- Common v4.x-v5.x API
- /notifiertypes API
- /notifiers API
- /notifier API
- /notifier/:id API
- /notifier/:id API
- /notifier/:id/test API
- /roles API
- /user API
- /users API
- /users/csv API
- /users/min API
- /user API
- /user/:id API
- /user/:id API
- /user/:id/assignment API
- /user/password API
- Notifier Type
- ArkimeRole Type
- ArkimeUser Type
- ArkimeUserInfo Type
Common v4.x-v5.x API
This API is not final and is subject to change.
Note: These endpoints are used across Arkime apps, including Viewer, WISE, Cont3xt, and Parliament.
/notifiertypes API
GET - /api/notifiertypes
Retrieves notifier types (admin only).
Returns:
| Name | Type | Description |
|---|---|---|
| notifiers | object |
The notifiers that Arkime knows about. |
/notifiers API
GET - /api/notifiers
Retrieves notifiers that have been configured.
Returns:
| Name | Type | Description |
|---|---|---|
| notifiers | Array.<Notifier> |
The notifiers that have been created. |
/notifier API
POST - /api/notifier
Creates a new notifier (admin only).
Parameters:
| Param | Type | Description |
|---|---|---|
| name | string |
The name of the new notifier. |
| type | type |
The type of notifier. |
| fields | array |
The fields to configure the notifier. |
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
Whether the create notifier operation was successful. |
| text | string |
The success/error message to (optionally) display to the user. |
| notifier | Notifier |
If successful, the notifier with name sanitized and created/user fields added. |
/notifier/:id API
PUT - /api/notifier/:id
Updates an existing notifier (admin only).
Parameters:
| Param | Type | Description |
|---|---|---|
| id | string |
The new id of the notifier. |
| type | type |
The new type of notifier. |
| fields | array |
The new field values to configure the notifier. |
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
Whether the update notifier operation was successful. |
| text | string |
The success/error message to (optionally) display to the user. |
| notifier | Notifier |
If successful, the updated notifier with name sanitized and updated field added/updated. |
/notifier/:id API
DELETE - /api/notifier/:id
Deletes an existing notifier (admin only).
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
Whether the delete notifier operation was successful. |
| text | string |
The success/error message to (optionally) display to the user. |
/notifier/:id/test API
POST - /api/notifier/:id/test
Tests an existing notifier (admin only).
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
Whether the test notifier operation was successful. |
| text | string |
The success/error message to (optionally) display to the user. |
/roles API
GET - /api/roles
List all available Arkime roles
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
True if the request was successful, false otherwise |
| roles | Array.<ArkimeRole> |
The list of available Arkime roles |
/user API
GET - /api/user
Fetches the currently logged in user
Returns:
| Name | Type | Description |
|---|---|---|
| user | Array.<ArkimeUser> |
The currently logged in user. |
/users API
POST - /api/users
Retrieves a list of users (admin only).
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
True if the request was successful, false otherwise |
| data | Array.<ArkimeUser> |
The list of users configured. |
| recordsTotal | number |
The total number of users. |
| recordsFiltered | number |
The number of users returned in this result. |
/users/csv API
POST - /api/users/csv
Retrieves a list of users (admin only).
/users/min API
POST - /api/users/min
Retrieves a list of users (non-admin usable [with role status returned only for roleAssigners]).
Parameters:
| Param | Type | Description |
|---|---|---|
| roleId | string |
Optional roleId to match against |
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
True if the request was successful, false otherwise |
| data | Array.<ArkimeUserInfo> |
The list of users configured. |
/user API
POST - /api/user
Creates a new user (admin only).
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
Whether the add user operation was successful. |
| text | string |
The success/error message to (optionally) display to the user. |
/user/:id API
DELETE - /api/user/:id
Deletes a user (admin only).
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
Whether the delete user operation was successful. |
| text | string |
The success/error message to (optionally) display to the user. |
/user/:id API
POST - /api/user/:id
Updates a user (admin only).
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
Whether the update user operation was successful. |
| text | string |
The success/error message to (optionally) display to the user. |
/user/:id/assignment API
POST - /api/user/:id/assignment
Updates whether a user has a certain role (admin & roleAssigners only).
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
Whether the update user operation was successful. |
| text | string |
The success/error message to (optionally) display to the user. |
/user/password API
POST - /api/user/password
Update user password. NOTE: currentPassword is not required so that a usersAdmin can update anyone user’s password.
Returns:
| Name | Type | Description |
|---|---|---|
| success | boolean |
Whether the update password operation was successful. |
| text | string |
The success/error message to (optionally) display to the user. |
Notifier Type
A service that can be sent a notification.
Properties
| Name | Type | Description |
|---|---|---|
| name | string |
The human readable name of the notifier. Must be unique. |
| type | string |
The type of notifier (e.g. email, slack, twilio). |
| fields | array |
The list of fields that need to be configured to use the notifier. |
| created | number |
The time the notifier was created. Format is seconds since Unix EPOC. |
| updated | number |
The time the notifier was last updated. Format is seconds since Unix EPOC. |
| user | string |
The ID of the user that created the notifier. |
| users | Arrray |
The list of userIds who have access to use this notifier. |
| roles | Array |
The list of roles who have access to use this notifier. |
ArkimeRole Type
An Arkime Role
Roles are assigned to users to give them access to Arkime content
Default roles include:
arkimeAdmin - has administrative access to Arkime (can configure and update Arkime)
arkimeUser - has access to Arkime
cont3xtAdmin - has administrative access to Cont3xt (can configure and update Cont3xt)
cont3xtUser - has access to Cont3xt
parliamentAdmin - has administrative access to Parliament (can configure and update Parliament)
parliamentUser - has access to Parliament (can view and interact with Parliament Issues)
superAdmin - has access to all the applications and can configure anything
usersAdmin - has access to configure users
wiseAdmin - has administrative access to WISE (can configure and update WISE)
wiseUser - has access to WISE
ArkimeUser Type
The Arkime user object.
Parameters:
| Param | Type | Default | Description |
|---|---|---|---|
| userId | string |
The ID of the user. | |
| userName | string |
The name of the user (to be displayed in the UI). | |
| enabled | boolean |
true |
Whether the user is enabled (or disabled). Disabled users cannot access the UI or APIs. |
| webEnabled | boolean |
true |
Can access the web interface. When off only APIs can be used. |
| headerAuthEnabled | boolean |
false |
Can login using the web auth header. This setting doesn’t disable the password so it should be scrambled. |
| emailSearch | boolean |
false |
Can perform searches for fields relating to email. |
| removeEnabled | boolean |
false |
Can delete tags or delete/scrub pcap data and other deletion operations. |
| packetSearch | boolean |
true |
Can create a packet search job (hunt). |
| hideStats | boolean |
false |
Hide the Stats page from this user. |
| hideFiles | boolean |
false |
Hide the Files page from this user. |
| hidePcap | boolean |
false |
Hide PCAP (and only show metadata/session detail) for this user when they open a Session. |
| disablePcapDownload | boolean |
false |
Do not allow this user to download PCAP files. |
| expression | string |
An Arkime search expression that is silently added to all queries. Useful to limit what data a user can access (e.g. which nodes or IPs). | |
| settings | ArkimeSettings |
The Arkime app settings. | |
| columnConfigs | object |
A list of sessions table column configurations that a user has created. | |
| spiviewFieldConfigs | object |
A list of SPIView page field configurations that a user has created. | |
| tableStates | object |
A list of table states used to render Arkime tables as the user has configured them. | |
| welcomeMsgNum | number |
0 |
The message number that a user is on. Gets incremented when a user dismisses a message. |
| lastUsed | number |
The date that the user last used Arkime. Format is milliseconds since Unix EPOC. | |
| timeLimit | number |
Limits the time range a user can query for. | |
| roles | array |
The list of Arkime roles assigned to this user. | |
| roleAssigners | array |
The list of userIds that can manage who has this (ROLE) |
ArkimeUserInfo Type
The Arkime user-info object (information provided to roleAssigners or non-admin users).
Parameters:
| Param | Type | Description |
|---|---|---|
| userId | string |
The ID of the user. |
| userName | string |
The name of the user (to be displayed in the UI). |
| hasRole | boolean | undefined |
whether the user has the requested role (only if a role was provided & the requester is a roleAssigner for it) |
