for the accessing of active threats using the TIDE API and running the TIDE bulk data export API.
- To access active threats, use tide/api/data/threats/state/ and specify a provider organization using the "profile" query string parameter.
- The TIDE bulk data export API requires an endpoint to fetch the bulk threat data and allows specifying the “rlimit” query string parameter for limiting returned records. Note: The rlimit is set to a maximum of 100 responses.
- The authorization for this process is via the gateway, and the expected response is 200 OK with a file location provided.
- It is not possible to execute PATCH operations on custom lists using the Bulk Import feature.
- When performing update-related operations, new domains from the import file are not added while retaining the existing ones. Instead, the custom list is updated by replacing all existing domains with those from the import file.
Request:
GET /tide/bulk-export/threats?type=<type>&r_limit=<limit> |
Headers:
AuthContext
Note: This authorization is via the gateway.
Expected response:
200 OK
{ |
The file will be internally uploaded to an S3 bucket specifically dedicated to the client, using the file-id as the object name.
Sample request:
GET 'https://csp.infoblox.com/tide/bulk-export?type=host' --header 'Authorization: Token <token>'
Sample response:
{
Status: 200
Body: {
“file_access_path”:“https://csp.infoblox.com/tide/bulk-export/file-access/abcd123”
}
}
Note: The requestID serves as a reference for verifying the completion status of your upload.
Note | ||
---|---|---|
| ||
|
Note | ||
---|---|---|
| ||
|
Note: Run the API again, this time using only the file id (ba06742e-8006-4171-89b0-29a641dc04f0).
Endpoint to access the threat data from the uploaded file
Sample request:
GET 'https://csp.infoblox.com/tide/bulk-export/data-stream/file-access/<file-id≥ |
Response from tide
{
Status: 400
}
{
Status: 200
“s3://…../tide/bulk-export/<clientId>/<fileId>”
}
{
Status: 200
Redirection_url: “s3://…../tide/bulk-export/<clientId>/<fileId>”
}
Note: Implementing Endpoint Handlers in Tide-ng-atk-gateway and Managing Redirection for File Access.
title | Expected Response Errors |
---|
401 Unauthorized: Occurs when the tide-ng-atk-gateway is unable to verify user authentication.
400 Bad Request: Triggered if the request lacks a valid fileID.
404 Not Found: Indicates that the file does not exist.
- Either the file has not been uploaded yet, retry after 20 seconds. The message will specify this.
- Or, re initiate the bulk upload.
403 Forbidden: This error is returned if the file does not belong to the client (note: this may also qualify as a 400 Bad Request).
_id=ba06742e-8006-4171-89b0-29a641dc04f0" |
Sample response from tide
"file_uploaded": true, |
Note: When the generated url is clicked, the file can be directly downloaded.