GET /api/v1/rules/:name

Get full details of a specific detection rule by name.

Endpoint

GET /api/v1/rules/:name

Path Parameters

Parameter	Type	Description
`name`	string	Rule name (URL-encoded if needed)

Example Request

curl http://localhost:8000/api/v1/rules/high_value_transfer

Response

{
  "name": "high_value_transfer",
  "description": "Detect large ETH transfers",
  "condition": "tx.value > 100 ether",
  "output": "Large transfer: %tx.value_eth ETH",
  "priority": "WARNING",
  "enabled": true,
  "tags": ["high-value", "transfer"],
  "chains": ["ethereum"],
  "references": ["https://example.com/threat-intel"],
  "file_path": "./rules/default/high_value_transfers.yaml"
}

Response Fields

Field	Type	Description
`name`	string	Rule name (unique identifier)
`description`	string	Rule description
`condition`	string	Detection condition expression
`output`	string	Alert output template with placeholders
`priority`	string	Priority level (NOTICE, WARNING, CRITICAL)
`enabled`	boolean	Whether rule is enabled
`tags`	array	Rule tags for categorization
`chains`	array	Blockchain networks this rule applies to
`references`	array	Optional threat intelligence links
`file_path`	string	Optional path to rule file

Overview

Endpoints

GET /api/v1/rules/:name

Endpoint

Path Parameters

Example Request

Response

Response Fields

Overview

Endpoints

​Endpoint

​Path Parameters

​Example Request

​Response

​Response Fields

Endpoint

Path Parameters

Example Request

Response

Response Fields