REST API
The TruSTAR REST API enables you to easily synchronize report information available in TruSTAR with the monitoring tools and analysis workflows you use in your infrastructure. All API access is over HTTPS, and all data is transmitted securely in JSON format.
Related Links
- API Usage Policy
- API documentation
- The TruSTAR Python SDK can be used to interact with the TruSTAR Rest API from within any Python program.
API Coverage
The API provides endpoints for these functional areas of the TruSTAR platform:
Function | Description |
Basic commands | Endpoints for Ping, Version, and for requesting your API quota information. |
Reports | Endpoints that manage reports, including submit, update, share (with or without redaction), copy, move, delete, search for reports, find correlated reports, and get report status. |
Indicators | Endpoints that work with Indicators, including submit, find/search, and summaries. This section also includes commands for working with safelists (whitelists), including fetching the safelist contents and adding and deleting items from the safelist. |
Tags | Endpoints for using tags with Reports and Indicators. |
Enclaves | Fetches the list of all enclaves that the user has access to, as well as whether they can read, create, and update reports in that enclave. |
Phishing Triage | Endpoints to retrieve prioritized phishing emails and their associated indicators, as well as to set the status of the email. |
In addition, the API provides error codes that can help you troubleshoot an integration.