Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/wazuh/wazuh-dashboard-plugins/llms.txt

Use this file to discover all available pages before exploring further.

The API Console provides an interactive interface for testing and exploring Wazuh API endpoints directly from the dashboard. It’s accessible through the Settings page under the API section.

Accessing the API Console

Navigate to Settings > API in the Wazuh Dashboard to access the API console interface.
1

Navigate to Settings

Click on the Wazuh icon and select Settings from the menu
2

Select API Tab

Click on the API tab to view configured API connections
3

Open Console

Select an API host and open the console interface

Making API Requests

The console supports all standard HTTP methods used by the Wazuh API:

GET Requests

Retrieve information from the Wazuh API: 
GET /agents
With query parameters: 
GET /agents?limit=10&offset=0&sort=+id

POST Requests

Create resources or perform actions: 
POST /agents
{
  "name": "new-agent",
  "ip": "192.168.1.100"
}

PUT Requests

Update existing resources: 
PUT /agents/001/group/webservers

DELETE Requests

Remove resources: 
DELETE /agents?agents_list=001,002&status=never_connected

Request Format

Requests in the console follow this format: 
<METHOD> <PATH>
<BODY (optional)>
METHOD
string
required
HTTP method: GET, POST, PUT, DELETE, PATCH
PATH
string
required
API endpoint path, starting with /. Query parameters can be included.
BODY
object
JSON request body for POST, PUT, and PATCH requests

Response Format

The console displays responses in a formatted JSON view: 
{
  "data": {
    "affected_items": [
      {
        "id": "001",
        "name": "agent-001",
        "status": "active"
      }
    ],
    "total_affected_items": 1,
    "total_failed_items": 0,
    "failed_items": []
  },
  "message": "All selected agents were returned",
  "error": 0
}
data
object
The main response data containing affected items and metadata
message
string
Human-readable description of the response
error
number
Error code (0 indicates success)

Common Endpoints

Here are some frequently used endpoints you can test in the console:

Agent Management

# List all agents
GET /agents

# Get specific agent details
GET /agents?agents_list=001

# Get agent summary by status
GET /agents/summary/status

# Restart an agent
PUT /agents/001/restart

Manager Information

# Get manager status
GET /manager/status

# Get manager configuration
GET /manager/configuration

# Get manager logs summary
GET /manager/logs/summary

Rules and Decoders

# List rules
GET /rules

# Get specific rule
GET /rules?rule_ids=1002

# List decoders
GET /decoders

# Get decoder files
GET /decoders/files

Security Configuration Assessment

# Get SCA checks for an agent
GET /sca/001

# Get SCA check details
GET /sca/001/checks/1000

Features

Auto-completion

The console provides intelligent auto-completion for:
  • API endpoint paths
  • HTTP methods
  • Common query parameters
  • Request body schemas

Request History

Access previously executed requests from the history panel:
1

View History

Click the history icon to view recent requests
2

Reuse Request

Click on a previous request to load it into the console
3

Clear History

Use the clear button to remove all history entries

Multi-host Support

Switch between different configured API hosts:
  1. Select the API host from the dropdown
  2. The console automatically uses the selected host’s credentials
  3. All requests are sent to the selected host

Error Handling

The console displays detailed error information when requests fail: 
{
  "data": {
    "title": "Permission Denied",
    "detail": "Permission denied: Resource type: agent:id"
  },
  "message": "Permission denied",
  "error": 4000
}

Common Error Codes

1000
error
Wazuh API internal error
2000
error
Wazuh API error (invalid request)
4000
error
Permission denied
6000
error
Wazuh daemon error

Programmatic Usage

While the console is designed for interactive use, you can also make programmatic API requests:

Client-Side (Public Plugin)

import { WzRequest } from '../../react-services';

// GET request
const response = await WzRequest.apiReq(
  'GET',
  '/agents/summary/status',
  {}
);

// POST request with body
const createResponse = await WzRequest.apiReq(
  'POST',
  '/agents',
  {
    name: 'new-agent',
    ip: '192.168.1.100'
  }
);

Server-Side (Server Plugin)

// In a route handler
router.post(
  {
    path: '/api/request',
    validate: {
      body: schema.object({
        method: schema.string(),
        path: schema.string(),
        body: schema.any(),
      }),
    },
  },
  async (context, request, response) => {
    const { method, path, body } = request.body;
    
    const result = await context.wazuh_core.api.client.asCurrentUser.request(
      method,
      path,
      body,
      { apiHostID: 'default' }
    );
    
    return response.ok({ body: result });
  }
);

Best Practices

Instead of fetching all data and filtering client-side, use query parameters:
# Good
GET /agents?status=active&limit=50

# Avoid
GET /agents
For large datasets, use offset and limit:
GET /agents?offset=0&limit=500
GET /agents?offset=500&limit=500
Verify user permissions before attempting operations:
GET /security/user/me
Query specific resources instead of retrieving all:
# Good
GET /agents?agents_list=001,002,003

# Less efficient
GET /agents

Wazuh API Reference

Official Wazuh API documentation

Server Routes

Dashboard plugin API endpoints

Authentication

API authentication methods

RBAC

Role-based access control