Getting 500 server error for Fireeye EX API endpoints

I tried getting email alerts data from Fireeye EX API but got 500 error. I even tried the simplest message trace API endpoint which only takes an auth header in a POST request but still getting the same 500 error.
Code below:

import request auth_header = { "Content-Type" : "application/json", "x-fireeye-api-key" : <api_key> } api_url = "https://etp.us.fireeye.com/api/v1/messages/trace/" response = requests.request("POST",api_url, headers=auth_header) print(response.status_code) print(response.headers) print(response.text)

Can anyone help in solving this issue if it is from my end? 500 seems it may be an from Fireeye’s side too.

Hey @ahmer07rewterz, firstly, welcome to our new developer community! I’m reaching out to our Email Security Cloud Edition team right now to find out what might be going on.

Have you used this endpoint previously, or is this your first time using it? Do other endpoints work, or do they all give you a 500 or other server error?

I tried two endpoints and got same error from both.

Hey @ahmer07rewterz, thanks for the quick reply. I’m going to reach out to the ETP team when they come online today (timezone differences) and I will find out what is going on.

Hey @ahmer07rewterz, one more follow-up question: Are you using FireEye EX within your own network or are you using FireEye Email Security Cloud Edition (Formerly ETP)?

I am using Email security cloud Edition. Thank you.

Any leads about it? Thanks.

Hello.

Would need some information to understand this more.
What does print(response.text) prints ?
Also, one of the response headers is ‘x-request-id’. Can you tell what is its value when you see 500 ?

Thanks.

print(response.text) prints “Internal Server Error”.
print(response.headers) prints below info:
“{‘Expect-CT’: ‘max-age=604800, report-uri=“https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct”’, ‘Content-Length’: ‘21’, ‘Set-Cookie’: ‘__cfduid=; expires=Fri, 20-Mar-20 07:54:21 GMT; path=/; domain=.fireeye.com; HttpOnly; SameSite=Lax; Secure’, ‘CF-Cache-Status’: ‘DYNAMIC’, ‘Vary’: ‘Accept-Encoding’, ‘Server’: ‘cloudflare’, ‘Connection’: ‘keep-alive’, ‘Date’: ‘Wed, 19 Feb 2020 07:54:22 GMT’, ‘CF-Ray’: ‘5676ac194ecea952-SIN’, ‘Content-Type’: ‘text/plain; charset=utf-8’}”

Hi

Are you still facing this issue?

Yes. I am facing this issue for at least a day now.

Hi.

The issue is not reproducible with our internal test scripts.
To further help in debugging, we would need some more information from you.

  1. Can you try re-copying the api key from the IAM console (console.us.fireeye.com) and run the curl again ? Also try creating a fresh api key (keep the old one until debugging is done)

  2. With /api/v1/alerts endpoint too you are facing the same error ?

  3. Is it okay for you to share the api key once we have 1:1 chats enabled? (@jordan.violet is exploring ways to enable 1:1 chats in the forum) It is always possible to delete the key and create a fresh one.

Thanks

Hi @ahmer07rewterz. You should receive a request for a secure file upload shortly. You can use this to securely share your API key with us. Once you share the key via that secure method, I will share it with @nikunj.badjatya for analysis.

@ahmer07rewterz, please let me know once you’ve initiated the secure file transfer so we can look into your request.

Hi Jordan,
My issue is solved. I created another API key and it is working fine. I mistakenly missed a part of API key. Sorry for inconvenience. Well, it should have given 4xx error for invalid credential but it gave 5xx which raised concerns. Thanks again.

@ahmer07rewterz glad to see you resolved this. You’re, right. The API should have given a 401 Unauthorized, which would have made this much easier to resolve. @nikunj.badjatya can you please pass this issue along to your team so we can get the API updated?