Create SecurityEvents

curl --request POST \
  --url https://north.sh/api/v1/{source}/events \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "timestamp": "2026-01-10T14:30:00Z",
  "event_type": "authentication_failure",
  "user": "admin",
  "source_ip": "192.168.1.100",
  "destination_ip": "10.0.0.1",
  "message": "Failed login attempt",
  "severity": "medium"
}
'

{
  "success": true,
  "message": "Event already exists"
}

POST

api

{source}

events

Create SecurityEvents

curl --request POST \
  --url https://north.sh/api/v1/{source}/events \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "timestamp": "2026-01-10T14:30:00Z",
  "event_type": "authentication_failure",
  "user": "admin",
  "source_ip": "192.168.1.100",
  "destination_ip": "10.0.0.1",
  "message": "Failed login attempt",
  "severity": "medium"
}
'

{
  "success": true,
  "message": "Event already exists"
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

source

string

required

Body

application/json

Security event data - accepts any JSON structure

Security event data - accepts any JSON structure. The entire request body will be stored as event_data.

Response

Event already exists (duplicate detection)

success

boolean

Example:

true

message

string

Example:

"Event already exists"

Creates a new alert

⌘I

Preface

API

Create SecurityEvents

Authorizations

Path Parameters

Body

Response