Curl Command
281 views
Skip to first unread message
Mohammad Shafiuddin Russel
Apr 26, 2023, 4:50:16 AM4/26/23
to Wazuh mailing list
Dear Team,
Please let me know if the following command is valid or any modification required?
curl -u username:password https://your-wazuh-server:55000/vulnerabilities?severity=high&sort_by=cve
Regards
Shafiuddin Russel
Matias Braida
Apr 26, 2023, 5:07:07 AM4/26/23
to Wazuh mailing list
Hello Shafiuddin,
First of all, thanks for using Wazuh.
Let me check some documentation and I will be back with an answer as soon as possible.
Regards
First of all, thanks for using Wazuh.
Let me check some documentation and I will be back with an answer as soon as possible.
Regards
Matias Braida
Apr 26, 2023, 9:06:11 AM4/26/23
to Wazuh mailing list
Hello again,
There are some errors in your command.
What wazuh manager version do you have installed?
First, you need to authenticate using user and password.
If you have version 4.4, then try this command:
curl -u <USER>:<PASSWORD> -k -X POST "https://<HOST_IP>:55000/security/user/authenticate"
If you have version 4.3, then try this command:
curl -u <USER>:<PASSWORD> -k -X GET "https://<HOST_IP>:55000/security/user/authenticate"
With this command, you get the authentication token you will use in further requests to the manager.
Please check the link: https://documentation.wazuh.com/current/user-manual/api/reference.html#section/Authentication
Then you could execute your query request using this obtained token.
With this command:
curl "https://localhost:55000/vulnerability/<AGENT_ID>?severity=High&sort=cve" -H "Authorization: Bearer <YOUR_JWT_TOKEN>"
Please check the link: https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.vulnerability_controller.get_vulnerability_agent
Hope this helps
Regards
There are some errors in your command.
What wazuh manager version do you have installed?
First, you need to authenticate using user and password.
If you have version 4.4, then try this command:
curl -u <USER>:<PASSWORD> -k -X POST "https://<HOST_IP>:55000/security/user/authenticate"
If you have version 4.3, then try this command:
curl -u <USER>:<PASSWORD> -k -X GET "https://<HOST_IP>:55000/security/user/authenticate"
With this command, you get the authentication token you will use in further requests to the manager.
Please check the link: https://documentation.wazuh.com/current/user-manual/api/reference.html#section/Authentication
Then you could execute your query request using this obtained token.
With this command:
curl "https://localhost:55000/vulnerability/<AGENT_ID>?severity=High&sort=cve" -H "Authorization: Bearer <YOUR_JWT_TOKEN>"
Please check the link: https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.vulnerability_controller.get_vulnerability_agent
Hope this helps
Regards
Reply all
Reply to author
Forward
0 new messages