Overview
Panther exposes an HTTP API for submitting events programmatically from any HTTP client. This is the same endpoint used by the API Console when you click the Send button.
Authentication
For security, the API requires a valid API key in order to accept event data. These can be generated by users in the administration group from the admin page.
All event submission requests must include the key in the x-api-token request header:
x-api-token: <your-api-key>
POST /api/event/create
Creates or updates an event in Panther.
The request body must be a JSON object containing an event property.
Required fields
| Field | Type | Description |
|---|---|---|
node | string | The host name to associate with the event |
summary | string | The event message body |
Optional fields
| Field | Type | Description |
|---|---|---|
tag | string | Application or source identifier |
severity | integer (0–5) | Event severity level; defaults to 1 if omitted |
The following fields are reserved and will be rejected if present: _id, id, agent, group, tally, state_change, last_occurrence, first_occurrence.
Example request body
{
"event": {
"node": "webserver-01",
"summary": "disk usage above 90%",
"tag": "monitoring",
"severity": 3
}
}
curl example
curl -X POST https://panther.example.com/api/event/create \
-H "Content-Type: application/json" \
-H "x-api-token: <your-api-key>" \
-d '{"event":{"node":"webserver-01","summary":"disk usage above 90%","tag":"monitoring","severity":3}}'
Success response (HTTP 200)
{
"status": "ok",
"message": "event created",
"event": {
"agent": "http"
}
}
Error response
{
"name": "error",
"message": "Unauthorised"
}