API Docs
/
No Results Found
Run In Postman
Help Docs
All Resources
Log sources

Log sources

The Log source APIs enable log source management operations and allow you to retrieve configured details of log-sources, agents, domains, and log source groups.

End Points
Add Windows log-sources
Delete log-sources
Update log-sources
Get Log Sources
Update Event source file configuration
Get Log Source Groups
Add Agents
Update Agents
Get Agents
Get Domains
Get Computers

Add Windows log-sources

This API enables the addition of Windows log-sources to the system, requiring each log-source to be associated with a pre-configured domain. Only Windows log-sources are supported. You can add up to 100 log-sources per request.
OAuth Scope : logsources.CREATE

Arguments

log_sources
array
(Required)
Array of log source objects, each containing a log source name and a domain name
Show Sub-Attributes arrow
log_source
string
(Required)
Name of the Windows log source
domain_name
string
(Required)
Name of the domain associated with the log source
agent_id
number
ID of the agent
⚠️ Note: API endpoint to Get Agent ID - GET /api/v2/log-sources/agents

Request Example

Click to copy
parameters_data='{"field1":"value1","field2":"value2"}'; headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources/windows" type: POST headers: headers_data content-type: application/json parameters: parameters_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}"); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources/windows") .post(body) .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .addHeader("content-type", "application/json") .build(); Response response = client.newCall(request).execute();
const options = { method: 'POST', headers: { Authorization: 'Bearer REPLACE_BEARER_TOKEN', 'content-type': 'application/json' }, body: '{"field1":"value1","field2":"value2"}' }; fetch('http://localhost:8400/api/v2/log-sources/windows', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}" headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN", 'content-type': "application/json" } conn.request("POST", "/api/v2/log-sources/windows", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "POST", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources/windows", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN", "content-type": "application/json" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.write(JSON.stringify({field1: 'value1', field2: 'value2'})); req.end();
curl --request POST \ --url http://localhost:8400/api/v2/log-sources/windows \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \ --header 'content-type: application/json' \ --data '{"field1":"value1","field2":"value2"}'

Body Parameters

Click to copy
{ "log_sources": [ { "log_source": "windows-test", "domain_name": "zoho.com", "agent_id": 22 } ] }

Response Example

{ "data": { "summary": { "total_log_sources": 4, "successful_additions": 2, "failed_additions": 2 }, "failed_log_sources": [ { "log_source": "Testaudit-1", "issue": "Domain not configured." } ], "added_log_sources": [ 301, 302 ] } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[domain_name] : Required parameter is missing in the request." } }

Delete log-sources

This API allows the deletion of up to 100 Windows log-sources per request. log-sources are identified by their name, log-source ID, and optionally by their domain name. If multiple log-sources share the same name and the domain name is not specified, the API will return an error for those entries.
OAuth Scope : logsources.DELETE

Arguments

log_sources
array
(Required)
Array of log source objects, each containing a log source ID, or log source name or log source name with domain name
NOTE:
The request JSON must include only one of the following parameter combinations per log source request:
- `log_source_id` only
- `log_source` only
- `log_source` and `domain_name`
Show Sub-Attributes arrow
log_source
string
(Required)
Name of the Windows log source.
⚠️ Param is not required if log_source_id is provided.
domain_name
string
Name of the domain associated with the log source

Request Example

Click to copy
parameters_data='{"field1":"value1","field2":"value2"}'; headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources/windows" type: DELETE headers: headers_data content-type: application/json parameters: parameters_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}"); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources/windows") .delete(body) .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .addHeader("content-type", "application/json") .build(); Response response = client.newCall(request).execute();
const options = { method: 'DELETE', headers: { Authorization: 'Bearer REPLACE_BEARER_TOKEN', 'content-type': 'application/json' }, body: '{"field1":"value1","field2":"value2"}' }; fetch('http://localhost:8400/api/v2/log-sources/windows', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}" headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN", 'content-type': "application/json" } conn.request("DELETE", "/api/v2/log-sources/windows", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "DELETE", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources/windows", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN", "content-type": "application/json" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.write(JSON.stringify({field1: 'value1', field2: 'value2'})); req.end();
curl --request DELETE \ --url http://localhost:8400/api/v2/log-sources/windows \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \ --header 'content-type: application/json' \ --data '{"field1":"value1","field2":"value2"}'

Body Parameters

Click to copy
{ "log_sources": [ { "log_source": "windows-test", "domain_name": "zoho.com" } ] }

Response Example

{ "data": { "title": "partial_success", "summary": { "total_log_sources": 100, "deleted_log_sources": 99, "failed_deletions": 1 }, "failed_log_sources": [ { "log_source": "DeviceX", "issue": "log_source_id not found." } ] } }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[log_source] : Required parameter is missing in the request." } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }

Update log-sources

This API enables the update of various attributes for multiple log-sources in a single request, supporting up to 100 log sources per call. Each log-source can be individually configured with different values for attributes such as log collection status, log collection mode, monitoring interval, log-source group, time zone, display name, and log-source type.
OAuth Scope : logsources.UPDATE

Arguments

log_sources
array
(Required)
Array of log source update objects, each containing a log source ID and the fields to be updated.
Show Sub-Attributes arrow
log_source_id
number
(Required)
ID of the log source.
⚠️ At least one update field is required.
log_collection_status
string
Status of the log collection.
Allowed values for log_collection_status : enabled, disabled
monitoring_interval
number
Monitoring interval in minutes (must be >10)
log_collection_mode
string
Log collection mode.
Allowed values for log_collection_mode : Scheduled, Realtime
log_source_group
string
Name of the log source group
time_zone
string
Time zone of the log source
display_name
string
Display name of the log source
log_type_name
string
Type of the log source.
Allowed values for log_type_name : Unix, Cisco Device, IBM AS/400, Hypervisor, SonicWall Device, Juniper Device, PaloAlto Device, Fortinet Device, Application, Unknown, CheckPoint Device, NetScreen Device, WatchGuard Device, Sophos Device, Barracuda Device, Huawei Device, Meraki Device, HP Device, pfSense Device, H3C Device, FirePower Device, Arista Device, F5 Device, Stormshield Device, Dell Device, ForcePoint Device, Topsec Device, Sangfor Device

Request Example

Click to copy
parameters_data='{"field1":"value1","field2":"value2"}'; headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources" type: PUT headers: headers_data content-type: application/json parameters: parameters_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}"); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources") .put(body) .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .addHeader("content-type", "application/json") .build(); Response response = client.newCall(request).execute();
const options = { method: 'PUT', headers: { Authorization: 'Bearer REPLACE_BEARER_TOKEN', 'content-type': 'application/json' }, body: '{"field1":"value1","field2":"value2"}' }; fetch('http://localhost:8400/api/v2/log-sources', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}" headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN", 'content-type': "application/json" } conn.request("PUT", "/api/v2/log-sources", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "PUT", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN", "content-type": "application/json" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.write(JSON.stringify({field1: 'value1', field2: 'value2'})); req.end();
curl --request PUT \ --url http://localhost:8400/api/v2/log-sources \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \ --header 'content-type: application/json' \ --data '{"field1":"value1","field2":"value2"}'

Body Parameters

Click to copy
{ "log_sources": [ { "log_source_id": 17678, "log_collection_status": "enabled", "monitoring_interval": 15, "log_collection_mode": "scheduled", "log_source_group": "CriticalServers", "time_zone": "UTC+1", "display_name": "NewDeviceName", "log_type_name": "unix" } ] }

Response Example

{ "data": { "title": "partial_success", "summary": { "total_update_requests": 100, "successful_updates": 98, "failed_updates": 2 }, "failed_log_sources": [ { "log_source_id": 789, "issue": "Invalid time zone format." } ] } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[log_type_name, log_source_group, log_collection_mode, display_name, time_zone, monitoring_interval, log_collection_status] : Required parameter is missing in the request." } }

Get Log Sources

This API retrieves a list of log source groups based on specified criteria. Users can filter log sources by name, collection status, log source ID, collector state, domain name, or log source group.
OAuth Scope : logsources.READ

Query Parameters

log_source
string
The name of the log source.
type: string
example: ela-win-11
log_source_id
long
The ID of the log source.
type: integer
example: 1234
log_collection_status
string
The status of the log collection.
Allowed values: enabled, disabled
example: enabled
log_collector_state
string
The status of the log collector.
Allowed values: active, inactive, decommissioned_device
example: active
log_source_group
string
The name of the log source group.
type: string
example: DefaultGroup
domain_name
string
The name of the domain to fetch computer details from.
type: string
example: csz.zohocorp.com
page
integer
Page number.
type: integer
Maximum: 1000
default: 1
limit
integer
Number of results per page.
type: integer
Maximum: 1000
default: 10
from
integer
Starting point for the results.
type: integer
Maximum: 1000
default: 1
sort
string
Sort based on log source parameters.
Allowed values: log_source_id, log_source
default: log_source_id
is_ascending
boolean
Sort order — `true` for ascending, `false` for descending.
default: true

Request Example

Click to copy
headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources" type: GET headers: headers_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources") .get() .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .build(); Response response = client.newCall(request).execute();
const options = {method: 'GET', headers: {Authorization: 'Bearer REPLACE_BEARER_TOKEN'}}; fetch('http://localhost:8400/api/v2/log-sources', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN" } conn.request("GET", "/api/v2/log-sources", headers=headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "GET", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.end();
curl --request GET \ --url http://localhost:8400/api/v2/log-sources \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

Response Example

{ "data": { "log_sources": [ { "log_source_id": 123, "log_type_name": "Windows", "log_source_group": "Default Group", "last_event_time": "2024-11-04T12:00:00Z", "next_scan_on": "2024-11-05T12:00:00Z", "log_collection_status": "ENABLED", "log_collector_state": "ACTIVE", "log_source_ip": "192.168.1.10", "domain_name": "csez.zohocorpin.com", "fqdn": "vignesh.csez.zohocorpin.com", "log_collection_mode": "WMI", "display_name": "vignesh-17678", "log_source": "vignesh-17678" } ], "meta": { "limit": 10, "from": 0, "total": 1, "page": 1, "total_log_sources": 200 } } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[API] Request Failed." } }

Update Event source file configuration

This API enables bulk configuration of event source files across multiple log-sources. It updates the event log source settings for the specified log-sources using the provided source file details.
OAuth Scope : logsources.UPDATE

Arguments

log_source_ids
array
(Required)
List of log source IDs to apply the configuration to
source_files
array
(Required)
List of source file configurations for each log source

Request Example

Click to copy
parameters_data='{"field1":"value1","field2":"value2"}'; headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources/windows/event-source-configuration" type: PUT headers: headers_data content-type: application/json parameters: parameters_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}"); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources/windows/event-source-configuration") .put(body) .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .addHeader("content-type", "application/json") .build(); Response response = client.newCall(request).execute();
const options = { method: 'PUT', headers: { Authorization: 'Bearer REPLACE_BEARER_TOKEN', 'content-type': 'application/json' }, body: '{"field1":"value1","field2":"value2"}' }; fetch('http://localhost:8400/api/v2/log-sources/windows/event-source-configuration', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}" headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN", 'content-type': "application/json" } conn.request("PUT", "/api/v2/log-sources/windows/event-source-configuration", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "PUT", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources/windows/event-source-configuration", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN", "content-type": "application/json" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.write(JSON.stringify({field1: 'value1', field2: 'value2'})); req.end();
curl --request PUT \ --url http://localhost:8400/api/v2/log-sources/windows/event-source-configuration \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \ --header 'content-type: application/json' \ --data '{"field1":"value1","field2":"value2"}'

Body Parameters

Click to copy
{ "log_source_ids": [ 3000000012292, 6000000013071 ], "source_files": [ "ConnectionInfo", "Error", "HardwareEvents", "Intel-GFX-Info/Application", "Intel-GFX-Info/System", "IntelAudioServiceLog", "Internet Explorer", "Key Management Service", "ManageEngine-EndpointCentral-EDR/Operational", "Microsoft-AppV-Client/Admin", "Microsoft-AppV-Client/Operational", "Microsoft-AppV-Client/Virtual Applications", "Microsoft-Client-License-ESU/Admin", "Microsoft-Client-License-Flexible-Platform/Admin", "Microsoft-Windows-AAD/Operational", "OAlerts", "OneApp_IGCC", "Parameters", "PreEmptive", "SMSApi", "State", "Visual Studio", "Windows PowerShell", "Microsoft-Windows-AppHost/Admin" ] }

Response Example

{ "data": { "detail": "Update request sent success", "title": "SUCCESS" } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[API] Request Failed." } }

Get Log Source Groups

This API retrieves a list of log source groups according to the specified criteria. If no parameters are provided, it returns the full list of log source groups. Each group contains details such as the group name, group ID, description, and associated log sources.
OAuth Scope : logsources.READ

Query Parameters

log_source_group
string
The name of the log source group.
type: string
example: DefaultGroup
page
integer
Page number.
type: integer
Maximum: 1000
default: 1
limit
integer
Number of results per page.
type: integer
Maximum: 1000
default: 10
from
integer
Starting point for the results.
type: integer
Maximum: 1000
default: 1
sort
string
Sort based on log source group attributes.
Allowed values: log_source_group, log_source_group_id
default: log_source_group
is_ascending
boolean
Sort order — `true` for ascending, `false` for descending.
default: true

Request Example

Click to copy
headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources/log-source-groups" type: GET headers: headers_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources/log-source-groups") .get() .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .build(); Response response = client.newCall(request).execute();
const options = {method: 'GET', headers: {Authorization: 'Bearer REPLACE_BEARER_TOKEN'}}; fetch('http://localhost:8400/api/v2/log-sources/log-source-groups', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN" } conn.request("GET", "/api/v2/log-sources/log-source-groups", headers=headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "GET", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources/log-source-groups", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.end();
curl --request GET \ --url http://localhost:8400/api/v2/log-sources/log-source-groups \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

Response Example

{ "data": { "groups": [ { "log_source_group_id": 2, "log_source_group": "Security Group A", "group_description": "Group for all security-related log sources", "no_of_log_sources": 4, "log_sources": [ { "log_source_id": 123, "log_type_name": "Windows", "last_event_time": "2024-11-04T12:00:00Z", "next_scan_on": "2024-11-05T12:00:00Z", "log_collection_status": "ENABLED", "log_collector_state": "ACTIVE", "log_source_ip": "192.168.1.10", "domain_name": "csez.zohocorpin.com", "fqdn": "vignesh-17678.csez.zohocorpin.com", "log_collection_mode": "WMI", "display_name": "vignesh-17678", "log_source": "vignesh-17678" } ] } ], "meta": { "total": 2, "limit": 1, "from": 1 } } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[API] Request Failed." } }

Add Agents

This API enables adding agents to multiple destination devices. Each device must be associated with a pre-configured domain. Only Windows devices are supported. If no credentials are provided for a device, default credentials will be applied.
OAuth Scope : agents.CREATE

Arguments

agents
array
(Required)
Show Sub-Attributes arrow
device_name
string
(Required)
Name of the device
domain_name
string
(Required)
Domain name the device belongs to
user_name
string
Encrypted username for the device
password
string
Encrypted password for the device

Query Parameters

device_name
string
(Required)
Name of the Windows device
domain_name
string
(Required)
The name of the domain associated with the device
user_name
string
Encrypted username for the agent (optional)
password
string
Encrypted password for the agent (optional)

Request Example

Click to copy
parameters_data='{"field1":"value1","field2":"value2"}'; headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources/agents?device_name=aravinth-10309&domain_name=csez.zohocorpin.com" type: POST headers: headers_data content-type: application/json parameters: parameters_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}"); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources/agents?device_name=aravinth-10309&domain_name=csez.zohocorpin.com") .post(body) .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .addHeader("content-type", "application/json") .build(); Response response = client.newCall(request).execute();
const options = { method: 'POST', headers: { Authorization: 'Bearer REPLACE_BEARER_TOKEN', 'content-type': 'application/json' }, body: '{"field1":"value1","field2":"value2"}' }; fetch('http://localhost:8400/api/v2/log-sources/agents?device_name=aravinth-10309&domain_name=csez.zohocorpin.com', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}" headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN", 'content-type': "application/json" } conn.request("POST", "/api/v2/log-sources/agents?device_name=aravinth-10309&domain_name=csez.zohocorpin.com", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "POST", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources/agents?device_name=aravinth-10309&domain_name=csez.zohocorpin.com", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN", "content-type": "application/json" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.write(JSON.stringify({field1: 'value1', field2: 'value2'})); req.end();
curl --request POST \ --url 'http://localhost:8400/api/v2/log-sources/agents?device_name=aravinth-10309&domain_name=csez.zohocorpin.com' \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \ --header 'content-type: application/json' \ --data '{"field1":"value1","field2":"value2"}'

Body Parameters

Click to copy
{ "agents": [ { "device_name": "aravinth-10309", "domain_name": "csez.zohocorpin.com", "user_name": "ENCRYPTED_USERNAME_1", "password": "ENCRYPTED_PASSWORD_1" } ] }

Response Example

{ "data": { "summary": { "total_agents": 1, "successful_additions": 1, "failed_deletions": 0 }, "title": "success", "detail": "Agent(s) installation started.", "failed_agents": [ { "agent_id": 67890, "issue": "Agent ID not found." } ] } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[domain_name] : Required parameter is missing in the request." } }

Update Agents

This API allows simultaneous updates of specific properties for multiple agents. Each agent's details including log levels, and display names are updated individually according to the provided input.
OAuth Scope : agents.UPDATE

Arguments

agents
array
(Required)
Array of agent objects, each containing a agent_id and update fields.
Show Sub-Attributes arrow
agent_id
string
(Required)
Agent ID.
⚠️ At least one update field is required.
display_name
string
Display name of the agent
log_level
string
Log level of the agent.
Allowed values for log_level : 2, 3

Request Example

Click to copy
parameters_data='{"field1":"value1","field2":"value2"}'; headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources/agents" type: PUT headers: headers_data content-type: application/json parameters: parameters_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}"); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources/agents") .put(body) .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .addHeader("content-type", "application/json") .build(); Response response = client.newCall(request).execute();
const options = { method: 'PUT', headers: { Authorization: 'Bearer REPLACE_BEARER_TOKEN', 'content-type': 'application/json' }, body: '{"field1":"value1","field2":"value2"}' }; fetch('http://localhost:8400/api/v2/log-sources/agents', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}" headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN", 'content-type': "application/json" } conn.request("PUT", "/api/v2/log-sources/agents", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "PUT", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources/agents", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN", "content-type": "application/json" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.write(JSON.stringify({field1: 'value1', field2: 'value2'})); req.end();
curl --request PUT \ --url http://localhost:8400/api/v2/log-sources/agents \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \ --header 'content-type: application/json' \ --data '{"field1":"value1","field2":"value2"}'

Body Parameters

Click to copy
{ "agents": [ { "agent_id": "122232", "display_name": "test-agent", "log_level": "zoho.com" } ] }

Response Example

{ "data": { "detail": "partial_success", "summary": { "total_agents": 4, "successful_updates": 2, "failed_updates": 2 }, "failed_agents": [ { "agent_id": 67890, "issue": "Agent ID not found." } ] } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[log_level, display_name] : Required parameter is missing in the request." } }

Get Agents

This API retrieves a list of agents based on the specified criteria. If no parameters are provided, it returns the complete list of agents. The response includes each agent name, agent ID, version, status, last synchronization time, and details of associated devices.
OAuth Scope : agents.READ

Query Parameters

agent_id
long
Unique ID of the agent.
type: integer
example: 301
agent_name
string
Name of the agent to filter results.
type: string
example: Agent001
version
string
Version of the Agent
type: string
example: 6.9
status
string
Status of the agent.
example: agent_not_communicating
Allowed values: needsync, agent_not_communicating, running, stopped, crashed, installfailed, upgradefailed, installscheduled, uninstallscheduled, stopscheduled, stopactionstarted, upgradescheduled, manual_upgrade_needed, restartactionscheduled, restartactionstarted, startactionscheduled, agentupgraded, agent_already_installed, manual_install, start_manual, restart_manual, stop_manual, upgrade_cancelled, audit_service_unavailable, acl_package_unavailable, waitingfor_initailsync, access_restriction_selinux, platform_not_supported, ssh_connection_failure
page
integer
Page number.
type: integer
Maximum: 1000
default: 1
limit
integer
Number of results per page.
type: integer
Maximum: 1000
default: 10
from
integer
Starting point for the results.
type: integer
Maximum: 1000
default: 1

Request Example

Click to copy
headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources/agents" type: GET headers: headers_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources/agents") .get() .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .build(); Response response = client.newCall(request).execute();
const options = {method: 'GET', headers: {Authorization: 'Bearer REPLACE_BEARER_TOKEN'}}; fetch('http://localhost:8400/api/v2/log-sources/agents', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN" } conn.request("GET", "/api/v2/log-sources/agents", headers=headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "GET", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources/agents", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.end();
curl --request GET \ --url http://localhost:8400/api/v2/log-sources/agents \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

Response Example

{ "data": { "agents": [ { "agent_id": 1, "agent_name": "Agent001", "status": "Agent not communicating", "last_sync_time": "2024-11-05T10:30:00Z", "associated_device_count": 3, "version": 6.8, "associated_devices": [ { "log_source_id": 123, "log_source": "DeviceA" } ] } ] }, "meta": { "total": 2, "limit": 1, "from": 1 } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[API] Request Failed." } }

Get Domains

This API retrieves a list of configured domains.
OAuth Scope : domains.READ

Request Example

Click to copy
headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources/domains" type: GET headers: headers_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources/domains") .get() .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .build(); Response response = client.newCall(request).execute();
const options = {method: 'GET', headers: {Authorization: 'Bearer REPLACE_BEARER_TOKEN'}}; fetch('http://localhost:8400/api/v2/log-sources/domains', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN" } conn.request("GET", "/api/v2/log-sources/domains", headers=headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "GET", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources/domains", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.end();
curl --request GET \ --url http://localhost:8400/api/v2/log-sources/domains \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

Response Example

{ "data": { "domains": [ { "domain_id": 123, "domain_flat_name": "ZOHOCORP", "domain_name": "csez.zohocorpin.com", "domain_controller_names": [ "win2k16master" ] } ], "meta": { "count": 1 } } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[API] Request Failed." } }

Get Computers

This API retrieves a list of all computers within a specified domain. You can optionally filter the results based on the operating system (OS), domain name, and whether the computers are configured or not configured.
OAuth Scope : domains.READ

Query Parameters

domain_name
string
The name of the domain to fetch computer details from.
type: string
example: csz.zohocorp.com
os
string
Filter results by operating system.
type: string
example: Windows 11 Pro
is_configured_list
boolean
Filter to return only computers that have been configured.
type: boolean
default: false
page
integer
Page number.
type: integer
Maximum: 1000
default: 1
limit
integer
Number of results per page.
type: integer
Maximum: 1000
default: 10
from
integer
Starting point for the results.
type: integer
Maximum: 1000
default: 1

Request Example

Click to copy
headers_data = Map(); headers_data.put("Authorization", "Bearer REPLACE_BEARER_TOKEN"); response = invokeUrl [ url: "http://localhost:8400/api/v2/log-sources/computers" type: GET headers: headers_data connection: <connection_name> ]; info response;
OkHttpClient client = new OkHttpClient(); Request request = new Request.Builder() .url("http://localhost:8400/api/v2/log-sources/computers") .get() .addHeader("Authorization", "Bearer REPLACE_BEARER_TOKEN") .build(); Response response = client.newCall(request).execute();
const options = {method: 'GET', headers: {Authorization: 'Bearer REPLACE_BEARER_TOKEN'}}; fetch('http://localhost:8400/api/v2/log-sources/computers', options) .then(response => response.json()) .then(response => console.log(response)) .catch(err => console.error(err));
import http.client conn = http.client.HTTPConnection("localhost:8400") headers = { 'Authorization': "Bearer REPLACE_BEARER_TOKEN" } conn.request("GET", "/api/v2/log-sources/computers", headers=headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
const http = require("http"); const options = { "method": "GET", "hostname": "localhost", "port": "8400", "path": "/api/v2/log-sources/computers", "headers": { "Authorization": "Bearer REPLACE_BEARER_TOKEN" } }; const req = http.request(options, function (res) { const chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { const body = Buffer.concat(chunks); console.log(body.toString()); }); }); req.end();
curl --request GET \ --url http://localhost:8400/api/v2/log-sources/computers \ --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'

Response Example

{ "data": [ { "guid": "550e8400-e29b-41d4-a716-446655440000", "sid": "S-1-5-21-3623811015-3361044348-30300820-1103", "name": "Workstation1", "dns_name": "workstation1.example.com", "os": "Windows 11 Pro" } ], "meta": { "total": 2, "limit": 1, "from": 1 } }
{ "code": "07001113", "title": "Unauthorized", "detail": "Invalid or missing AuthToken. Check whether the AuthToken is not revoked or expired" }
{ "error": { "code": "07001111", "title": "Bad Request", "detail": "[API] Request Failed." } }