Help Center/ SecMaster/ API Reference/ API/ Indicator Management/ Updating Indicators
Updated on 2025-03-20 GMT+08:00
View PDF

Updating Indicators

Function

Updating Indicators

Calling Method

For details, see Calling APIs.

URI

PUT /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID.

workspace_id

Yes

String

Workspace ID

indicator_id

Yes

String

Indicator ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Token of the tenant.

content-type

Yes

String

application/json;charset=UTF-8
Table 3 Request body parameters

Parameter

Mandatory

Type

Description

data_object

No

IndicatorDataObjectDetail object

Indicator details
Table 4 IndicatorDataObjectDetail

Parameter

Mandatory

Type

Description

indicator_type

No

indicator_type object

Indicator type object.

value

No

String

Value, for example, ip url domain.

update_time

No

String

Update time.

create_time

No

String

Creation time.

environment

No

environment object

Environment Info

data_source

No

data_source object

Data source.

first_report_time

No

String

First Occurred At

is_deleted

No

Boolean

Delete

last_report_time

No

String

Last occurred.

granular_marking

No

Integer

Confidentiality level. 1 -- First discovery; 2 -- Self-produced data; 3 -- Purchase required; and 4 -- Direct query from the external network.

name

No

String

Name.

id

No

String

Indicator ID.

project_id

No

String

Project ID.

revoked

No

Boolean

Whether to discard.

status

No

String

Status. The options are Open, Closed, and Revoked.

verdict

No

String

Threat degree. The options are Black, White, and Gray.

workspace_id

No

String

Workspace ID

confidence

No

Integer

Confidence. The value range is 80 to 100.
Table 5 indicator_type

Parameter

Mandatory

Type

Description

indicator_type

No

String

Indicator type.

id

No

String

Indicator type ID.
Table 6 environment

Parameter

Mandatory

Type

Description

vendor_type

No

String

Environment suppliers

domain_id

No

String

Tenant ID.

region_id

No

String

Region ID

project_id

No

String

Project ID.
Table 7 data_source

Parameter

Mandatory

Type

Description

source_type

No

Integer

Data source type. The options are as follows-- 1- cloud product 2- Third-party product 3- Tenant product

domain_id

No

String

Tenant ID.

project_id

No

String

Project ID.

region_id

No

String

Region ID

Response Parameters

Status code: 200

Table 8 Response header parameters

Parameter

Type

Description

X-request-id

String

Request ID, in the format request_uuid-timestamp-hostname.
Table 9 Response body parameters

Parameter

Type

Description

code

String

Error code

message

String

Error Message

data

IndicatorDetail object

Indicator details.
Table 10 IndicatorDetail

Parameter

Type

Description

id

String

Indicator ID.

name

String

Indicator name.

data_object

IndicatorDataObjectDetail object

Indicator details

workspace_id

String

Workspace ID

project_id

String

Project ID.

dataclass_ref

DataClassRefPojo object

Data class object information.

create_time

String

Creation time.

update_time

String

Update time.
Table 11 IndicatorDataObjectDetail

Parameter

Type

Description

indicator_type

indicator_type object

Indicator type object.

value

String

Value, for example, ip url domain.

update_time

String

Update time.

create_time

String

Creation time.

environment

environment object

Environment Info

data_source

data_source object

Data source.

first_report_time

String

First Occurred At

is_deleted

Boolean

Delete

last_report_time

String

Last occurred.

granular_marking

Integer

Confidentiality level. 1 -- First discovery; 2 -- Self-produced data; 3 -- Purchase required; and 4 -- Direct query from the external network.

name

String

Name.

id

String

Indicator ID.

project_id

String

Project ID.

revoked

Boolean

Whether to discard.

status

String

Status. The options are Open, Closed, and Revoked.

verdict

String

Threat degree. The options are Black, White, and Gray.

workspace_id

String

Workspace ID

confidence

Integer

Confidence. The value range is 80 to 100.
Table 12 indicator_type

Parameter

Type

Description

indicator_type

String

Indicator type.

id

String

Indicator type ID.
Table 13 environment

Parameter

Type

Description

vendor_type

String

Environment suppliers

domain_id

String

Tenant ID.

region_id

String

Region ID

project_id

String

Project ID.
Table 14 data_source

Parameter

Type

Description

source_type

Integer

Data source type. The options are as follows-- 1- cloud product 2- Third-party product 3- Tenant product

domain_id

String

Tenant ID.

project_id

String

Project ID.

region_id

String

Region ID
Table 15 DataClassRefPojo

Parameter

Type

Description

id

String

Data class ID.

name

String

Data class name.

Status code: 400

Table 16 Response header parameters

Parameter

Type

Description

X-request-id

String

Request ID, in the format request_uuid-timestamp-hostname.
Table 17 Response body parameters

Parameter

Type

Description

code

String

Error Code

message

String

Error Description

Example Requests

Update an indicator. Set the trigger flag to No and value to IP.

{
  "data_object" : {
    "indicator_type" : {
      "indicator_type" : "ipv6",
      "id" : "ac794b2dfab9fe8c0676587301a636d3"
    },
    "value" : "ip",
    "data_source" : {
      "domain_id" : "ac7438b990ef4a37b741004eb45e8bf4",
      "project_id" : "5b8bb3c888db498f9eeaf1023f7ba597",
      "region_id" : "cn-xxx-7",
      "source_type" : 1
    },
    "workspace_id" : "909494e3-558e-46b6-a9eb-07a8e18ca620",
    "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
    "granular_marking" : 1,
    "first_report_time" : "2023-07-04T16:47:01Z+0800",
    "status" : "Open"
  }
}

Example Responses

Status code: 200

Response when the request is successful.

{
  "code" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
  "message" : "Error message",
  "data" : {
    "id" : "28f61af50fc9452aa0ed5ea25c3cc3d3",
    "name" : "Indicator name.",
    "data_object" : {
      "indicator_type" : {
        "indicator_type" : "ipv6",
        "id" : "ac794b2dfab9fe8c0676587301a636d3"
      },
      "value" : "ip",
      "data_source" : {
        "domain_id" : "ac7438b990ef4a37b741004eb45e8bf4",
        "project_id" : "5b8bb3c888db498f9eeaf1023f7ba597",
        "region_id" : "cn-xxx-7",
        "source_type" : 1
      },
      "workspace_id" : "909494e3-558e-46b6-a9eb-07a8e18ca620",
      "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
      "granular_marking" : 1,
      "first_report_time" : "2023-07-04T16:47:01Z+0800",
      "status" : "Open"
    },
    "workspace_id" : "909494e3-558e-46b6-a9eb-07a8e18ca620",
    "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
    "dataclass_ref" : {
      "id" : "28f61af50fc9452aa0ed5ea25c3cc3d3",
      "name" : "Name."
    },
    "create_time" : "2021-01-30T23:00:00Z+0800",
    "update_time" : "2021-01-30T23:00:00Z+0800"
  }
}

Status Codes

Status Code

Description

200

Response when the request is successful.

400

Response when the request failed.

Error Codes

See Error Codes.

Parent Topic: Indicator Management