APISync curl command gives 403 error while trying to pull out reports from Web Security Service (WSS).
Web Security Service
Splunk
The curl parameters '-u' is used for server login which is not what the portal expects.
To pull out reports from WSS, we just need the header value of X-APIUsername and X-APIPassword which is passed to WSS portal to start the downloading of logs.
The 401/403 error values are the response returned by Wss when we click he log sync URL by default.
CURL command:
curl -H "X-Requested-With:curl" -H "X-APIUsername:<api_username>" -H "X-APIPassword:<api_password>" "https://portal.threatpulse.com/reportpod/logs/sync?startDate=<time_in_miliseconds>&endDate=0&token=none"