Generic Threat Sensor Integration Guide
Overview
The Generic endpoint allows you to integrate custom threat detection systems and infrastructure into NxtFireGuard.
Endpoint Details
- URL:
https://threat.collector.nxtfireguard.de/generic - Method:
POST - Content-Type:
application/json
Authentication
Authentication requires two headers, both obtainable from your NxtFireGuard dashboard:
| Header | Description |
|---|---|
X-AUTH_KEY | Your unique API authentication key |
X-SENSOR_NAME | Identifier for the sensor/system sending the threat data |
Request Format
Required Fields
All fields in the request body are required:
{
"source_ip": "::1",
"destination_ip": "127.0.0.1",
"destination_port": 443,
"protocol": "TCP",
"threat": "possible user enumeration attempt",
"criticality": 2
}
Field Specifications
| Field | Type | Description |
|---|---|---|
source_ip | string | Source IP address (IPv4 or IPv6) |
destination_ip | string | Destination IP address (IPv4 or IPv6) |
destination_port | integer | Destination port number |
protocol | string | Network protocol (e.g., TCP, UDP, ICMP) |
threat | string | Free-form description of the detected threat |
criticality | integer | Threat severity level (0-4) |
Criticality Levels
| Level | Severity | Description |
|---|---|---|
| 0 | Informational | Informational events |
| 1 | Low | Low severity threats |
| 2 | Medium | Medium severity threats |
| 3 | High | High severity threats |
| 4 | Critical | Critical threats requiring immediate attention |
For detailed guidance on selecting appropriate criticality levels, see: https://docs.nxtfireguard.de/docs/criticality-levels
Response
Success: HTTP 200 OK
Integration Example
cURL
curl -X POST https://threat.collector.nxtfireguard.de/generic \
-H "Content-Type: application/json" \
-H "X-AUTH_KEY: your_auth_key_here" \
-H "X-SENSOR_NAME: your_sensor_hostname" \
-d '{
"source_ip": "192.168.1.100",
"destination_ip": "10.0.0.50",
"destination_port": 22,
"protocol": "TCP",
"threat": "SSH brute force attempt detected",
"criticality": 3
}'
Support
For additional assistance or questions about integration:
- Documentation: https://docs.nxtfireguard.de
- Obtain credentials: NxtFireGuard Dashboard