Edit Sensor Groups
Endpoint URL: https://<your server>/rest/groups/:<group ID>
Endpoint URI: groups/:<groups ID>
Action: PUT
Edits the details of an existing sensor group. You must have System Admin permissions to run this request.
You must be assigned the System Admin role and Sensor Admin L1 role (if your Cybereason environment uses sensor grouping) to send requests to this endpoint URL.
Note
Ensure that you have logged into the Cybereason platform. For details, see Log in with the API.
Request Headers
You must add an Content-Type:application/json header with the request.
Note
If you are using cURL, add the authorization cookie details or the path to the file with cookie details with every request.
Request Body
Input: JSON
Depending on your browser settings, this linked file may open in a separate tab instead of downloading directly to your machine. If this happens, use the Save As option in your browser to save the file locally.
{
"name":"<your group name>",
"description":"<your description for the group>",
"groupAssignRule":{
"ruleType":"<rule criteria>",
"ruleOperator":"<operator>",
"ruleValues":["value"]
},
"policyId":"<policy ID>"
}
Request Parameters
URL/URI parameters: You must provide the string with the rule id as part of the request URL.
Request Body Parameters: You must provide each of the following required parameters:
name: A string with a name for the group
description: A string containing a meaningful description of the group
Response Status Codes
This request can return the following status codes:
200: Success OK or an error message saying why
Response Success Schema
The response contains a groupId parameter with the unique ID the Cybereason platform uses for the sensor group.
Response Failure Schema
None
Example: Edit an existing sensor group
Request
curl --request PUT \
--url https://12.34.56.78/rest/groups/71fc4540-dca6-434d-a3b6-98e38c0a18d1 \
--header 'Content-Type:application/json' \
--data '{
"name":"Admin Linux machines",
"description":"All admin machines that run Linux"
}'
Response
{
"groupId":"f7249383-9bd2-4420-91aa-f0c8ff806a93"
}
Request
Depending on your browser settings, this linked file may open in a separate tab instead of downloading directly to your machine. If this happens, use the Save As option in your browser to save the file locally.
Use this request body:
{
"name":"Admin Linux machines",
"description":"All admin machines that run Linux"
}
Response
{
"groupId":"f7249383-9bd2-4420-91aa-f0c8ff806a93"
}
Request
Depending on your browser settings, this linked file may open in a separate tab instead of downloading directly to your machine. If this happens, use the Save As option in your browser to save the file locally.
import requests
import json
# Login information
username = "[email protected]"
password = "mypassword"
server = "yourserver.com"
port = "443"
data = {
"username": username,
"password": password
}
headers = {"Content-Type": "application/json"}
base_url = "https://" + server + ":" + port
login_url = base_url + "/login.html"
session = requests.session()
login_response = session.post(login_url, data=data, verify=True)
print (login_response.status_code)
print (session.cookies.items())
# Request URL""
rule_id = "71fc4540-dca6-434d-a3b6-98e38c0a18d1"
endpoint_url = "/rest/groups/"
api_url = base_url + endpoint_url + rule_id
# These are the variables that represent different fields in the request.
group_name = "Admin Linux machines"
group_description = "All admin machines that run Linux"
query = json.dumps({"name":"Admin Linux machines","description":"All admin machines that run Linux"})
api_response = session.request("POST", api_url, data=query, headers=headers)
your_response = json.loads(api_response.content)
print(json.dumps(your_response, indent=4, sort_keys=True))
Response
{
"groupId":"f7249383-9bd2-4420-91aa-f0c8ff806a93"
}