Using end-points from mcas-siemagent-0.111.126-signed.jar

%3CLINGO-SUB%20id%3D%22lingo-sub-2419865%22%20slang%3D%22en-US%22%3EUsing%20end-points%20from%20mcas-siemagent-0.111.126-signed.jar%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2419865%22%20slang%3D%22en-US%22%3E%3CP%3EI%E2%80%99ve%20been%20using%20mcas-siemagent-0.111.126-signed.jar%20file%20to%20retrieve%20logs%20from%20my%20cloud%20services.%20I%E2%80%99ve%20been%20saving%20the%20logs%20to%20a%20local%20directory%20and%20while%20looking%20at%20them%20I%E2%80%99ve%20noticed%20two%20interesting%20endpoints%3A%3C%2FP%3E%3CUL%3E%3CLI%3EExecuting%20request%20GET%20%2Fapi%2Fv1%2Fagents%2Fsiem%2Fconsume%2F%3C%2FLI%3E%3CLI%3EExecuting%20request%20GET%20%2Fapi%2Fv1%2Fagents%2Fsiem%2Fget_data%2F%3F%7Bsome%20cursor%20related%20data%7D%3C%2FLI%3E%3C%2FUL%3E%3CP%3EIs%20there%20any%20way%20of%20getting%20the%20logs%20information%20using%20those%20end%20points%2C%20without%20using%20the%20.jar%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2419865%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EApp%20Connectors%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECloud%20Discovery%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Frequent Visitor

I’ve been using mcas-siemagent-0.111.126-signed.jar file to retrieve logs from my cloud services. I’ve been saving the logs to a local directory and while looking at them I’ve noticed two interesting endpoints:

  • Executing request GET /api/v1/agents/siem/consume/
  • Executing request GET /api/v1/agents/siem/get_data/?{some cursor related data}

Is there any way of getting the logs information using those end points, without using the .jar?

 

 

0 Replies