enable_threat_finder
Run this command on a CM or on a standalone unit to enable the threat finder functionality of the Active threat analytics.
Prerequisite: The investigation dashboard (quick search) is enabled.
This API is available in Guardium V11.1 and later.
REST API syntax
This API is available as a REST service with the
PUT
method. Call this API as follows:
PUT https://[Guardium hostname or IP address]:8443/restAPI/enable_threat_finder
GuardAPI syntax
enable_threat_finder parameter=value
Parameters
Parameter | Value type | Description |
---|---|---|
api_target_host | String |
Specifies the target hosts where the API executes. Valid values:
IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode. |
Examples
To enable threat finder on the standalone unit or on the CM environment:
grdapi enable_threat_finder
ID=0
ok