REST API

LogRhythm's REST APIs communicate over HTTPS and use JSON. The available routes and methods are used for a variety of administration, investigative, and search functions. To configure third-party applications to communicate with the REST API, see Register Third-Party Applications to Use the API. To remove access, see Disable Third-Party Applications for the API.

Only Global Administrators can register and disable third-party applications for the API.

LogRhythm currently offers the following REST APIs:

Security

The Admin API uses a number of standard protocols to ensure the security and integrity of solutions built using the API.

All communication is encrypted using HTTPS. Supported versions of TLS are 1.1 and 1.2.
By default, self-signed certifications and keys are generated at the time of installation. You can provide your own certificates and keys by modifying the service configuration files (.env files). For more information, see the LogRhythm Software Installation Guide, available at https://docs.logrhythm.com/deploy/7.14.0/.
Services are stateless and require a valid API token to be sent with every request. There is no login process and no session is maintained.
API tokens are JSON web tokens that are generated through the Client Console and are associated with an API account.
To revoke API access for a particular token, you can disable the API account associated with it or delete the token that was generated for it. This immediately causes any API requests using that token to be rejected.

Postman and the LogRhythm API

Postman is an API Development environment that makes it easy to develop against RESTful APIs in any common programming language. You can use it to save parameters and set environmental variables. You can also use it to build and save collections of requests. The LogRhythm Community offers a help guide to get you started with Postman and the suite of LogRhythm’s RESTful APIs.