pan-cortex-xdr-nodejs

NodeJS / Javascript / TypeScript language binding for the XDR PRO API

XDR PRO API NodeJS/TypeScript Client Library

NodeJS / Javascript / TypeScript language binding for the XDR PRO API

Main use benefits (besides the 1:1 mapping)

  • implements the Advanced API KEY nonce process
  • auto-completion and type safety if using a TypeScript editor

Installation

Get the module from the public NPM repository

npm i @paloaltonetworks/pan-cortex-xdr

The XdrApi object

this object provides namespaces to reach XDR PRO API's

  • IncidentApi: to deal with incidents and alerts
  • AlertApi: to push alerts from third party sources
  • EndpointApi: to interface with endpoints
  • DeviceControlApi: to manage device control features
  • HashExceptionApi: to manage file hash exceptions
  • AuditsApi: to retrieve audit reports
  • DistributionsApi: to manage endpoint package distributions

Geting Started

Just obtain a XdrApi object by calling the top level createXdrApi() function export.

Passing API KEY material from environmental variables

Set the following environmental variables before calling createXdrApi()

  • PAN_API_KEY_ID: API KEY identifier
  • PAN_XDR_FQDN: FQDN of the XDR PRO instance
  • either PAN_ADV_API_KEY or PAN_BASIC_API_KEY based on the type of API KEY being used

Passing API KEY material explicitly

Use an object with the following attributes as the first argument to createXdrApi(data)

  • apiKey: string
  • apiKeyId: string
  • isAdvancedKey: boolean
  • xdrBaseFqdn: string

Code example

TypeScript code example

import * as xdr from '@paloaltonetworks/pan-cortex-xdr'

async function main(xdrapi: xdr.XdrApi) {
    const response = await xdrapi.incident.get([{
        field: 'alert_sources',
        operator: 'in',
        value: ['XDR Analytics BIOC']
    }])
    console.log(JSON.stringify(response, undefined, 1))
}

const apiKey = 'JxBIx....GkyG'
const apiKeyId = '18'
const xdrBaseFqdn = 'illicium-industrial.xdr.us.paloaltonetworks.com'

const xdrapi = xdr.createXdrApi({
    apiKey,
    apiKeyId,
    xdrBaseFqdn,
})

main(xdrapi).then(console.log, console.error).finally(xdrapi.close)

Developer Sites

Social


Copyright © 2021 Palo Alto Networks, Inc. All rights reserved.