Qodex.ai

⚠️ Create Forwarder

POST {{cb_url}}/data_forwarder/v1/orgs/{{cb_org_key}}/configs

Use this call to create a new forwarder. The API will then make calls to check whether the Forwarder can write to the specified S3 Bucket using the configuration supplied. It will attempt to write a test message called healthcheck.json to the specified bucket. If the bucket is misconfigured (i.e. incorrect permissions, principle arn, etc.) or the configuration is incorrect (i.e. bucket prefix doesn’t match path specified in policy), the API will respond with a 400 error and message with information about what was incorrect and how to fix the issue.

If you want to forward both alert type data and endpoint.event type data, you should create a separate forwarder for each. The forwarder should be configured to send the data to its own subfolder in the S3 bucket using the S3 prefix property. The subfolder you configure will be automatically added to the S3 bucket.

RBAC Permissions Required

Permission (.notation name)Operation(s)
org.alertsREAD

Schema

FieldDefinitionData TypeValuesRequired
nameDefined name for the specific event or alert forwarderStringN/AYes
s3_bucket_nameConfigured unique name for s3 bucketStringN/AYes
s3_prefixDefined folder structure the forwarder will write events or alerts toStringN/AYes
typeThe datastream type that is to be forwarded.Stringendpoint.event, alertYes
filtersA list of filters to apply to the data being forwarded. Use only one of equals, not_equals, or match_any_bits per filter in the list. Only supported when type equals endpoint.eventArray[{ "attribute": "<string>", "equals": "<string>", "not_equals": "<string>", "match_any_bits": ["<string>", "<string>"]}]No

See Documentation

Request Body

{"name"=>"<string>", "s3_bucket_name"=>"<string>", "s3_prefix"=>"<string>", "type"=>"<string>", "filters"=>[{"attribute"=>"<string>", "equals"=>"<string>", "not_equals"=>"<string>", "match_any_bits"=>["<string>", "<string>"]}]}

HEADERS

KeyDatatypeRequiredDescription
Content-Typestring