Referencia API¶
RISK¶
GET https://mantis3-api.safelabs.com.br/risks¶
Objetivo — devuelve los riesgos según los filtros y la paginación.
Query
- Los campos vacíos no se incluyen en la URL.
- Para
asset_type,criticality,event_categoryystatuspuede indicar varios valores separados por comas.
| Parámetro | Tipo | Notas | Valor (ejemplo) |
|---|---|---|---|
x-api-key |
header | Clave API | |
page |
int | Número de página a consultar | |
page_size |
int | Cantidad de riesgos por página | |
asset_type |
enum[] | Valores a filtrar (ej.: DOMAIN, IP) |
|
criticality |
enum[] | Criticidad de los riesgos (ej.: LOW, HIGH) |
|
event_category |
enum[] | Categoría de los riesgos (ej.: SOCIAL, FRAUD) |
|
status |
enum[] | Estado actual del riesgo (ej.: IN_PROGRESS, NEW) |
|
date_from |
datetime | Fecha inicio de búsqueda (ej.: yyyy-MM-ddThh-mm-ss) |
|
date_to |
datetime | Fecha fin de búsqueda (ej.: yyyy-MM-ddThh-mm-ss) |
|
sort |
string | Ordenar por campo (ej.: created_at:desc) |
Respuestas
200 (api176), 400 (api016), 422 (validación), 500 (api182).
Ejemplos de formato de parámetros
Los parámetros deben seguir los patrones siguientes para que las consultas funcionen correctamente:
x-api-key — "sk_api_123abc"
page — "1" "2" "3"
page_size — "10" "20" "30"
asset_type — "DOMAIN" "BRAND" "IPV4" "BIN" "APK" "NAME" "CPF" "CNPJ" "EMAIL" "PHONE" "PASSPORT" "RG" "CNH" "ACCOUNT_NAME" "CREDIT_CARD"
criticality — "CRITICAL" "HIGH" "MEDIUM" "LOW"
event_category — "Aplications" "Buckets" "Dataleak" "Ecommerce" "Fraud" "DarkDeepWeb" "Phishing" "Social" "EASM"
status — "IN_PROGRESS" "NEW" "ON_HOLD" "RESOLVED"
date_from — "2010-10-10T10:10:10" "2011-11-11T11:11:11"
date_to — "2010-10-10T10:10:10" "2011-11-11T11:11:11"
sort — "created_at:desc" "financial_impact:asc"
Implementación
// Requiere libcurl (enlazar con -lcurl)
#include <curl/curl.h>
#include <stdio.h>
int main(void) {
CURL *curl = curl_easy_init();
if (!curl) return 1;
curl_easy_setopt(curl, CURLOPT_URL,
"https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL,
"https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
package main
import (
"io"
"net/http"
"os"
)
func main() {
req, _ := http.NewRequest("GET",
"https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10", nil)
req.Header.Set("x-api-key", "SUA_CHAVE_API")
resp, err := http.DefaultClient.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
io.Copy(os.Stdout, resp.Body)
}
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
.uri(URI.create("https://mantis3-api.safelabs.com.br/risks?page=1&page_size=10"))
.header("x-api-key", "SUA_CHAVE_API")
.GET()
.build();
HttpResponse<String> res =
client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());
Ejemplos de cuerpo de respuesta
{
"page_number": 1,
"page_size": 10,
"total_pages": 3,
"total_record": 25,
"total_registers": 10,
"content": [
{
"id": 123,
"status": "NEW",
"created_at": "2025-03-20T14:30:00Z",
"event_url": "https://exemplo.com/alvo",
"event_category": "Phishing",
"asset_type": "DOMAIN",
"criticality": "HIGH",
"financial_impact": null,
"risk_impact_severity": "HIGH",
"impact_calculated_at": "2025-03-20T15:00:00Z",
"assets_list": ["exemplo.com"],
"aggregation": false
}
],
"status_counts": {
"NEW": 8,
"IN_PROGRESS": 4,
"CLOSED": 13
}
}
GET https://mantis3-api.safelabs.com.br/risks/{risk_id}¶
Objetivo — devuelve el detalle del riesgo.
| Parámetro | Tipo | Notas | Valor (ejemplo) |
|---|---|---|---|
x-api-key |
header | Autenticación | |
risk_id |
path | Identificador en la URL |
Respuestas
200, 404 (api170), 422 (validación de risk_id).
x-api-key — "sk_api_123abc"
risk_id — "1" "2" "3"
Implementación
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/risks/123");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/risks/123");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
package main
import (
"io"
"net/http"
"os"
)
func main() {
req, _ := http.NewRequest("GET", "https://mantis3-api.safelabs.com.br/risks/123", nil)
req.Header.Set("x-api-key", "SUA_CHAVE_API")
resp, err := http.DefaultClient.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
io.Copy(os.Stdout, resp.Body)
}
import java.net.URI;
import java.net.http.*;
var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
.uri(URI.create("https://mantis3-api.safelabs.com.br/risks/123"))
.header("x-api-key", "SUA_CHAVE_API")
.GET()
.build();
HttpResponse<String> res =
client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());
Ejemplos de cuerpo de respuesta
{
"id": 123,
"event_id": "evt-abc-001",
"asset_type": "DOMAIN",
"event_category": "Phishing",
"event_url": "https://exemplo.com/alvo",
"created_at": "2025-03-20T14:30:00Z",
"impact": "Alto riesgo de credenciales expuestas.",
"description": "Dominio asociado a campaña de phishing.",
"recommendation": "Bloquear el dominio y notificar a los usuarios.",
"rule": {
"name": "Detección de phishing",
"description": "Regla de monitoreo de marcas",
"severity": "HIGH"
},
"status": "IN_PROGRESS",
"financial_impact": 5000.0,
"risk_impact_severity": "HIGH",
"impact_calculated_at": "2025-03-20T15:00:00Z",
"event_details": null,
"rule_details": null,
"assets_list": ["exemplo.com"]
}
GET https://mantis3-api.safelabs.com.br/risks/aggregation/{risk_id}¶
Detalle con información de agregación y lista de eventos agregados cuando aplique.
Ruta y ejemplos — valores solo para esta ruta (/risks/aggregation/{risk_id}).
| Parámetro | Tipo | Notas | Valor (ejemplo) |
|---|---|---|---|
x-api-key |
header | Autenticación | |
risk_id |
path | Identificador en la URL |
Respuestas
200, 404 (api170), 422 (validación de risk_id).
x-api-key — "sk_api_123abc"
risk_id — "1" "2" "3"
Implementación
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL,
"https://mantis3-api.safelabs.com.br/risks/aggregation/123");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL,
"https://mantis3-api.safelabs.com.br/risks/aggregation/123");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
package main
import (
"io"
"net/http"
"os"
)
func main() {
req, _ := http.NewRequest("GET",
"https://mantis3-api.safelabs.com.br/risks/aggregation/123", nil)
req.Header.Set("x-api-key", "SUA_CHAVE_API")
resp, err := http.DefaultClient.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
io.Copy(os.Stdout, resp.Body)
}
import java.net.URI;
import java.net.http.*;
var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
.uri(URI.create("https://mantis3-api.safelabs.com.br/risks/aggregation/123"))
.header("x-api-key", "SUA_CHAVE_API")
.GET()
.build();
HttpResponse<String> res =
client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());
Ejemplos de cuerpo de respuesta
{
"id": 123,
"event_id": "42",
"asset_type": "EMAIL",
"event_category": "Dataleak",
"event_url": null,
"created_at": "2025-03-18T09:00:00Z",
"impact": null,
"description": "Risco agregado por regra.",
"recommendation": null,
"rule": {
"name": "Vazamento de credenciais",
"description": null,
"severity": "MEDIUM"
},
"status": "NEW",
"event": null,
"financial_impact": null,
"risk_impact_severity": "MEDIUM",
"impact_calculated_at": null,
"event_details": [
{
"event_id": "evt-001",
"created_date": "2025-03-18T09:05:00Z",
"affected_user": "usuario@exemplo.com"
},
{
"event_id": "evt-002",
"created_date": "2025-03-19T11:20:00Z",
"affected_user": null
}
],
"rule_details": null,
"assets_list": [],
"aggregation": true
}
GET https://mantis3-api.safelabs.com.br/risks/timeline/{risk_id}¶
Línea de tiempo cronológica (recolección, procesamiento, historial de estado) y event_timeline.
Ruta y ejemplos — valores solo para esta ruta (/risks/timeline/{risk_id}).
| Parámetro | Tipo | Notas | Valor (ejemplo) |
|---|---|---|---|
x-api-key |
header | Autenticación | |
risk_id |
path | Identificador en la URL |
Respuestas
200, 404 (api170), 422 (validación de risk_id).
x-api-key — "sk_api_123abc"
risk_id — "1" "2" "3"
Implementación
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL,
"https://mantis3-api.safelabs.com.br/risks/timeline/123");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL,
"https://mantis3-api.safelabs.com.br/risks/timeline/123");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
package main
import (
"io"
"net/http"
"os"
)
func main() {
req, _ := http.NewRequest("GET",
"https://mantis3-api.safelabs.com.br/risks/timeline/123", nil)
req.Header.Set("x-api-key", "SUA_CHAVE_API")
resp, err := http.DefaultClient.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
io.Copy(os.Stdout, resp.Body)
}
import java.net.URI;
import java.net.http.*;
var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
.uri(URI.create("https://mantis3-api.safelabs.com.br/risks/timeline/123"))
.header("x-api-key", "SUA_CHAVE_API")
.GET()
.build();
HttpResponse<String> res =
client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());
Ejemplos de cuerpo de respuesta
{
"timeline": [
{
"date": "2025-03-18T08:00:00Z",
"title": "Recolección",
"description": "Evento recogido en la fuente.",
"user_name": null
},
{
"date": "2025-03-18T09:15:00Z",
"title": "Procesamiento",
"description": "Evento procesado y asociado al riesgo.",
"user_name": null
},
{
"date": "2025-03-19T10:00:00Z",
"title": "Publicado",
"description": "Estado cambiado a en análisis.",
"user_name": "Ana Silva"
}
],
"event_timeline": [
{
"event_id": "evt-abc-001",
"collected_at": "2025-03-18T08:00:00Z",
"processed_at": "2025-03-18T09:15:00Z",
"category": "Phishing",
"asset_type": "DOMAIN",
"event_url": "https://exemplo.com/phishing"
}
]
}
GET https://mantis3-api.safelabs.com.br/risks/notes/{risk_id}¶
Lista de notas del riesgo, ordenadas por created_at ascendente.
Ruta y ejemplos — valores solo para esta ruta (/risks/notes/{risk_id}).
| Parámetro | Tipo | Notas | Valor (ejemplo) |
|---|---|---|---|
x-api-key |
header | Autenticación | |
risk_id |
path | Identificador en la URL |
Respuestas
200, 404 (api170), 422 (validación de risk_id).
x-api-key — "sk_api_123abc"
risk_id — "1" "2" "3"
Implementación
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL,
"https://mantis3-api.safelabs.com.br/risks/notes/123");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL,
"https://mantis3-api.safelabs.com.br/risks/notes/123");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
package main
import (
"io"
"net/http"
"os"
)
func main() {
req, _ := http.NewRequest("GET",
"https://mantis3-api.safelabs.com.br/risks/notes/123", nil)
req.Header.Set("x-api-key", "SUA_CHAVE_API")
resp, err := http.DefaultClient.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
io.Copy(os.Stdout, resp.Body)
}
import java.net.URI;
import java.net.http.*;
var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
.uri(URI.create("https://mantis3-api.safelabs.com.br/risks/notes/123"))
.header("x-api-key", "SUA_CHAVE_API")
.GET()
.build();
HttpResponse<String> res =
client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());
Ejemplos de cuerpo de respuesta
EVENT¶
GET https://mantis3-api.safelabs.com.br/events/{event_id}¶
Objetivo — devuelve el documento del evento en OpenSearch por id, con details mapeados cuando exista mapeo por recolector/tipo y enmascaramiento de datos sensibles en los activos cuando aplique.
| Parámetro | Tipo | Notas | Valor (ejemplo) |
|---|---|---|---|
x-api-key |
header | Autenticación | |
event_id |
path | ID del evento en OpenSearch |
Respuestas
200 (cuerpo _source enriquecido), 404 (api180), 422 (validación de ruta cuando aplique).
x-api-key — "sk_api_123abc"
event_id — identificador alfanumérico en listados o en el detalle del riesgo (ej.: abc123xyz).
Implementación
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/events/example-event-id");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
#include <curl/curl.h>
int main(void) {
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL, "https://mantis3-api.safelabs.com.br/events/example-event-id");
struct curl_slist *h =
curl_slist_append(NULL, "x-api-key: SUA_CHAVE_API");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, h);
curl_easy_perform(curl);
curl_slist_free_all(h);
curl_easy_cleanup(curl);
return 0;
}
package main
import (
"io"
"net/http"
"os"
)
func main() {
req, _ := http.NewRequest("GET", "https://mantis3-api.safelabs.com.br/events/example-event-id", nil)
req.Header.Set("x-api-key", "SUA_CHAVE_API")
resp, err := http.DefaultClient.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
io.Copy(os.Stdout, resp.Body)
}
import java.net.URI;
import java.net.http.*;
var client = HttpClient.newHttpClient();
var req = HttpRequest.newBuilder()
.uri(URI.create("https://mantis3-api.safelabs.com.br/events/example-event-id"))
.header("x-api-key", "SUA_CHAVE_API")
.GET()
.build();
HttpResponse<String> res =
client.send(req, HttpResponse.BodyHandlers.ofString());
System.out.println(res.body());
Ejemplos de cuerpo de respuesta