🌙
 

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Getting Started with the Collector GraphQL APIs

api guides


Important

Before proceeding, complete the API Authentication steps in order to obtain a working client_id and client_secret.

Regions

The URL to access Taegis™ XDR APIs may differ according to the region your environment is deployed in:

  • US1— https://api.ctpx.secureworks.com
  • US2— https://api.delta.taegis.secureworks.com
  • US3— https://api.foxtrot.taegis.secureworks.com
  • EU— https://api.echo.taegis.secureworks.com

The examples in this Taegis™ XDR API documentation use https://api.ctpx.secureworks.com throughout. If you are in a different region substitute appropriately.

You can use the Taegis™ XDR collector APIs to query for your data collectors and get general information about their deployments, endpoints, and their configuration and health. These APIs also allow you to create, update, and delete collectors and their associated attributes. All available collector API endpoints can be found in the Collector GraphQL API and Datasource GraphQL API reference.

Things to Consider

Create a Collector

mutation createCluster($clusterInput: ClusterInput! = { name: "sample-collector" description: "a collector created from a script!" network: { dhcp: true, hostname: "sample-collector-host" } })
{
    createCluster(clusterInput: $clusterInput)
    {
        createdAt updatedAt id role name type clusterType description network { dhcp hostname hosts address mask gateway dns ntp proxy } deployments { createdAt updatedAt id role name description chart version config status { name createdAt updatedAt id status } endpoints { createdAt updatedAt id description address port validity { from until } credentials } } status { name createdAt updatedAt id status } health healthState registration { id region } maintenanceDay maintenanceStartHour maintenanceDuration clusterNodes { createdAt updatedAt id name description network { dhcp hostname hosts address mask gateway dns ntp proxy } health registration { id region } host } isHa haCidrBlock
    }
}

Query Collectors

query getAllClusters($role: String! = "collectors")
{
    getAllClusters(role: $role)
    {
        createdAt updatedAt id role name type clusterType description network { dhcp hostname hosts address mask gateway dns ntp proxy } deployments { createdAt updatedAt id role name description chart version config status { name createdAt updatedAt id status } endpoints { createdAt updatedAt id description address port validity { from until } credentials } } status { name createdAt updatedAt id status } health healthState registration { id region } maintenanceDay maintenanceStartHour maintenanceDuration clusterNodes { createdAt updatedAt id name description network { dhcp hostname hosts address mask gateway dns ntp proxy } health registration { id region } host } isHa haCidrBlock
    }
}

Note

Some users may need to remove credentials from the endpoints section.

Next Steps

For more information, see the Collector GraphQL API and Datasource GraphQL API documentation.

 

On this page: