Cortex XSIAM API
A REST API for Cortex XSIAM, the AI-driven security operations platform that combines SIEM, XDR, SOAR, and ASM capabilities. The API provides endpoints for incident management, alert handling, data ingestion configuration, XQL query execution, asset management, and automation rule management. Shares endpoint patterns with Cortex XDR but includes additional capabilities for log collection configuration, data model management, and AI-assisted investigation.
Documentation
Documentation
https://docs-cortex.paloaltonetworks.com/r/Cortex-XSIAM-REST-API
GettingStarted
https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR-REST-API/Get-Started-with-APIs
Specifications
OpenAPI
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/openapi/palo-alto-cortex-xsiam-api-openapi-original.yml
AsyncAPI
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/asyncapi/palo-alto-cortex-xsiam-data-ingestion-asyncapi-original.yml
JSON-LD
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-ld/palo-alto-cortex-xsiam-api-context.jsonld
JSON-LD
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-ld/palo-alto-cortex-xsiam-data-ingestion-context.jsonld
Examples
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-api-alert-example.json
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-api-asset-example.json
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-api-audit-log-example.json
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-api-endpoint-example.json
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-api-filter-example.json
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-api-incident-example.json
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-api-sort-order-example.json
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-data-ingestion-event-data-payload-example.json
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-data-ingestion-log-data-payload-example.json
Example
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/examples/cortex-xsiam-data-ingestion-xdr-data-payload-example.json
Schemas & Data
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-api-alert-schema.json
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-api-asset-schema.json
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-api-audit-log-schema.json
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-api-endpoint-schema.json
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-api-filter-schema.json
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-api-incident-schema.json
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-api-sort-order-schema.json
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-data-ingestion-event-data-payload-schema.json
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-data-ingestion-log-data-payload-schema.json
JSONSchema
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-schema/cortex-xsiam-data-ingestion-xdr-data-payload-schema.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-api-alert-structure.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-api-asset-structure.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-api-audit-log-structure.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-api-endpoint-structure.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-api-filter-structure.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-api-incident-structure.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-api-sort-order-structure.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-data-ingestion-event-data-payload-structure.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-data-ingestion-log-data-payload-structure.json
JSONStructure
https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/cortex-xsiam-data-ingestion-xdr-data-payload-structure.json