| title | description | ms.date | ms.topic |
|---|---|---|---|
Data Enrichment API |
This article provides information about using the Data Enrichment API. |
01/29/2023 |
reference |
The Data Enrichment API enables you to manage identifiable IP address ranges, such as your physical office IP addresses. IP address ranges allow you to tag, categorize, and customize the way logs and alerts are displayed and investigated. For more information, see Working with IP ranges and tags.
The following lists the supported requests:
The response object defines the following properties.
| Property | Type | Description |
|---|---|---|
| total | int | Total number of record |
| hasNext | bool | Indicates whether there are additional records |
| data | list | List of the existing records |
| _id | string | Unique id of the IP range |
| name | string | The unique name of the range |
| subnets | list | An array of masks, IP addresses (IPv4 / IPv6), and original strings |
| location | string | An object including the location name, latitude, longitude, country code, and country name |
| organization | string | The registered ISP |
| tags | list | An array of new or existing objects including the tag name, id, description, name template, and tenant id |
| category | int | The category of the IP range. Providing a category helps you easily recognize activities from interesting IP addresses. Possible values include: 1: Corporate 2: Administrative 3: Risky 4: VPN 5: Cloud provider 6: Other |
| lastModified | long | Timestamp of the last rule changed |
For information about how filters work, see Filters.
The following table describes the supported filters:
| Filter | Type | Operators | Description |
|---|---|---|---|
| category | integer | eq, neq | Filter IP ranges by category. Possible values include: 1: Corporate 2: Administrative 3: Risky 4: VPN 5: Cloud provider 6: Other |
| tags | string | eq, neq | Filter IP ranges by tag IDs |
| builtIn | bool | eq | Filter IP ranges by type. Possible values include: true (built-in) or false (custom) |
[!INCLUDE Open support ticket]