Create Destination

Route

/v2/streaming/destinations

Description

Create a new streaming destination for real-time data export. Destinations are HTTPS endpoints that receive streamed data from Cyberhaven.

Method

POST

Inputs

Parameter	Type	Required	Description
name	string	Yes	Destination name (max 100 characters)
description	string	No	Destination description (max 500 characters)
type	string	Yes	Destination type (must be "https")
format	string	Yes	Data format (json, json_lines)
encoding	string	No	Encoding type (none, gzip) - defaults to none
https_config	object	Yes	HTTPS configuration object

HTTPS Config Object

Field	Type	Required	Description
uri	string	Yes	HTTPS endpoint URL
headers	object	No	Custom HTTP headers
timeout_seconds	integer	No	Request timeout (1-300 seconds, default 30)

Request Example

{
  "name": "SIEM Integration",
  "description": "Stream to Splunk SIEM",
  "type": "https",
  "format": "json_lines",
  "encoding": "gzip",
  "https_config": {
    "uri": "https://splunk.company.com/services/collector/event",
    "headers": {
      "Authorization": "Splunk your-token-here"
    },
    "timeout_seconds": 60
  }
}

Output

Field	Type	Description
id	string	Unique destination identifier
name	string	Destination name
description	string	Destination description
type	string	Destination type
format	string	Data format
encoding	string	Encoding type
https_config	object	HTTPS configuration details
created_at	string	Creation timestamp (ISO 8601)
updated_at	string	Last update timestamp (ISO 8601)

Rate Limit

• 60 requests per minute per API key
• 5 concurrent requests per endpoint

Example Response

{
  "id": "dest-456",
  "name": "SIEM Integration",
  "description": "Stream to Splunk SIEM",
  "type": "https",
  "format": "json_lines",
  "encoding": "gzip",
  "https_config": {
    "uri": "https://splunk.company.com/services/collector/event",
    "timeout_seconds": 60
  },
  "created_at": "2024-01-15T10:30:00Z",
  "updated_at": "2024-01-15T10:30:00Z"
}