Wazuh API Client

The WazuhApiClient class is a collection of methods which abstract Wazuh API endpoints. Instead of returning raw dictionaries derived from an endpoint’s json response, these methods translate the received data into well documented python objects.

Interaction with the Wazuh API is being handled through the underlying WazuhApiClient class. This ensures that the (re)authentication does not require manual intervention and that rate limits won’t be exceeded.

Supported Endpoints

Endpoint Group	Supported since version
API Info	1.0.0
Active-response	1.0.0
Agents	~1.0.0 (partially supported)
Ciscat	Not Supported
Cluster	Not Supported
Decoders	Not Supported
Events	Not Supported
Experimental	Not Supported
Groups	Not Supported
Lists	Not Supported
Logtest	Not Supported
Manager	Not Supported
Mitre	Not Supported
Overview	Not Supported
Rootcheck	Not Supported
Rules	Not Supported
Sca	Not Supported
Security	Not Supported
Syscheck	Not Supported
Syscollector	Not Supported
Tasks	Not Supported

Capabilities

• API Info
  • api_info_get
• Active-Response
  • active_response_run_command
• Agents
  • agent_delete
  • agents_list
  • agent_add
  • agent_get_active_configuration_raw
  • agent_get_agent_anti_tampering_configuration
  • agent_get_agent_buffer_configuration
  • agent_get_agent_client_configuration
  • agent_get_agent_internal_configuration
  • agent_get_agent_labels_configuration
  • agent_get_com_internal_configuration
  • agent_get_com_logging_configuration
  • agent_get_logcollector_internal_configuration
  • agent_get_logcollector_localfile_configuration
  • agent_get_logcollector_socket_configuration
  • agent_get_syscheck_internal_configuration
  • agent_get_syscheck_rootcheck_configuration
  • agent_get_syscheck_configuration
  • agent_get_wmodules_configuration

On this page