Link Search Menu Expand Document

Overview

Panther exposes an HTTP API for submitting events programmatically from any HTTP client. This is the same endpoint used by the API Console when you click the Send button.

Authentication

For security, the API requires a valid API key in order to accept event data. These can be generated by users in the administration group from the admin page.

All event submission requests must include the key in the x-api-token request header:

x-api-token: <your-api-key>

POST /api/event/create

Creates or updates an event in Panther.

The request body must be a JSON object containing an event property.

Required fields

Field Type Description
node string The host name to associate with the event
summary string The event message body

Optional fields

Field Type Description
tag string Application or source identifier
severity integer (0–5) Event severity level; defaults to 1 if omitted

The following fields are reserved and will be rejected if present: _id, id, agent, group, tally, state_change, last_occurrence, first_occurrence.

Example request body

{
  "event": {
    "node": "webserver-01",
    "summary": "disk usage above 90%",
    "tag": "monitoring",
    "severity": 3
  }
}

curl example

curl -X POST https://panther.example.com/api/event/create \
  -H "Content-Type: application/json" \
  -H "x-api-token: <your-api-key>" \
  -d '{"event":{"node":"webserver-01","summary":"disk usage above 90%","tag":"monitoring","severity":3}}'

Success response (HTTP 200)

{
  "status": "ok",
  "message": "event created",
  "event": {
    "agent": "http"
  }
}

Error response

{
  "name": "error",
  "message": "Unauthorised"
}