msiempy icon indicating copy to clipboard operation
msiempy copied to clipboard
verified publisher icon mfesiem

Transition to ESM API V2

Open tristanlatr opened this issue 5 years ago • 1 comments

Describe The whole library uses API V1 and the Private ESM API. Which is not a major issue, in any case the library will depend on private ESM methods.

Calls to ESM API should be edited inside PARAMS property ensuring the parameters stays the same (if they can)

See complete McAfee note about this: https://kc.mcafee.com/corporate/index?page=content&id=KB90289&locale=en_US

Also, not to forget, the session already handles "ESM API V1" changes across different SIEM versions with Session api_v property (can be 1 or 2) Not be confused with the ESM API v1 and v2 which are different. (It's confusing, should be changed). See #11 and #27

tristanlatr avatar Sep 10 '20 17:09 tristanlatr

The diff of the v1 and v2 API docs should help: https://mfesiem.github.io/docs/esm_api/diff-v1-v2.png

tristanlatr avatar Sep 12 '20 22:09 tristanlatr