Crowny Security Platform v1.0 — 24 Endpoints
http://localhost:9500 (Docker) 또는 자체 배포 주소Authorization: Bearer <token> 또는 X-API-Key: <key>CROWNY_API_KEY_HASH 미설정 시 인증 없이 사용 가능
curl -X POST http://localhost:9500/api/v1/auth/token \
-H 'Content-Type: application/json' \
-d '{"client_id": "my-app", "api_key": "your-api-key"}'
# Response: {"token": "eyJ...", "expires_in": 86400}
curl -X POST http://localhost:9500/api/v1/events \
-H 'Content-Type: application/json' \
-d '{"source":"192.168.1.50","type":"login_failure","severity":3,"detail":"Invalid password","tags":["auth"]}'
# Response: {"ingested":1,"results":[{"id":1,"analysis":{"iocMatch":null,"ruleHits":[],"anomaly":null}}]}
?type=login_failure&source=10.0.0.1&severity_min=3&since=1713000000000&limit=50&offset=0?status=open (open/acknowledged/resolved/false_positive)curl -X PATCH http://localhost:9500/api/v1/alerts/1 \
-H 'Content-Type: application/json' \
-d '{"status":"acknowledged","assignee":"admin","notes":["조사 시작"]}'
curl -X POST http://localhost:9500/api/v1/iocs \
-H 'Content-Type: application/json' \
-d '{"type":"ip","value":"203.0.113.66","threat_name":"APT-CrownyHunter","severity":5,"tags":["apt","c2"]}'
?type=ipcurl -X POST http://localhost:9500/api/v1/iocs/match \
-H 'Content-Type: application/json' \
-d '{"indicators":["203.0.113.66","10.0.0.1","evil.com"]}'
curl -X POST http://localhost:9500/api/v1/rules \
-H 'Content-Type: application/json' \
-d '{"name":"Port Scan","window_sec":60,"conditions":[{"event_type":"port_scan","min_count":5}],"severity":4}'
curl -X POST http://localhost:9500/api/v1/webhooks \
-H 'Content-Type: application/json' \
-d '{"url":"https://slack.example.com/hook","events":["alert"],"secret":"my-hmac-secret"}'
curl http://localhost:9500/health
# {"status":"healthy","version":"1.0.0","uptime":3600}
# 1. Docker 배포
docker compose -f docker/docker-compose.yml up -d
# 2. 토큰 발급 (demo 모드)
TOKEN=$(curl -s -X POST http://localhost:9500/api/v1/auth/token \
-H 'Content-Type:application/json' \
-d '{"client_id":"demo"}' | jq -r '.token')
# 3. 이벤트 수집
curl -X POST http://localhost:9500/api/v1/events \
-H "Authorization: Bearer $TOKEN" \
-H 'Content-Type:application/json' \
-d '{"source":"10.0.0.1","type":"login_failure","severity":3,"detail":"invalid password"}'
# 4. 대시보드 확인
open http://localhost:9500/
# 5. Node SDK
npm i @crowny/security-sdk
node -e "const C=require('@crowny/security-sdk');new C().health().then(console.log)"