InsightIDR REST API

Available InsightIDR APIs

Below are the available InsightIDR APIs and the capabilities of each. To learn more about Authentication and basic concepts, see Insight Platform API.

InsightIDR APIs

Only the APIs listed below will work for InsightIDR

Investigations

The Investigations resource allows you to see any existing investigations, close investigations, and set the investigation status.

Threats

The Threats resource allows you to add or replace threat indicators.

Query

The Query API allows you to perform LEQL queries through an API interface in the same manner that you would in the UI.

Saved Queries

The Saved Queries resource allows you to create and manage search queries.

Logs

The Logs resource allows you to interact with Logs in your account.

Logsets

The Logsets resource allows you to see existing Logsets in your account.