FortiNDR Cloud APIs
FortiNDR Cloud API documentation is available on the Fortinet Developer Network (FNDN).
Available APIs
- Entity API: Obtain details on individual entities such as IPs, domains, file hashes. This API supports providing details on an entity such as DHCP and DNS information and when it was first and last seen. For information about Entities, see Entity Panel .
- Detections API: Provides details on malicious events that were detected. SeeDetections
- Sensor API: Provides APIs for interacting with sensors.
- Investigations API: APIs for managing investigations and running queries.
Metastream
FortiNDR Cloud also provides access to the most recent seven days of events on Metastream. A python client is available to facilitate interacting with the most used events.
- Metastream documentation is available on the Fortinet Developer Network (FNDN).
- Client library documentation is available in the Document library. See, Metastream Python Library.