Using end-points from mcas-siemagent-0.111.126-signed.jar

Frequent Visitor

I’ve been using mcas-siemagent-0.111.126-signed.jar file to retrieve logs from my cloud services. I’ve been saving the logs to a local directory and while looking at them I’ve noticed two interesting endpoints:

  • Executing request GET /api/v1/agents/siem/consume/
  • Executing request GET /api/v1/agents/siem/get_data/?{some cursor related data}

Is there any way of getting the logs information using those end points, without using the .jar?



1 Reply