In order to make requests into the event and alert APIs, you have to generate an API key, which you use to generate a token, and then you can setup any kind of integration that you would like to make authenticated requests into the Blu Event and Alert APIS.

Generate an Auth Token

Create an API key by navigating to Settings > API Keys
1. Enter a name for the key
2. Select Integration from the drop down
3. Select Generate Key
4. Save the JSON/CSV file to your desktop

Open the JSON/CSV file and copy the value of the token

{
  "api_keys": {
    "https://mycompany.blubracket.com": {
      "id": "BLU-a492144b-f118-4598-991e-f1d4d6209edf",
      "key": "TofsB.....EqwGg",
      "token": "QkxVL....xd0dn"
    }
  }
}

With that token, you can make requests directly into the Event and Alert search APIz. You will need to set the Authorization header and use the provided token as Bearer token.
Here are some examples using curl.

curl -H "Authorization: Bearer TOKEN_FROM_STEP_2" --data '{"filters":[]}' https://mycompany.blubracket.com/api/public/event/search

curl -H "Authorization: Bearer TOKEN_FROM_STEP_2" --data '{"filters":[]}' https://mycompany.blubracket.com/api/public/alert/search

Note: As per ISO 8601, date formatting requires either the Z or the +00:00 be supplied at the end. This is required to determine that the datetime is in the UTC timezone.

Example python code is shown below:

from datetime import datetime, timezone

datetime.now(timezone.utc).isoformat()

Example Output

'2021-07-20T23:45:06.342716+00:00'

Alert/Event API Reference Material

Alerts

Resource	Parameters		Response
	Name	Description	Code	Response
`POST /api/public/alert/count` Search alerts using filters over attributes	body	One or more filters Example: { "filters":[ { "id":"alert_type", "value":["REPO_SCAN_MATCH"], "exact_match":true }, { "id":"repo_type", "value":["ENTERPRISE_PUBLIC","PUBLIC"], "exact_match":true }, { "id":"state", "value":["ACTIVE"], "exact_match":true } ] }	200	Number of alerts
`POST /api/public/alert/search`	body	One or more filters, optional `groupBy` and `limit` field. Example 1: { "filters":[ { "id":"alert_type", "value":["REPO_SCAN_MATCH"], "exact_match":true }, { "id":"repo_type", "value":["ENTERPRISE_PRIVATE", "ENTERPRISE_PUBLIC"], "exact_match":true }, { "id":"state", "value":["ACTIVE"], "exact_match":true }, { "id":"created", "value":["2020-08-23T00:01:01.123Z"], "op": "GE", "exact_match":true }, { "id":"created", "value":["2020-12-23T23:21:46.999Z"], "op": "LE", "exact_match":true } ], "orderBy": "alert_id", "limit": 1000, "page": 1 } Example 2: with group by { "filters":[ { "id":"alert_type", "value":["REPO_SCAN_MATCH"], "exact_match":true }, { "id":"repo_type", "value":["ENTERPRISE_PUBLIC","PUBLIC"], "exact_match":true }, { "id":"state", "value":["ACTIVE"], "exact_match":true } ], "groupBy":"url" }	200	Example { "alerts": [ { "alert_id": "ea076e86-1400-4c57-92e6-0c9eca57419a", "last_updated": "2021-03-02T04:10:41.398634+00:00", "state": "ACTIVE", "url": "git://github.com/acmeorg/agentosx.git", "developer_id": "2fa5555e-36e5-4d7f-a79c-03fea9c9656b", "created": "2020-11-03T18:43:46.218665+00:00", "alert_type": "REPO_SCAN_MATCH", "sub_type": "discord_client_secret", "tenant_name": "acme", "commit_id": "355d54b1fbc76cb35a29446f66632ad09ad76252", "developer_name": "johndoe <59456239+johndoe@users.noreply.github.com>", "tenant_id": "892c6ffc-2217-4eb4-794f-05b0d20dd0cb", "details": { "files": [ { "path": "Pac-Code.txt", "line_secrets": [ { "cols": [ 17, 49 ], "line": 28, "line_hash": "4dc0b223-6baf-6b5a-1e30-0b4d80b157c5", "description": "Discord client secret", "secret_hash": "749d5007-1752-44f0-9adf-fd620f3883bb", "secret_type": "discord_client_secret", "textual_context": "disCORD_secret= \"***\"" } ], "metadata_secrets": [] } ], "deep_link_url": "https://github.com/acmeorg/agentosx/blob/355d54b1fbc76cb35a29446f66632ad09ad76252/Pac-Code.txt#L28" } } ] }
`PUT /api/public/alert` Update state of one or more alerts	body	{"alerts": [ { "alert_id": "31df52c4-62ef-45db-b2fc-4ab22a6d29b9", "state": "FALSE_POSITIVE" }, { "alert_id": "fed89523-ddc4-4ede-834e-29ec1eeb5762", "state": "RESOLVED" }, { "alert_id": "3974dff7-6e94-449c-bdee-c67024e059da", "state": "NOT_IMPORTANT" }, { "alert_id": "ed89523-ddc4-4ede-834e-29ec1eeb5762", "state": "ACTIVE" } ]}	200

Events

RESOURCE

Parameters

Response

Name

Description

Code

Description

POST /api/public/event/count

Search events using filters over attributes and return count.

The handler returns the count for each secret type when:
(1) event type filter is REPO_SCAN_MATCH and
(2) groupBy = secret_type.

body

One or filters

{
  "countAttr": "string",
  "filters": [
    {
      "exact_match": false,
      "id": "string",
      "value": [
        "string"
      ]
    }
  ],
  "groupBy": "string",
  "limit": 0,
  "orderBy": "string",
  "page": 0
}

200

Integer value as JSON

POST /api/public/event/search
Search events using filters over attributes

body

One or more filters, optional groupBy and limit fields

{
  "countAttr": "string",
  "filters": [
    {
      "exact_match": false,
      "id": "string",
      "value": [
        "string"
      ]
    }
  ],
  "groupBy": "string",
  "limit": 0,
  "orderBy": "string",
  "page": 0
}

200

Example

{
  "events": [
    {
      "client_hash": "string",
      "client_ip": "string",
      "client_os": "string",
      "created": "2020-03-03T00:25:17.453Z",
      "details": "string",
      "developer_id": "string",
      "developer_name": "string",
      "local_path": "string",
      "source_name": "string",
      "source_type": "string",
      "time_generated": "2020-03-03T00:25:17.453Z",
      "url": "string",
      "user_name": "string"
    }
  ]
}

Event and Alert APIs

Alerts

Events

Comments

Alerts

Events

Related articles