API Overview
The Qevlar API is organized into several key areas:
- Launching Investigation: Send alerts to Qevlar AI for processing
- Review feedback: Request and retrieve automated investigations
-
Results Retrieval: Get detailed investigation reports and findings
API Reference for Alerts & Feedback Integration
Explore the following Swagger API for test and deployment.
Authentication
All API endpoints require authentication using Bearer tokens. Include your API token in the Authorization header:
Authorization: Bearer YOUR_API_TOKEN
Base URL
All API requests should be made to:
https://api.qevlar.com
Rate Limits
API requests are subject to rate limiting to ensure fair usage. Please refer to your subscription plan for specific limits.
Response Format
All API responses are returned in JSON format with appropriate HTTP status codes.
HTTP Status Codes Overview
5xx Server Errors
- 5xx codes correspond to server-side errors (crash, gateway error, etc.)
- In this case, no JSON is returned
- These errors indicate issues on the server side that are typically temporary
4xx Client Errors
- 401 Unauthorized: Missing, invalid, or expired authentication token
- 422 Unprocessable Entity: Validation error in the request payload
Response format for 4xx errors:
{
"details": "Error description"
}
2xx Success Codes
- 200 OK: Request succeeded
- 202 Accepted: Request accepted for async processing
Alert Endpoint Response Behavior
POST /alert (Creating an Alert)
When you submit an alert to Qevlar AI, you'll receive:
Success Response (202 Accepted):
{
"alert_id": "unique-alert-identifier",
"status": "PENDING"
}
This indicates the alert has been created and is queued for processing.
Error Response (4xx):
{
"details": "Error description"
}
GET /alert/{id} (Retrieving Alert Status)
When checking the status of an alert, the endpoint returns 200 OK for all successfully processed requests, but the response structure varies based on the alert's processing state:
Alert in Progress:
{
"details": {
"message": "Investigation in progress",
"status": "IN_PROGRESS",
"alert": {
...alert information
}
}
}
Alert Failed:
{
"details": {
"message": "Error message describing the failure",
"status": "FAILURE",
"alert": {
...alert information
}
}
}
Alert Completed Successfully:
{
...complete alert information and results
}
Note that even failed alerts return 200 OK as the HTTP status code. The actual processing status is indicated in the status field within the response body.