POST /config/event_sources/disconnected_log_collectors

Creates a new disconnected log collector.

A disconnected log collector contains the following fields:
  • id - ID - The ID of the disconnected log collector.
  • uuid - UUID - The UUID of the disconnected log collector.
  • name - String - The name of the Disconnected Log Collector.
  • description - String - The description of the Disconnected Log Collector.
  • version - String - The version of the Disconnected Log Collector.
  • protocol - Enumeration - The transport protocol used by the Disconnected Log Collector to send events to QRadar. Possible Values are TLS and UDP.
Table 1. POST /config/event_sources/disconnected_log_collectors resource details
MIME Type

application/json

Table 2. POST /config/event_sources/disconnected_log_collectors request parameter details
Parameter Type Optionality Data Type MIME Type Description

fields

header

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.
Table 3. POST /config/event_sources/disconnected_log_collectors request body details
Parameter Data Type MIME Type Description Sample

disconnected_log_collector

Object

application/json

The disconnected log collector to create.

{ "description": "String", "name": "String", "protocol": "String", "uuid": "String", "version": "String" }
Table 4. POST /config/event_sources/disconnected_log_collectors response codes
HTTP Response Code Unique Code Description

201

The disconnected log collector was created successfully.

409

1001

The 'uuid' parameter must be unique.

409

1004

The 'name' parameter must be unique.

422

1002

The 'uuid' parameter format is invalid.

422

1003

The 'uuid' parameter is required.

422

1005

The 'name' parameter is required.

422

1006

The 'name' parameter must not exceed 255 characters.

422

1007

The 'description' parameter must not exceed 255 characters.

422

1008

The 'version' parameter is required.

422

1009

The 'version' parameter must not exceed 255 characters.

422

1010

The 'protocol' parameter must be TLS or UDP.

500

1100

An error occurred during the attempt to create the disconnected log collector.

Response Description

The newly created disconnected log collector.

Response Sample


{
    "description": "String",
    "id": 42,
    "name": "String",
    "protocol": "String",
    "uuid": "String",
    "version": "String"
}