Events are not getting forwarded thorugh push API

I am currently using the free trial of Bitdefender's EDR product and have configured push notifications as per the API documentation. I’ve subscribed to all available event types, and the API responds with a 200 status code and a "true" status.

However, after generating various events, including threats, malware, and incidents, only firewall-related events are being forwarded. Could someone help me understand the potential issue here? I’m wondering if this could be related to data generation, licensing limitations, or another factor. Has anyone encountered a similar issue, and if so, are there any known solutions?

Answers

  • Hello @madhav_pandya ,

    To troubleshoot the issue we would need to investigate it further with Enterprise Support.

    Can you please open a case and share the results for the following API calls getPushEventSettings and getPushEventStats which will help us understand where the issue relies.

    Enterprise Support Contact Form

    Kind Regards,

    Andrei

  • madhav_pandya
    edited October 16

    Sure. Opened the Support Case (ID : 00907483).

    These are the response of getPushEventSettings and getPushEventStats API.

    getPushEventStats API

    {
    "id": "ad12cb61-52b3-4209-a87a-93a8530d91cb",
    "jsonrpc": "2.0",
    "result": {
    "count": {
    "errorMessages": 124,
    "events": 195,
    "sentBytes": 0,
    "sentMessages": 0,
    "testEvents": 4
    },
    "error": {
    "configurationError": 0,
    "connectionError": 0,
    "serviceError": 0,
    "statusCode2xx": 124,
    "statusCode300": 0,
    "statusCode400": 0,
    "statusCode500": 0,
    "timeout": 0
    },
    "lastUpdateTime": "2024-10-16T12:43:07",
    "max": {
    "messageQueueBytes": 78808,
    "messageQueueLength": 67
    }
    }
    }

    getPushEventSettings API

    {
    "id": "3",
    "jsonrpc": "2.0",
    "result": {
    "serviceSettings": {
    "authorization": "********",
    "requireValidSslCertificate": false,
    "url": "dummy_url"
    },
    "serviceType": "jsonRPC",
    "status": 1,
    "subscribeToEventTypes": {
    "adcloud": true,
    "antiexploit": true,
    "aph": true,
    "av": true,
    "avc": true,
    "dp": true,
    "endpoint-moved-in": true,
    "endpoint-moved-out": true,
    "exchange-malware": true,
    "exchange-user-credentials": true,
    "fw": true,
    "hd": true,
    "hwid-change": true,
    "install": true,
    "modules": true,
    "network-monitor": true,
    "network-sandboxing": true,
    "new-incident": true,
    "partner-changed": false,
    "ransomware-mitigation": true,
    "registration": true,
    "security-container-update-available": true,
    "supa-update-status": true,
    "sva": true,
    "sva-load": true,
    "task-status": true,
    "troubleshooting-activity": true,
    "uc": true,
    "uninstall": true
    }
    }
    }