Object
[restSearch] Get a filtered and paginated list of objects:
POST
https://misp.local/objects/restsearch
Request:
{
"page": 1,
"limit": 0,
"quickFilter": "malware",
"searchall": "malware",
"timestamp": "1617875568",
"object_name": "ail-leak",
"object_template_uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"object_template_version": "1",
"eventid": "12345",
"eventinfo": "logged source ip",
"ignore": false,
"from": "string",
"to": "string",
"date": "string",
"tags": [
"tlp:amber"
],
"last": 0,
"event_timestamp": "1617875568",
"publish_timestamp": "1617875568",
"org": "12345",
"uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"value": "127.0.0.1",
"type": "md5",
"category": "Internal reference",
"object_relation": "filepath",
"attribute_timestamp": "1617875568",
"first_seen": "1581984000000000",
"last_seen": "1581984000000000",
"comment": "logged source ip",
"to_ids": true,
"published": false,
"deleted": false,
"withAttachments": false,
"enforceWarninglist": true,
"includeAllTags": false,
"includeEventUuid": false,
"include_event_uuid": false,
"includeEventTags": false,
"includeProposals": false,
"includeWarninglistHits": true,
"includeContext": true,
"includeSightings": true,
"includeSightingdb": true,
"includeCorrelations": true,
"includeDecayScore": false,
"includeFullModel": false,
"allow_proposal_blocking": false,
"metadata": true,
"attackGalaxy": "mitre-attack",
"excludeDecayed": false,
"decayingModel": "string",
"modelOverrides": {
"lifetime": 3,
"decay_speed": 2.3,
"threshold": 30,
"default_base_score": 80,
"base_score_config": {
"estimative-language:confidence-in-analytic-judgment": 0.25,
"estimative-language:likelihood-probability": 0.25,
"phishing:psychological-acceptability": 0.25,
"phishing:state": 0.2
}
},
"score": "string",
"returnFormat": "json"
}Response:
200:
{
"response": [
{
"Object": {
"id": "12345",
"name": "ail-leak",
"meta-category": "string",
"description": "string",
"template_uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"template_version": "1",
"event_id": "12345",
"uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"timestamp": "1617875568",
"distribution": "0",
"sharing_group_id": "1",
"comment": "string",
"deleted": true,
"first_seen": "1581984000000000",
"last_seen": "1581984000000000",
"Attribute": [
{
"id": "12345",
"event_id": "12345",
"object_id": "12345",
"object_relation": "sensor",
"category": "Internal reference",
"type": "md5",
"value": "127.0.0.1",
"to_ids": true,
"uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"timestamp": "1617875568",
"distribution": "0",
"sharing_group_id": "1",
"comment": "logged source ip",
"deleted": false,
"disable_correlation": false,
"first_seen": "1581984000000000",
"last_seen": "1581984000000000"
}
]
}
}
]
}403:
{
"name": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
"message": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
"url": "/attributes"
}Default:
{
"name": "string",
"message": "string",
"url": "/attributes"
}Add an object to an event:
POST
https://misp.local/objects/add/{eventId}/{objectTemplateId}
Request:
{
"Attribute": [
{
"category": "Internal reference",
"value": "127.0.0.1",
"to_ids": true,
"disable_correlation": false,
"distribution": "0",
"comment": "logged source ip",
"object_relation": "sensor"
}
]
}Response:
200:
{
"Object": {
"id": "12345",
"name": "ail-leak",
"meta-category": "string",
"description": "string",
"template_uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"template_version": "1",
"event_id": "12345",
"uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"timestamp": "1617875568",
"distribution": "0",
"sharing_group_id": "1",
"comment": "string",
"deleted": true,
"first_seen": "1581984000000000",
"last_seen": "1581984000000000",
"Attribute": [
{
"id": "12345",
"event_id": "12345",
"object_id": "12345",
"object_relation": "sensor",
"category": "Internal reference",
"type": "md5",
"value": "127.0.0.1",
"to_ids": true,
"uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"timestamp": "1617875568",
"distribution": "0",
"sharing_group_id": "1",
"comment": "logged source ip",
"deleted": false,
"disable_correlation": false,
"first_seen": "1581984000000000",
"last_seen": "1581984000000000"
}
]
}
}403:
{
"name": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
"message": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
"url": "/attributes"
}404:
{
"name": "Invalid attribute",
"message": "Invalid attribute",
"url": "/attributes/1234"
}Default:
{
"name": "string",
"message": "string",
"url": "/attributes"
}Get object by ID:
GET
https://misp.local/objects/view/{objectId}
Response:
200:
{
"Object": {
"id": "12345",
"name": "ail-leak",
"meta-category": "string",
"description": "string",
"template_uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"template_version": "1",
"event_id": "12345",
"uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"timestamp": "1617875568",
"distribution": "0",
"sharing_group_id": "1",
"comment": "string",
"deleted": true,
"first_seen": "1581984000000000",
"last_seen": "1581984000000000",
"Attribute": [
{
"id": "12345",
"event_id": "12345",
"object_id": "12345",
"object_relation": "sensor",
"category": "Internal reference",
"type": "md5",
"value": "127.0.0.1",
"to_ids": true,
"uuid": "c99506a6-1255-4b71-afa5-7b8ba48c3b1b",
"timestamp": "1617875568",
"distribution": "0",
"sharing_group_id": "1",
"comment": "logged source ip",
"deleted": false,
"disable_correlation": false,
"first_seen": "1581984000000000",
"last_seen": "1581984000000000"
}
],
"Event": {
"id": "12345",
"info": "logged source ip",
"org_id": "12345",
"orgc_id": "12345"
}
}
}403:
{
"name": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
"message": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
"url": "/attributes"
}404:
{
"name": "Invalid attribute",
"message": "Invalid attribute",
"url": "/attributes/1234"
}Default:
{
"name": "string",
"message": "string",
"url": "/attributes"
}Delete object:
DELETE
https://misp.local/objects/delete/{objectId}/{hardDelete}
Response:
200:
{
"saved": true,
"success": true,
"name": "Object deleted",
"message": "Object deleted",
"url": "/objects/delete/1"
}403:
{
"name": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
"message": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
"url": "/attributes"
}404:
{
"name": "Invalid attribute",
"message": "Invalid attribute",
"url": "/attributes/1234"
}Default:
{
"name": "string",
"message": "string",
"url": "/attributes"
}