{{.Title}} ({{.Version}})

Download OpenAPI specification:Download

AuthMind: support@authmind.com URL: https://www.authmind.com License: AuthMind Terms of Use

Get a list of issues.

Get a list of issue to import into your SIEM. Issues are one or more incidents that have been grouped by the Issue Keys. To receive a stream of the latest issues, save the issue id as bookmark and query on some interval for the latest issues that > this bookmark, ie the latest issue id you have previously queried. For additional details about each issue, you can query the GetIssueDetails API for the specific issue id

SecurityAuthorizationHeader

Request

query Parameters

issue_type	string Used to retrieve only a specific issue type. If left empty, the issues will be retrieved for all the types.(recommended) Enum: "Access from Anonymous IP" "Access from Public VPN" "Access from Unauthorized Countries" "Access to Anonymous IP" "Access to Public VPN" "Access to Unauthorized Countries" "Auth Hash Quality" "Auth Hash Security" "Auth Protocol Quality" "Compromised Password" "Compromised User" "Deviation in Daily Asset Activity" "Enumeration of AD Admins" "Enumeration of AD Users" "Exposed Assets" "Lack of MFA" "Identity No MFA" "Asset No MFA" "Repeated AD Login Attempts at Invalid Time" "Repeated Login Attempts at Invalid Device" "Shadow Access" "Shadow Assets" "Shadow Identity Systems" "Suspected AD NTLM Relay Attack" "Suspected Attack on Disabled AD Account" "Suspected Attack on Expired AD Account" "Suspected Attack on Locked AD Account" "Suspected AD Brute-force Attack" "Suspected Identity Brute-force Attack" "Suspected Directory/IdP Bot Attack" "Suspected Directory/IdP Password Spray Attack" "Suspicious Inbound Access" "Suspicious Outbound Access" "Unauthorized Asset Access" "Unknown SaaS Access" "Weak Password" "Unauthorized Identity Access" "Impossible Travel" "Suspected Access Token Sharing"
issue_id_gt	string Used to retrieve latest issues by issue id. All issues > this parameter will be returned (recommended)
issue_time_gt	string <date-time> Used to retrieve latest issues by Date / Time. All issues > this parameter will be returnedIf neither the issue_id_gt parameter field or this field is provided as parameter, the returns will default to the last 7 days. e.g. '2024-01-02 15:04:05'
sort_order	string Sorting order, Default value is DESC. Enum: "ASC" "DESC"
sort_by	string Field to sort by, Default value is issue_time. Enum: "issue_id" "issue_time" "flow_count" "incident_count" "risk"
from	integer Starting point for pagination, Default value 0.
size	integer Maximum number of records to return for pagination, Default value 1000.

Responses

200

Successful response

400

Invalid params or missing params.

401

Authorization information is missing or invalid.

get/getIssues

Request samples

curl

Response samples

application/json

{"success": true,
"results": [{"issue_time": "2024-08-01T10:31:42.000Z",
"issue_id": "17263-1722579276407",
"issue_type": "Auth Hash Security",
"playbook_name": "Auth Hash Security Playbook",
"issue_keys": {"domain": "example.com",
"hash_algo": "sha256"
},
"message": "The directory on example.com uses a weak hash algorithm md4 which is not secure and easy to crack.",
"risk": "Low",
"flow_count": 500,
"incident_count": 20,
"incidents_url": "https://console.authmind.com/issues?q=id%3A3817066",
"issue_details_api": "https://console.authmind.com/amapi/v1/getIssueDetails?issue_id=17263-1722579276407"
}
],
"metadata": { }
}

Get details of an issue based on issue id.

Get specific details about an issue and all related incidents for the issue.