APSolute Vision 4.20 REST API

Table of ContentsOverview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Accessing the APSolute Vison REST API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Asynchronous Operations in the APSolute Vison REST API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

RTU License Enforcement in REST API: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Version information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

URI scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

APM-Aggregations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Get Aggregation List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

APM-Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Get Application List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

APM-ConfiguredAlerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Get Alert Configuration List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

APM-RawEventDetails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Get Raw Event Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

APM-TriggeredAlerts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Get Triggered Alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

General-DeviceByIpConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Delete Network Protection Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Upgrading DefensePro Device Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Delete Server Protection Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Get Device Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Export Network Policy from Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Export Server Policy from Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Get Device Configuration File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Update Device Scalar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Upload Software to Alteon Device. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Delete Device Table Row . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Get Device Table Row . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Edit Device Table Row . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Add Device Table Row . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

General-DeviceByIpConfigV2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Upload Certificate to Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Upload File to Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Send DNS Key to Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Update Device Scalar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Update a single variable (scalar) values on the leading device and on all specified devices . . . . . . 41

Delete Table Row from Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Edit Table Row on Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Add Table Row to Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Get Device Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Delete Device Table Row . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Get Device Table Row . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Edit Device Table Row . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Add Device Table Row . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

General-MassOperationsConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

Upload File to Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

Export Network Policy from several devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Get Result of Export operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Delete White List Files from Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

Perform Update Policies on Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Upload the DNS Key file to the specified devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

Get Capture Files from Alteon Devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

Export Server Policy from several devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Manage vADC List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Upload Certificate to Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Upload Subdomains Whitelist File to specified devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Get Configuration Files from Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80

Perform Revert on Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Perform Revert Apply on Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82

Get Capture Files from DefensePro Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

Delete Table Row from Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

Edit Table Row on Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Add Table Row to Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Update Scalar on Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Perform Save on Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

Perform Apply on Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

Get White List Files from Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

General-SystemAdminScripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Get Admin Script Source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

Execute Admin Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Get Admin Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100

Get Admin Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

General-SystemAdminScriptsV2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

Get Admin Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

Execute Admin Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

Get Admin Script Source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

Get Admin Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

General-SystemConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Upload Policy Template to Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Perform Action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106

General-SystemConfigItemList . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

Get Alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

Get Alteon Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Get Alert Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Create Alert Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

Get Alert Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

Create Alert Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

Create SNMP Trap Target . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

Get Toolbox Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115

Get Alert Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

Update Alert Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Get Local User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Update Local User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Get Managed Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

Get Local Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

Create Local User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Get AppWall Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Get Alert Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Update Alert Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

Delete an Item from the Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122

Get Logical Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

Get LinkProof NG Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

Download Policy Templates from Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

Get DefensePro Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Get Alerts By TrapIds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

General-SystemConfigTree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

Lock Device. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127


Get Site by Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

Get Device Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

Delete Logical Group by Id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Get Logical Group by Id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Delete Logical Group by name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Get Logical Group by Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

Unlock Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

Update Logical Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Create Logical Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Get Site by Id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135


Add Device to the Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

General-SystemMonitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Get Alerts By TrapIds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Get Alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

General-SystemUser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Server Login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141

Server Logout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

SecurityMonitoring-AttackDetails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Get Behavioral DoS Attack Details: Characteristics Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Get Behavioral DoS (TCP) Attack Details: Attack Statistics Chart Section . . . . . . . . . . . . . . . . . . . . . . 144

Get Sampled Data CSV File Token . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

Get Cracking Attack Details: Scan Details Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

Get Anti-Scanning Attack Details: Info Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Download Capture File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

Check Capture File Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

Get Cracking Attack Details: Info Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

Get Behavioral DoS Attack Details: Attack Statistics Graph Section . . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Get Behavioral DoS Attack Details (TCP): Attack Statistics Table tab . . . . . . . . . . . . . . . . . . . . . . . . . . 149

Get DoS Attack Details: Info Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Get Anti-Scanning Attack Details: Footprint Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Get Info Section, Region Field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Get DNS Attack Details: Footprint Section. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152

Get DNS Attack Details: Attack Statistics Table Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Get SYN Flood Attack Details: Info Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

Get Behavioral DoS Attack Details: Attack Statistics Table Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

Get Cracking Attack Protection Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

Get DNS Attack Details: Attack Statistics Graph Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

Get HTTP Attack Details: Attack Statistics Table Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

Get HTTP Attack Details: Info Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

Get Anti-Scanning Attack Details: Scan Details Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158

Get Behavioral DoS Attack Details: Attack Sampled Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158

Get HTTP Attack Details: Blocked Users Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

Get Behavioral DoS Attack Details: Footprint Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

Get : Characteristics Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

SecurityMonitoring-BDoS-Baseline-DefenseFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

Get Behavioral DoS Traffic Monitoring Report, Statistics Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

Get BDoS Traffic Monitoring Report, BDoS Traffic Statistics Section . . . . . . . . . . . . . . . . . . . . . . . . . . 162

SecurityMonitoring-CsvDownload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

Download CSV File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162

SecurityMonitoring-Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163

Get Device Properties for Monitored Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163

Get Basic Device Properties for Monitored Device List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164

SecurityMonitoring-DnsTopTalkersMonitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164

Get the Top-10 FQDNs for a specified period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164

Get the FQDN hit-count trend . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165

SecurityMonitoring-HttpReports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

Get HTTP Request Size Distribution Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

Get Continuous Learning Statistics reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

Get Hour-Specific Learning Statistics Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

SecurityMonitoring-HttpServers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

HTTP servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

SecurityMonitoring-ProtectionMonitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

Get DNS Traffic Monitoring Report, Last Sample Statistics Section . . . . . . . . . . . . . . . . . . . . . . . . . . . 169

Get Traffic Monitoring Report and Traffic Statistics Section (part 3) . . . . . . . . . . . . . . . . . . . . . . . . . . 169


Get Bdos Traffic Monitoring Report, Last Sample Statistics Section . . . . . . . . . . . . . . . . . . . . . . . . . . . 171

Get Attack Status Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172




SecurityMonitoring-SecurityDashboard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175

Get Current Attacks Table and Ongoing Attacks Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175

Get Attack Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176

Get Drop intensity Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

Download Security Attacks CSV. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177

SecurityMonitoring-SecurityDashboard-DefenseFlow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178

Download SecurityAttacks Table as CSV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178

Get DefenseFlow Ongoing BDoS Traffic Monitoring ReportAttack Monitor Drop Intensity 179

Information

Get DefenseFlow Current Attacks Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179

SecurityMonitoring-TrafficMonitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180

Get Connection Rate Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180

Get Traffic Utilization Report, Last Sample Statistics Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181

Get Traffic Utilization Report, Traffic Statistics Section . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

Get Concurrent Connections Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

Get Traffic Utilization Report, Traffic Authentication Statistics Section . . . . . . . . . . . . . . . . . . . . . . . 183

SecurityMonitoring-TrafficMonitoring-DefenseFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184

Get DefenseFlow Traffic Utilization Report, Last Sample Statistics Section . . . . . . . . . . . . . . . . . . . . 184

Get DefenseFlow Traffic Utilization Report, Traffic Statistics Section . . . . . . . . . . . . . . . . . . . . . . . . . 185

Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

AdminScriptPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

Alert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186

AlertProfilePojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187

AlertRulePojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

AlertSeverityPercentage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

AlertsInfoDto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190

AntiScanningDetails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190

AntiScanningFootprint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

ApmServerConfiguredOnDevice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

ApplicationsList . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

BdosAttackStatusResult . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

BigInteger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

BlockedUser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

BlockingDetails. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

CellDto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

Characteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

ConcurrentConnection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

ConcurrentConnectionChartValue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

ConnectionRateResult. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198

CsvConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198

CurrentAttack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198

DFBDosRealTimeEdge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202

DFGeneralRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

DFProtectionSimpleRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

DFReportScope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

DetailsRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

DeviceAccess . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205

DeviceDriver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207

DeviceExportedFile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

DeviceMapResponse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

DeviceSetup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

DeviceStatus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210

DnsCharacteristics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211

DnsFootprint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212

DnsSampleStatisticsRow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213

DnsStatistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214

DocumentationCurrentAttacksResponse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

DocumentationSampleDataResponse. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

Dos. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

DpmVirtualService . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

EdgeResult . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

EmailTemplate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

Event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217

EventDetails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218

EventSample . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

Footprint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

GeneralRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220

Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221

HourData . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222

HttpFloodInfo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222

HttpReportStatistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223

HttpStatistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225

Intensity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

LogicalGroupDtoContainerPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

LogicalGroupMemberDtoPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

LogicalGroupPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228

ManagedElementIdentifierPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228

Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228

MultipartFormDataInput . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228

NetworkFqdnRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228

NetworkProtectionRuleIdPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

NetworkProtectionRulePojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

NetworkRuleRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230

Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230

ProtectDetails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230

ProtectEvent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231

ProtectedObject . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232

RadwareRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232

RateResult . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232

RegionRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232

ReportRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232

ReportScope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

RowDto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

SNMPTrapTargetPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

SampleData . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235

SampleStatisticsRow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236

Sensitivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238

Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238

ServersRequest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238

SharepathServer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238

SiteElementContainerAbs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239

SitePojo. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240

SiteTreeNodeIfc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240

SlaWatch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240

SlaWatchListWrapper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242

SlaWatchSeverityPercentage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242

Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243

SortObject . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243

Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243

StatisticsTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244

StatisticsTableRow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244

StatisticsTableRowTcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244

SynFlood . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245

TableDto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

TableResponse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

ThinDeviceTransformerDTO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

ThinLogicalGroupDto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247

ThinSiteTransformerDTO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248

ThresholdAlert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248

ThresholdAlertList . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250

Timeframe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250

TopTalkerTotalHitsValue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250

TrafficAuth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251

TrafficUtilizationChartValue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251

TrafficUtilizationTableRow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252

TrafficUtilizationValue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252

TriggeredAlert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253

TriggeredAlertList . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

UserContactInfoPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

UserPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

UserSettingsPojo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

VirtualService . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256

WrappedString . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

OverviewThis reference guide provides a description of the APSolute Vision REST API for software version 4.20, May 2019.

Accessing the APSolute Vison REST APIFor information on how to log in to APSolute Vison REST API, see the section “General-SystemUserServer Login.”

After you log in to APSolute Vision successfully, the JSON response of the Vision REST API includes theJSESSIONID.

The JSESSIONID is used for the authentication and authorization (RBAC) of the logged-in user.

For every REST API request to APSolute Vison, the JSESSIONID must be set in the Cookie header field(for example, Cookie:"JSESSIONID=FC90B1D581A7F9735372B9286F1B57D6").

Asynchronous Operations in the APSoluteVison REST APISome APSolute Vison REST API operations are asynchronous. The APSolute Vison REST API responsefor asynchronous operations includes the Status Code 202 Accepted.

For every APSolute Vison REST API request, APSolute Vison assigns a unique ID. This ID tracks thestatus of the operation.

Part of the APSolute Vison REST API response is the Location header, which refers to the REST APIcommand for tracking the status.

Example: Location: https://172.17.151.26/mgmt/asyncoperations/status/82520725, where the ID is82520725.

While the operation is in progress, the status API returns Status Code 200 OK.

When the operation finishes, the status API returns Status Code 303 See Other, and the Location headerrefers to the command for fetching the operation result.

Example: Location: https://172.17.151.26/mgmt/asyncoperations/result/82520725 The result commandfetches the relevant response code and body.

1

https://172.17.151.26/mgmt/asyncoperations/status/82520725

https://172.17.151.26/mgmt/asyncoperations/result/82520725

RTU License Enforcement in REST API:The RTU license pool in APSolute Vision determines the maximum number of supported physical andvirtual devices that the APSolute Vision server can manage.

When the number of devices managed by APSolute Vision exceeds the number of permitted devices bythe RTU license pool, APSolute Vision enforces RTU licenses:

APSolute Vision allows you to manage only the number of devices corresponding to the RTU licensepool.

The RTU license status of the devices that are not covered by the RTU license pool is invalid.

APSolute Vision randomly selects which managed devices have the invalid status.

You cannot configure devices whose RTU license status is invalid.

For more details refer to the APSolute Vision Release Notes.

Version informationVersion: 1.0

URI schemeSchemes: HTTPS

Resources

APM-Aggregations

Get Aggregation List

GET /mgmt/monitor/apm/aggregation

Parameters

Type Name Description Required Schema Default

QueryParameter

startTime Linux epochtime UTC, inmilliseconds.

true string

2


QueryParameter

endTime Linux epochtime UTC, inmilliseconds.

true string

QueryParameter

sliceSize Resolution ofthe returnedaggregationslices, out ofSPS_1M,SPS_5M, andSPS_3H - for,one minute,five minutes,and threehours,respectively. Ifnot specified,the serverchooses theappropriateslice size.

false string

QueryParameter

groupBy Comma-delimited listof groupings toperform ondata, includinglocation, area,transaction,application,and date.

false string date

QueryParameter

desktop Values: true -Returns enduser data.false - Returnsdatacenterdata.

false string false

3


QueryParameter

retrieveStdDev Values: true -Calculates thestandarddeviation ofthe data slicesof end-userdata. false -Calculates thestandarddeviation ofthe data-centerdata.

false string false

QueryParameter

applicationNames

Comma-delimited listof applicationsto filter.

false string

QueryParameter

withSla Values true -Returns datawith definedSLA only. false- Returns alldata.

false string

QueryParameter

limit Number ofaggregationslices to return.Values: 0 -9999999

false integer (int32)

4


QueryParameter

props Comma-delimited listof dataproperties toreturn inslices. Thefollowing fieldsare alwaysreturned:aggDate,volume . Therest of thefields arefilterable. Ifprops is set tonull, empty, ornot provided,all data fieldsprovided.

false string

Responses

HTTP Code Description Schema

200 success SlaWatchListWrapper

401 Not logged in No Content

APM-Applications

Get Application List

GET /mgmt/system/config/apm/application

Parameters


QueryParameter

id Requests anapplication ID(for a specificapplication).


5


QueryParameter

name Requests anapplicationname (for asubset ofapplications).

false string

QueryParameter

description Requests anapplicationdescription(for a specificapplication).

false string

QueryParameter

order Sort by fieldname(description\name + asc\desc).

false string

QueryParameter

limit Maximumnumber ofrecords todisplay.


QueryParameter

offset Offset ofrecords to startfrom.


QueryParameter

props Comma-delimited listof properties toreturn. Thefollowing fieldsalways arereturned: id,name. Refer totheApplicationsList class forfields.

false string

Responses


200 success ApplicationsList


6

APM-ConfiguredAlerts

Get Alert Configuration List

GET /mgmt/system/config/apm/alert/sla

Parameters


QueryParameter



QueryParameter

props Comma-delimited listof fields toreturn. Thefollowing fieldsare alwaysreturned: id,alertTypeName, enabled,timeframe,parentName,statusName.


Responses


200 success ThresholdAlertList


APM-RawEventDetails

Get Raw Event Details

GET /mgmt/monitor/apm/rawEventDetails?id={id}

Parameters

7


QueryParameter

id Request eventID.

true string

Responses


200 success EventDetails


APM-TriggeredAlerts

Get Triggered Alerts

GET /mgmt/monitor/apm/alert/triggered

Parameters


QueryParameter



QueryParameter

props Comma-delimited listof fields toreturn. Thefollowing fieldsalways arereturned: idalertTypeNameenabledtimeframeparentNamestatusName

false string

QueryParameter

startTime Linux epochtime, inmilliseconds.

true string

QueryParameter

endTime Linux epochtime, inmilliseconds.

true string

8


QueryParameter

arr_app_id Comma-delimited listof applicationIDs.

false string

QueryParameter

alertStatus Comma-delimited listof statuses.Values: OK,WARNING,ERROR

false string

QueryParameter

alertType Comma-delimited listof statuses.Values: SLA,SYS_HEALTH,APP_HEALTH

false string

Responses


200 success TriggeredAlertList


General-DeviceByIpConfig

Delete Network Protection Policy

POST /mgmt/device/byip/{deviceIp}/config/deletenetworktemplate

Description

Deletes the Network Protection policy configuration from the DefensePro device.Error case:

If the network protection was added but the Update Policies operation was not performed on theDefensePro device, the APSolute Vision server returns a device error message:

Configuration template delete failed due to validation error. Delete of server failed. The name of thesever is invalid.

The following is an example of a request deleting the Network Protection configuration template from

9

a DefensePro device:

Path: https://VisionIP/mgmt/device/byip/10.205.193.120/config/deletenetworktemplate?PolicyName=test3&UpdatePolices=on

Parameters


HeaderParameter

headers The originalrequest HTTPheaders.

true ref

PathParameter uriInfo The requestURI.

true ref

PathParameter deviceIp The IP addressof themanageddevice.

true string

Responses


200 On success, the response is aJSON in the following format:{ "status" : "ok" }

No Content

500 On failure, the response is aJSON in the following format{"status": "error","message": "Message Text…"}

No Content

Produces

• application/octet-stream

• application/json

Upgrading DefensePro Device Software

POST /mgmt/device/byip/{deviceIp}/config/updatesoftware

10

https://Vision

Description

Upgrades DefensePro Device Software.

Parameters


PathParameter deviceIp true string

BodyParameter

body false MultipartFormDataInput

QueryParameter

fileName The name ofthe file toupload.

true string

QueryParameter

softwareVersion

The softwareversionnumber asspecified in thenew softwaredocumentation.

true string

QueryParameter

genpassauto SpecifieswhetherAPSoluteVisiongenerates thepasswordautomaticallyafter verifyingthat the devicehas a validsupportagreement.

true boolean

QueryParameter

pass The passwordreceived withthe newsoftwareversion. Thepassword iscase sensitive.

true string

Responses

11


200 On success, the response is aJSON in the following format:{"status" : "ok"}

No Content


No Content

Consumes

• multipart/form-data

Produces

• text/plain


Delete Server Protection Policy

POST /mgmt/device/byip/{deviceIp}/config/deleteservertemplate

Description

Deletes the Server Protection Configuration Template from the DefensePro device.Use cases:

If the policy was added but the Update Policies operation was not performed on the DefensePro device.The APSolute Vision server returns the error from a device:

Configuration template delete failed due to validation error. Delete of server failed. The name of thesever is invalid.

The following is an example of a request deleting the Server Protection configuration template fromthe DefensePro device:

Path: https://VisionIP/mgmt/device/byip/10.205.193.120/config/deleteservertemplate?ServerName=DiTest&UpdatePolicies=on

12

https://Vision

Parameters


HeaderParameter


true ref


true ref


true string

Responses



No Content


No Content

Produces


Get Device Table

GET /mgmt/device/byip/{deviceIp}/config/{tableName}

Description

Retrieves the table content from the device.Query parameters:"offset" - The index in the table to start retrieving from. When this optional parameter is not specified,the table from the beginning is returned."count" - Optional parameter specifying a maximum number of rows to retrieve."props" - Optional parameter specifying a list of columns, separated by commas.

13

Use cases:

If query parameters are not provided, the whole table is returned (with device limitations for themaximum rows that can be returned in REST)If the path parameter is not provided, the HTTP 500 error code is returned with the error message.When a table does not contain rows, the empty JSON is returned.

The following is an example of a request retrieving the first 50 rows from the "Network ProtectionPolicies" table:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsIDSNewRulesTable?offset=SGNS-Global-2&count=50&props=rsIDSNewRulesName,rsIDSNewRulesState,rsIDSNewRulesSource,rsIDSNewRulesDestination,rsIDSNewRulesPortmask,rsIDSNewRulesDirection,Vlan_MPLSRD_TagGroup,rsIDSNewRulesVlanTagGroup,rsIDSNewRulesMPLSRDGroup,Profiles,rsIDSNewRulesProfileNetflood,rsIDSNewRulesProfileDNS,rsIDSNewRulesProfileScanning,rsIDSNewRulesProfileStateful,rsIDSNewRulesProfileAppsec,rsIDSNewRulesProfileConlmt,rsIDSNewRulesProfileSynprotection,rsIDSNewRulesProfilePPS,rsIDSQuarantineStatusInPolicy,rsIDSNewRulesAction,rsIDSNewRulesPacketReportingStatus,rsIDSNewRulesPacketReportingEnforcement,rsIDSNewRulesPacketTraceStatus,rsIDSNewRulesPacketTraceEnforcement,

The following is an example of a request retrieving the first 50 rows from the "Server ProtectionPolicies" table:

Path: https://Vision IP/mgmt/device/byip/{DeviceIP}/config/rsIDSServerTable?count=50&props=rsIDSServerName,rsIDSServerIPRange,rsIDSServerState,rsIDSServerHTTPProfile,rsIDSServerIPSProfile,rsIDSServerVlanTagGroup,rsIDSServerPacketReportStatus,rsIDSServerPacketReportEnforcement,rsIDSServerPacketTraceStatus,rsIDSServerPacketTraceEnforcement

Parameters


HeaderParameter


true ref


true string

14

https://Vision

https://Vision


PathParameter tableName The name ofthe devicetable.

true string

Responses


200 success TableDto array


No Content

Produces


Export Network Policy from Device

GET /mgmt/device/byip/{deviceIp}/config/getnetworktemplate

Description

Error case:

If the Network Protection policy was created but the Update Policies operation was not yet performedon the DefensePro device, an error message is returned:

Configuration template import failed due to validation error. Import of network failed. The name ofthe network is invalid.

The following is an example of a request to export a network protection configuration template fromthe DefensePro device to the APSolute Vision database:

Path: https://Vision IP/mgmt/device/byip/DeviceIP/config/getnetworktemplate?PolicyName=guy&ExportConfiguration=on&ExportBaselineDNS=on&ExportBaselineBDoS=on&saveToDb=true&fileName=172.16.22.20_guy_2015.11.17_16.48.53

Query parameterse:

PolicyName - The name of the Network Protection policy.

15

https://Vision

ExportConfiguration - Flag to indicate whether to export the configuration. Values: on / off.ExportBaselineDNS - Flag to indicate whether to export the DNS baseline. Values: on / off.ExportBaselineBDoS - Flag to indicate whether to export the BDoS baseline. Values: on / off.saveToDb - Flag to indicate whether to save the template to the APSolute Vision database, or to thelocal OS. Values: true / false. Use "true" to store the file in the APSolute Vision database. Use "false" tostore it on the local OS.fileName - The name of the file to be stored in APSolute Vision database. Additionally this name can beused for importing or deleting the configuration template from the device.

Parameters


HeaderParameter


true ref


true ref


true string

Responses



No Content


No Content

Produces



Export Server Policy from Device

16

GET /mgmt/device/byip/{deviceIp}/config/getservertemplate

Description

Error case:

If the Server Protection policy was created but the Update Policies operation was not yet performed onthe DefensePro device, an error message is returned

Configuration template import failed due to validation error. Import of server failed. The name ofthe server is invalid.

The following is an example of a request to export a server protection configuration template from theDefensePro device to the APSolute Vision database:

https://Vision IP/mgmt/device/byip/DeviceIP/config/getservertemplate?ServerName=DC_FTP_Servers&ExportConfiguration=on&ExportBaselineHttp=on&saveToDb=true&fileName=172.16.22.21_DC_FTP_Servers_2015.11.17_17.23.55

Query parameters:

ServerName – The name of the Server Protection policy.ExportConfiguration - Flag to indicate whether to export the configuration. Values: on / off.ExportBaselineHttp - Flag to indicate whether to export the HTTP baseline. Values: on / off.saveToDb - Flag to indicate whether to save the template to the APSolute Vision database, or to thelocal OS. Values: true / false. Use "true" to store the file in the APSolute Vision database. use "false" tostore it on the local OS.fileName - The name of the file to be stored in APSolute Vision database. Additionally this name can beused for importing or deleting the configuration template from the device.

Parameters


HeaderParameter


true ref


true ref


true string

17

https://Vision

Responses



No Content


No Content

Produces



Get Device Configuration File

GET /mgmt/device/byip/{deviceIp}/config/getcfg

Description

Retrieves the device configuration file to the client computer or to the APSolute Vision server.

Query parameters:saveToDb - Values: true, false. Default: false.includePrivateKeys - Possible values are "true" or "false". The default is "false".passphrase - The password for the private keys encryption. Relevant for "includePrivateKeys" value"true" only.

Parameters


HeaderParameter


true ref


true ref

18



true ref

Responses


200 On success, when "saveToDb"value is "true", the response is aJSON in the following format{"status": "OK","message": "Message Text"}Otherwise, the response is anapplication/octet-streamcontaining the file as anattachment.

No Content

500 On failure the response is a JSONin the following format{"status": "error","message": "Message Text"}

No Content

Produces



Update Device Scalar

PUT /mgmt/device/byip/{deviceIp}/config

Description

Updates a scalar value on the device.Error cases:

If the wrong scalar value is specified in the JSON body, the APSolute Vision server returns the deviceerror message.

19

The following is an example of a request updating the scalar values for the Time Settings of aDefensePro device:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config,The request JSON is in the following format:{"rsWSDNTPPort": "123""rsWSDNTPServerUrl": "132.45.15.12"},

The following is an example of a request updating the scalar values for the Alteon Management TrafficRouting:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config,The request JSON is in the following format:{{"agMgmtNewCfgCdp": "2""agMgmtNewCfgDns": "2""agMgmtNewCfgOcsp": "2""agMgmtNewCfgReport": "2"}

The following is an example of a request updating the scalar values of Alteon for the APM Server:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config,The request JSON is in the following format:{{"agNewCfgAPMServerDataIpAddr": "172.16.55.21""agNewCfgAPMServerDataPort": "443""agNewCfgAPMServerId": "123""agNewCfgAPMServerMgmtIpAddr": "185.18.2.2"}

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true string

20

https://Vision

https://Vision

https://Vision


BodyParameter

requestBody The requestJSON.

true string

Responses



No Content


No Content

Consumes


Produces


Upload Software to Alteon Device

POST /mgmt/device/byip/{deviceIp}/config/softwareimport

Description

Upload Software to Alteon Device.

Parameters


PathParameter deviceIp true string

BodyParameter


21


QueryParameter

type The image typeto upload.Values:all - Thesoftware thatuploadscontains boththe ADC-VXinfrastructuresoftware andADC software.

adc - Thesoftware thatuploadscontains onlythe ADC-VXinfrastructuresoftware.

vadc - Thesoftware thatuploadscontains onlyADC software.Note: ADCsoftwaresupportsAlteonstandalone, VA,and vADC formfactors.

true string

QueryParameter

adcimg The ADC imagerepository onthe device towhich you aregoing to uploadthe software.

true string

QueryParameter

vadcimg The ADC-VXimagerepository onthe device towhich you aregoing to uploadthe software.

true string

22


QueryParameter

genpassauto SpecifieswhetherAPSoluteVisiongenerates thepasswordautomaticallyafter verifyingthat the devicehas a validsupportagreement.

true boolean

QueryParameter

pass The passwordreceived withthe newsoftwareversion. Thepassword iscase sensitive.

true string

Responses



No Content


No Content

Consumes


Produces

• text/plain


23

Delete Device Table Row

DELETE /mgmt/device/byip/{deviceIp}/config/{tableName}/{indexes : .+}

Description

Deletes a row from a device table. The request body is empty.

Use cases:

If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request deleting the row with index "Test" (specified in the pathparameter) from the "Network Protection Policies" table:Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsIDSNewRulesTable/Test/

The following is an example of a request deleting the row with the index "SG2/1", specified in the pathparameters from the "Network" table:Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsBWMNetworkTable/SG2/1/

The following is an example of a request deleting the row with the index "BDOS_Critical" specified inthe path parameter from the "BDoS Profiles" table:Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsNetFloodProfileTable/BDOS_Critical/

The following is an example of a request deleting the row with the index "450000", specified in the pathparameters from the "Connection Limit Protections" table:Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsIDSConnectionLimitAttackTable/450000/

The following is an example of a request deleting the row with the index "BlackListEntry1", specified inthe path parameters from the "Black List" table:Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsNewBlackListTable/BlackListEntry1/

The following is an example of a request deleting the row with the index "200009", specified in pathparameters, from the "SYN Protections" table:Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsIDSSYNAttackTable/200009/,

Parameters


HeaderParameter


true ref


true ref

24

https://Vision

https://Vision

https://Vision

https://Vision

https://Vision

https://Vision



true string


true string

PathParameter indexes The table indexvaluesaccording tothe orderdefined in theMIB file.

true string

Responses



No Content


No Content

Produces


Get Device Table Row

GET /mgmt/device/byip/{deviceIp}/config/{tableName}/{indexes : .+}

Description

Retrieves a row from the device table according to index.Query parameter:"props" - Optional parameter specifying a list of column names, separated by commas.

25

Use cases:

If the "props" query parameter is not provided, all columns of the row are returned.When a table does not contain the row with the specified index, the empty JSON is returned.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request retrieving the row by index "sgns-dns-auth" from the"Network Protection Policies" table:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsIDSNewRulesTable/sgns-dns-auth?props=rsIDSNewRulesName,rsIDSNewRulesState,rsIDSNewRulesSource,rsIDSNewRulesDestination,rsIDSNewRulesPortmask,rsIDSNewRulesDirection,Vlan_MPLSRD_TagGroup,rsIDSNewRulesVlanTagGroup,rsIDSNewRulesMPLSRDGroup,Profiles,rsIDSNewRulesProfileNetflood,rsIDSNewRulesProfileDNS,rsIDSNewRulesProfileScanning,rsIDSNewRulesProfileStateful,rsIDSNewRulesProfileAppsec,rsIDSNewRulesProfileConlmt,rsIDSNewRulesProfileSynprotection,rsIDSNewRulesProfilePPS,rsIDSQuarantineStatusInPolicy,rsIDSNewRulesAction,rsIDSNewRulesPacketReportingStatus,rsIDSNewRulesPacketReportingEnforcement,rsIDSNewRulesPacketTraceStatus,rsIDSNewRulesPacketTraceEnforcement

The following is an example of a request retrieving the row by index "sadasdasdasdasd" from the"Server Protection Policies" table:

Path: https://Vision IP/mgmt/device/byip/{DeviceIP}/config/rsIDSNewRulesTable/sadasdasdasdasd?props=rsIDSNewRulesName,rsIDSNewRulesStateTwo,rsIDSNewRulesInstanceIdTwo,rsIDSNewRulesPriorityTwo,rsIDSNewRulesSource,rsIDSNewRulesDestination,rsIDSNewRulesPortmask,rsIDSNewRulesDirection,Vlan_MPLSRD_TagGroup,rsIDSNewRulesVlanTagGroup,rsIDSNewRulesMPLSRDGroup,Profiles,rsIDSNewRulesProfileNetfloodThree,rsIDSNewRulesProfileDNSThree,rsIDSNewRulesProfileScanningThree,rsIDSNewRulesProfileStatefulThree,rsIDSNewRulesProfileAppsecThree,rsIDSNewRulesProfileConlmtThree,rsIDSNewRulesProfileSynprotectionThree,rsIDSNewRulesProfilePPSThree,rsIDSNewRulesActionTwo,rsIDSNewRulesPacketReportingStatusTwo,rsIDSNewRulesPacketReportingEnforcementTwo,rsIDSNewRulesPacketTraceStatusTwo,rsIDSNewRulesPacketTraceEnforcementTwo

The following is an example of a request retrieving the row by index "SG2" from the "Networks" table:

Path https://Vision IP/mgmt/device/byip/{DeviceIP}/config/rsBWMNetworkTable/SG2?props=rsBWMNetworkName,rsBWMNetworkSubIndex,rsBWMNetworkMode,

26

https://Vision

https://Vision

https://Vision

rsBWMNetworkAddress,rsBWMNetworkFromIP,rsBWMNetworkMask,rsBWMNetworkToIP&count=50

The following is an example of a request retrieving the row by indexes "Management/MNG-1" from the"Physical Ports" table:

Path: https://Vision IP/mgmt/device/byip/{DeviceIP}/config/rsBWMPhysicalPortGroupTable/Management/MNG-1?props=rsBWMPhysicalPortGroupName,rsBWMPhysicalPortGroupPort

Parameters


HeaderParameter


true ref


true ref


true string

PathParameter tableName The name ofthe table toretrieve fromthe device.

true string


true string

Responses



500 On failure, the response is aJSON in the following format:{"status": "error","message": "Message Text…"}

No Content

27

https://Vision

Produces


Edit Device Table Row

PUT /mgmt/device/byip/{deviceIp}/config/{tableName}/{indexes : .+}

Description

Updates a row in a device table.Use cases:

If inconsistent column data is specified in the JSON body, the HTTP 500 error code is returned with theerror forwarded from a device.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request updating the row with index "Test", specified in the pathparameter, in the "Network Protection Policies" table:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{"rsIDSNewRulesActionTwo": "1""rsIDSNewRulesDestination": "SG4""rsIDSNewRulesDirection": "1""rsIDSNewRulesInstanceIdTwo": "1""rsIDSNewRulesName": "Test""rsIDSNewRulesPacketReportingEnforcementTwo": "1""rsIDSNewRulesPacketTraceEnforcementTwo": "1""rsIDSNewRulesPacketTraceStatusTwo": "1""rsIDSNewRulesPortmask": """rsIDSNewRulesPriorityTwo": "1""rsIDSNewRulesProfileAppsecThree": """rsIDSNewRulesProfileConlmtThree": """rsIDSNewRulesProfileDNSThree": """rsIDSNewRulesProfileNetfloodThree": """rsIDSNewRulesProfileSynprotectionThree": """rsIDSNewRulesSource": "SG2""rsIDSNewRulesStateTwo": "1""rsIDSNewRulesVlanTagGroup": ""}

The following is an example of a request updating the row with the indexes "SG2/1", specified in pathparameters, in the "Network" table:

28

https://Vision

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsBWMNetworkTable/SG2/1/,

The request JSON is in the following format:{"rsBWMNetworkName": "SG2""rsBWMNetworkSubIndex": "1""rsBWMNetworkToIP": "66.152.0.0"}

The following is an example of a request updating the row with the index "BDOS_Critical", specified inthe path parameter, in the "BDoS Profiles" table:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsNetFloodProfileTable/BDOS_Critical/,

The request JSON is in the following format:{"rsNetFloodProfileBandwidthIn": "343434""rsNetFloodProfileBandwidthOut": "343434""rsNetFloodProfileIcmpInQuota": "1""rsNetFloodProfileIcmpOutQuota": "1""rsNetFloodProfileIcmpStatus": "1""rsNetFloodProfileIgmpInQuota": "1""rsNetFloodProfileIgmpOutQuota": "1""rsNetFloodProfileIgmpStatus": "1""rsNetFloodProfileLevelOfReuglarzation": "1""rsNetFloodProfileName": "1""rsNetFloodProfilePacketReportStatus": "1""rsNetFloodProfilePacketTraceStatus": "1""rsNetFloodProfileTcpFinAckStatus": "1""rsNetFloodProfileTcpFragStatus": "2""rsNetFloodProfileTcpInQuota": "75""rsNetFloodProfileTcpOutQuota": "75""rsNetFloodProfileTcpRstStatus": "1""rsNetFloodProfileTcpSynAckStatus": "1""rsNetFloodProfileTcpSynStatus": "1""rsNetFloodProfileTransparentOptimization": "1""rsNetFloodProfileUdpFragStatus": "2""rsNetFloodProfileUdpInQuota": "50""rsNetFloodProfileUdpOutQuota": "50""rsNetFloodProfileUdpStatus": "2"}

The following is an example of a request updating the row with the index "450000", specified in thepath parameters, in the "Connection Limit Protections" table:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsIDSConnectionLimitAttackTable/450000/,

29

https://Vision

https://Vision

https://Vision

The request JSON is in the following format:{"rsIDSConnectionLimitAttackId": "450000""rsIDSConnectionLimitAttackProtocol": "3""rsIDSConnectionLimitAttackReportMode": "0""rsIDSConnectionLimitAttackRisk": "2""rsIDSConnectionLimitAttackTrackingType": "4"}

The following is an example of a request updating the row with the index "200009", specified in thepath parameters, in the "SYN Protections" table:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsIDSSYNAttackTable/200009/,

The request JSON is in the following format:{"rsIDSSYNAttackActivationThreshold": "2501""rsIDSSYNAttackId": "200009""rsIDSSYNAttackRisk": "4""rsIDSSYNAttackTerminationThreshold": "1501"}

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref


true string


true string

30

https://Vision



true string

BodyParameter


true string

Responses



No Content


No Content

Consumes


Produces


Add Device Table Row

POST /mgmt/device/byip/{deviceIp}/config/{tableName}/{indexes : .+}

Description

Adds a row to a device table.Use cases:

If inconsistent column data is specified in the JSON body, the APSolute Vision server returns the errorfrom a device.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

31

The following is an example of a request adding a row with index "Test", specified in the pathparameter, to the "Network Protection Policies" table:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{"rsIDSNewRulesActionTwo": "1""rsIDSNewRulesDestination": "SG4""rsIDSNewRulesDirection": "1""rsIDSNewRulesInstanceIdTwo": "1""rsIDSNewRulesName": "Test""rsIDSNewRulesPacketReportingEnforcementTwo": "1""rsIDSNewRulesPacketTraceEnforcementTwo": "1""rsIDSNewRulesPacketTraceStatusTwo": "1""rsIDSNewRulesPortmask": """rsIDSNewRulesPriorityTwo": "1""rsIDSNewRulesProfileAppsecThree": """rsIDSNewRulesProfileConlmtThree": """rsIDSNewRulesProfileDNSThree": """rsIDSNewRulesProfileNetfloodThree": """rsIDSNewRulesProfileSynprotectionThree": """rsIDSNewRulesSource": "SG2""rsIDSNewRulesStateTwo": "1""rsIDSNewRulesVlanTagGroup": ""},

The following is an example of a request adding a row with the index "Test", specified in the pathparameters, to the "Signature Profile" table:

Path: https://Vision IP/mgmt/device/byip/{DeviceIP}/config/rsIDSSignaturesProfilesTable/Test/1/Risk/High/,

The request JSON is in the following format:{"rsIDSSignaturesProfileName": "Test""rsIDSSignaturesProfileRuleAttributeName": "High""rsIDSSignaturesProfileRuleAttributeType": "Risk""rsIDSSignaturesProfileRuleName": "1"}

The following is an example of a request adding a row with the index "Entry1", specified in the pathparameters, to the "White List" table:

Path: https://Vision IP/mgmt/device/byip/{Device IP}/config/rsNewWhiteListTable/Entry1/,

The request JSON is in the following format:{"rsNewWhiteListAction": "Test"

32

https://Vision

https://Vision

https://Vision

"rsNewWhiteListAllModules": "1""rsNewWhiteListDescriptionTwo": "Attach White List Entry""rsNewWhiteListDirection": "1""rsNewWhiteListDstNetwork": "SG4""rsNewWhiteListDstPortGroup": "rtsp""rsNewWhiteListHttpFloodModuleTwo": "1""rsNewWhiteListName": "Entry1""rsNewWhiteListProtocol": "0""rsNewWhiteListServerCrackingModuleTwo": "1""rsNewWhiteListSignatureModuleTwo": "1""rsNewWhiteListSrcNetwork": "SG2""rsNewWhiteListSrcPortGroup": "msn""rsNewWhiteListState": "1""rsNewWhiteListSynModuleTwo": "1"

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref


true string

PathParameter tableName The name ofthe table.

true string


true string

BodyParameter


true string

Responses

33



No Content


No Content

Consumes


Produces


General-DeviceByIpConfigV2

Upload Certificate to Device List

POST /mgmt/v2/devices/config/{category}/sslcertimport

Description

Uploads a certificate file to the specified devices.

Query parameters:id - The certificate unique identifier.type - The type of the file. Values: "key" for SSL key; "cert" for certificate, "req" for certificate request,"p12" for certificate and key, "interm" for intermediate certificate.passphrase - The password for the private keys encryption.src - The source type. Values: "txt" or "file". In this case the value should be "file".

Body parameters are: the file content as an octal stream, and the leading device, and the device listinformation as a JSON string inside the form data.The following is an example of a request to upload a key with index "888" (specified in the queryparameter) to the specified devices:

Path: https://VisionIP/mgmt/device/multi/config/sslcertimport?id=888&type=key&passphrase=radware&src=file,The request body is in the following format:

34

https://Vision

{Content-Disposition: form-data; name="Filedata"; filename="13.key"Content-Type: application/octet-streamContent-Disposition: form-data; name="requestStringData"{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"]}

Parameters


BodyParameter


HeaderParameter


true ref


true ref

BodyParameter

multipartFormDataInput

The file inputstream and theformparameters.

true string

Responses


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The UploadCertificate as File operationstarted for the group of devices.(ID: R_<Unique Operation ID>) "}

No Content


No Content

35

Consumes


Produces

• text/plain


• text/html

• text/plain

Upload File to Device List

POST /mgmt/v2/devices/config/{category}/sendtodevice

Description

Uploads the file to the specified devices.

The query parameters are application specific.The body parameters are the file content as an octal stream, and the leading device and device listinformation, as JSON string inside the form data.The following is an example of a request uploading a tunnel with index "NewDNS" (specified in thequery parameter) to the group of devices:

Path: https://VisionIP/mgmt/device/multi/config/sendtodevice?operationType=ImportTunnel&listeningAddress=10.206.158.114&listeningPort=80&fwAddress=10.206.158.114&protectedEntity=256,The request body is in the following format:{Content-Disposition: form-data; name="Filedata"; filename="dbVul.kvs"Content-Type: application/octet-streamContent-Disposition: form-data; name="requestStringData"{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"]}

Parameters


BodyParameter


36

https://Vision


HeaderParameter


true ref


true ref

BodyParameter



true string

Responses


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The Upload Fileoperation started for the groupof devices. (ID: R_<UniqueOperation ID>) "}

No Content


No Content

Consumes


Produces

• text/plain


• text/plain

Send DNS Key to Device List

POST /mgmt/v2/devices/config/{category}/dnskeyimport

37

Description

Uploads the DNS Key text to the specified devices.

Query parameters are:"id" - The DNS Key unique identifier."type" of file; The value should be "zone" for DNS Key."passphrase" - The password for the DNS keys encryption.The rest are application specific parameters.

The following is an example of a request uploading a key with index "NewTextDNS" (specified in thequery parameter) to the specified devices:

Path: https://VisionIP/mgmt/device/multi/config/dnskeyimport?id=NewTextDNS&type=zone&state=1&passphrase=radware&keysz=1024&hash=1&ttl=86400&exp=2419200&rollover=604800&sigval=604800&sigPUB=302400,The request body is in the following format:{"requestData":"LS0tLS1CRUdJTiBSU0EgUFJJV….",{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"]}

Parameters


BodyParameter

body false string

HeaderParameter

headers The originalrequest HTTPheaders

true ref

PathParameter uriInfo The requestURI

true ref

BodyParameter

requestBody The requestJSON

true string

Responses

38

https://Vision


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The Upload DNSKey as Text operation started forthe group of devices. (ID:R_<Unique Operation ID>) "}

No Content


No Content

Produces


• text/html

• text/plain

Update Device Scalar

PUT /mgmt/v2/devices/{deviceId}/config/{category}

Description

Updates a scalar value on the device.Error cases:

If the wrong scalar value is specified in the JSON body, the APSolute Vision server returns the deviceerror message.

The following is an example of a request updating the scalar values for the Time Settings of aDefensePro device:

Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module},The request JSON is in the following format:{"rsWSDNTPPort": "123""rsWSDNTPServerUrl": "132.45.15.12"},

39

https://Vision

The following is an example of a request updating the scalar values for the Alteon Management TrafficRouting:

Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module},The request JSON is in the following format:{{"agMgmtNewCfgCdp": "2""agMgmtNewCfgDns": "2""agMgmtNewCfgOcsp": "2""agMgmtNewCfgReport": "2"}

The following is an example of a request updating the scalar values of Alteon for the APM Server:

Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module},The request JSON is in the following format:{{"agNewCfgAPMServerDataIpAddr": "172.16.55.21""agNewCfgAPMServerDataPort": "443""agNewCfgAPMServerId": "123""agNewCfgAPMServerMgmtIpAddr": "185.18.2.2"}

Parameters


PathParameter deviceId true string

BodyParameter

body false string

HeaderParameter


true ref


true string

BodyParameter


true string

Responses

40

https://Vision

https://Vision



No Content


No Content

Consumes


Produces


• text/html

• text/plain

Update a single variable (scalar) values on the leading device and on allspecified devices

PUT /mgmt/v2/devices/config/{category}

Description

Updates single variable (scalar) values on the leading device and on all specified devices.Error condition regarding the leading device:

If the wrong variable values are specified in the JSON body, the APSolute Vision server returns deviceerror message.

Error condition regarding the remaining devices:

If the wrong variable values are specified in the JSON body, the device error message will appear in thesummarizing message on the client and in the summarizing alert.

The following is an example of a request to update variable (scalar) values on the leading device andon all specified devices:

Path: https://Vision IP/mgmt/v2/devices/config/{category},The request JSON is in the following format:

41

https://Vision

{"leadingDeviceIp": "172.16.162.7","deviceIpAddresses":["172.16.162.1","172.16.162.2","172.16.162.4"],"requestData": {"agMgmtNewCfgRadius": "1","agMgmtNewCfgTacacs": "2","agMgmtNewCfgSyslog": "2","agMgmtNewCfgSnmp": "2","agMgmtNewCfgTftp": "2","agMgmtNewCfgReport": "2"}}

Parameters


BodyParameter

body false string

HeaderParameter

headers Originalrequest HTTPheaders.

true ref

BodyParameter

requestBody Request JSON. true string

Responses


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_22886","message":"Theupdate scalars operation startedfor the group of devices. (ID:R_22886) "}

No Content


No Content

Consumes


42

Produces


• text/html

• text/plain

Delete Table Row from Device List

DELETE /mgmt/v2/devices/config/{category}/{tableName}/{indexes : .+}

Description

Deletes a row from the leading device table and from the table on all specified devices.Error cases:

If the wrong index is specified in the path, the APSolute Vision server returns the error from a leadingdevice.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request to delete a row with index "Test" (specified in the pathparameter) from the "Network Protection Policies" table:

Path: https://Vision IP/mgmt/v2/devices/config/aw/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{

"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"]}

The following is an example of a request deleting a row with the indexes "Test", "1', "Risk", "High",specified in the path parameters, from the "Signature Profile" table:

Path: https://Vision IP/mgmt/v2/devices/config/aw/rsIDSSignaturesProfilesTable/Test/1/Risk/High/,

The request JSON is in the following format:{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"]}

The following is an example of a request deleting a row with the index "Entry1", specified in the pathparameters, from the "White List" table:

Path: https://Vision IP/mgmt/v2/devices/config/aw/rsNewWhiteListTable/Entry1/,

43

https://Vision

https://Vision

https://Vision


Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref


true string


true string

BodyParameter


true string

Responses


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The delete tablerow operation started for thegroup of devices.(ID: R_<UniqueOperation ID>) "}

No Content

44



No Content

Consumes


Produces


• text/html

• text/plain

Edit Table Row on Device List

PUT /mgmt/v2/devices/config/{category}/{tableName}/{indexes : .+}

Description

Updates a row in the device table on the leading device and on all specified devices.Error cases:

If wrong column data is specified in the JSON body, the APSolute Vision server returns the error from aleading device.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request updating a row with index "Test" (specified in the pathparameter) to the "Network Protection Policies" table:

Path: https://Vision IP/mgmt/v2/devices/config/aw/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"],"requestData": {"rsIDSNewRulesStateTwo": "1","rsIDSNewRulesName": "Test""rsIDSNewRulesInstanceIdTwo": "0""rsIDSNewRulesPortmask": ""

45

https://Vision

"rsIDSNewRulesInstanceIdTwo": "1""rsIDSNewRulesDirection": "1""rsIDSNewRulesVlanTagGroup": """rsIDSNewRulesMPLSRDGroup": """rsIDSNewRulesProfileNetfloodThree": """rsIDSNewRulesProfileDNSThree": """rsIDSNewRulesProfileAppsecThree": """rsIDSNewRulesProfileConlmt": """rsIDSNewRulesProfileSynprotectionThree": """rsIDSNewRulesActionTwo": "1"}}

The following is an example of a request updating a row with the index "Test", specified in the pathparameters, to the "Signature Profile" table:

Path: https://Vision IP/mgmt/v2/devices/config/aw/rsIDSSignaturesProfilesTable/Test/1/Risk/High/,

The request JSON is in the following format:{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"],"requestData": {"rsIDSSignaturesProfileName": "Test1""rsIDSSignaturesProfileRuleAttributeName": "High""rsIDSSignaturesProfileRuleAttributeType": "Risk""rsIDSSignaturesProfileRuleName": "1"}}

The following is an example of a request updating a row with the index "Entry1", specified in the pathparameters, to the "White List" table:

Path: https://Vision IP/mgmt/v2/devices/config/aw/rsNewWhiteListTable/Entry1/,

The request JSON is in the following format:{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"],"requestData": {"rsNewWhiteListAction": "Test""rsNewWhiteListAllModules": "1""rsNewWhiteListDescriptionTwo": "Attach White List Entry""rsNewWhiteListDirection": "1""rsNewWhiteListDstNetwork": "SG4""rsNewWhiteListDstPortGroup": "rtsp""rsNewWhiteListHttpFloodModuleTwo": "1""rsNewWhiteListName": "Entry1""rsNewWhiteListProtocol": "0"

46

https://Vision

https://Vision

"rsNewWhiteListServerCrackingModuleTwo": "1""rsNewWhiteListSignatureModuleTwo": "1""rsNewWhiteListSrcNetwork": "SG2""rsNewWhiteListSrcPortGroup": "msn""rsNewWhiteListState": "1""rsNewWhiteListSynModuleTwo": "1"}}

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref

PathParameter tableName The name ofthe table

true string

PathParameter indexes The table indexvaluesaccording tothe orderdefined in theMIB file

true string

BodyParameter


true string

Responses


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The updatetable row operation started forthe group of devices.(ID:R_<Unique Operation ID>) "}

No Content

47



No Content

Consumes


Produces


• text/html

• text/plain

Add Table Row to Device List

POST /mgmt/v2/devices/config/{category}/{tableName}/{indexes : .+}

Description

Adds a row to a device table on the leading device and on the specified devices.Error cases:

If wrong columns data is specified in the JSON body, the APSolute Vision server returns the error froma leading device.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request adding a row with index "Test" (specified in the pathparameter) to the "Network Protection Policies" table:

Path: https://Vision IP/mgmt/v2/devices/config/aw/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"],"requestData": {"rsIDSNewRulesStateTwo": "1","rsIDSNewRulesName": "Test""rsIDSNewRulesInstanceIdTwo": "0""rsIDSNewRulesPortmask": ""

48

https://Vision

"rsIDSNewRulesInstanceIdTwo": "1""rsIDSNewRulesDirection": "1""rsIDSNewRulesVlanTagGroup": """rsIDSNewRulesMPLSRDGroup": """rsIDSNewRulesProfileNetfloodThree": """rsIDSNewRulesProfileDNSThree": """rsIDSNewRulesProfileAppsecThree": """rsIDSNewRulesProfileConlmt": """rsIDSNewRulesProfileSynprotectionThree": """rsIDSNewRulesActionTwo": "1"}}


Path: https://Vision IP/mgmt/device/multi/config/rsIDSSignaturesProfilesTable/Test/1/Risk/High/,



Path: https://Vision IP/mgmt/device/multi/config/rsNewWhiteListTable/Entry1/,

The request JSON is in the following format:{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"],"requestData": {"rsNewWhiteListAction": "Test""rsNewWhiteListAllModules": "1""rsNewWhiteListDescriptionTwo": "Attach White List Entry""rsNewWhiteListDirection": "1""rsNewWhiteListDstNetwork": "SG4""rsNewWhiteListDstPortGroup": "rtsp""rsNewWhiteListHttpFloodModuleTwo": "1""rsNewWhiteListName": "Entry1""rsNewWhiteListProtocol": "0"

49

https://Vision

https://Vision

"rsNewWhiteListServerCrackingModuleTwo": "1""rsNewWhiteListSignatureModuleTwo": "1""rsNewWhiteListSrcNetwork": "SG2""rsNewWhiteListSrcPortGroup": "msn""rsNewWhiteListState": "1""rsNewWhiteListSynModuleTwo": "1"}}

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref

PathParameter tableName The name ofthe table

true string

PathParameter indexes The table indexvaluesaccording tothe orderdefined in theMIB file

true string

BodyParameter


true string

Responses


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The create tablerow operation started for thegroup of devices.(ID: R_<UniqueOperation ID>) "}

No Content

50



No Content

Consumes


Produces


• text/html

• text/plain

Get Device Table

GET /mgmt/v2/devices/{deviceId}/config/{category}/{tableName}

Description

Retrieves the table content from the device.Query parameters:offset - The index in the table to start retrieving from. When this optional parameter is not specified,the table from the beginning is returned.count - Optional parameter specifying a maximum number of rows to retrieve.props - Optional parameter specifying a list of columns, separated by commas.

Use cases:

If query parameters are not provided, the whole table is returned (with device limitations for themaximum rows that can be returned in REST)If the path parameter is not provided, the HTTP 500 error code is returned with the error message.When a table does not contain rows, the empty JSON is returned.

The following is an example of a request retrieving the first 50 rows from the "Network ProtectionPolicies" table:

Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsIDSNewRulesTable?offset=SGNS-Global-2&count=50&props=rsIDSNewRulesName,rsIDSNewRulesState,rsIDSNewRulesSource,rsIDSNewRulesD

51

https://Vision

estination,rsIDSNewRulesPortmask,rsIDSNewRulesDirection,Vlan_MPLSRD_TagGroup,rsIDSNewRulesVlanTagGroup,rsIDSNewRulesMPLSRDGroup,Profiles,rsIDSNewRulesProfileNetflood,rsIDSNewRulesProfileDNS,rsIDSNewRulesProfileScanning,rsIDSNewRulesProfileStateful,rsIDSNewRulesProfileAppsec,rsIDSNewRulesProfileConlmt,rsIDSNewRulesProfileSynprotection,rsIDSNewRulesProfilePPS,rsIDSQuarantineStatusInPolicy,rsIDSNewRulesAction,rsIDSNewRulesPacketReportingStatus,rsIDSNewRulesPacketReportingEnforcement,rsIDSNewRulesPacketTraceStatus,rsIDSNewRulesPacketTraceEnforcement,

The following is an example of a request retrieving the first 50 rows from the "Server ProtectionPolicies" table:

Path: https://Vision IP/mgmt/v2/devices/{DeviceID}/config/{module}/rsIDSServerTable?count=50&props=rsIDSServerName,rsIDSServerIPRange,rsIDSServerState,rsIDSServerHTTPProfile,rsIDSServerIPSProfile,rsIDSServerVlanTagGroup,rsIDSServerPacketReportStatus,rsIDSServerPacketReportEnforcement,rsIDSServerPacketTraceStatus,rsIDSServerPacketTraceEnforcement

Parameters



HeaderParameter


true ref


true string


true string

Responses



52

https://Vision



No Content

Produces


• text/html

• text/plain

Delete Device Table Row

DELETE /mgmt/v2/devices/{deviceId}/config/{category}/{tableName}/{indexes : .+}

Description

Deletes a row from a device table. The request body is empty.

Use case:

If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request deleting the row with index "Test" (specified in the pathparameter) from the "Network Protection Policies" table:Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsIDSNewRulesTable/Test/

The following is an example of a request deleting the row with the index "SG2/1", specified in the pathparameters from the "Network" table:Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsBWMNetworkTable/SG2/1/

The following is an example of a request deleting the row with the index "BDOS_Critical" specified inthe path parameter from the "BDoS Profiles" table:Path: https://Vision IP/mgmt/v2/devices/{DeviceID}/config/{module}/rsNetFloodProfileTable/BDOS_Critical/

The following is an example of a request deleting the row with the index "450000", specified in the pathparameters from the "Connection Limit Protections" table:Path: https://Vision IP/mgmt/v2/devices/{DeviceID}/config/{module}/rsIDSConnectionLimitAttackTable/450000/

The following is an example of a request deleting the row with the index "BlackListEntry1", specified in

53

https://Vision

https://Vision

https://Vision

https://Vision

the path parameters from the "Black List" table:Path: https://Vision IP/mgmt/v2/devices/{DeviceID}/config/{module}/rsNewBlackListTable/BlackListEntry1/

The following is an example of a request deleting the row with the index "200009", specified in pathparameters, from the "SYN Protections" table:Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsIDSSYNAttackTable/200009/,

Parameters



HeaderParameter


true ref


true ref


true string


true string


true string

Responses



No Content

54

https://Vision

https://Vision



No Content

Produces


• text/html

• text/plain

Get Device Table Row

GET /mgmt/v2/devices/{deviceId}/config/{category}/{tableName}/{indexes : .+}

Description

Retrieves a row from the device table according to index.Query parameter:props - Optional parameter specifying a list of column names, separated by commas.

Use cases:

If the "props" query parameter is not provided, all columns of the row are returned.When a table does not contain the row with the specified index, the empty JSON is returned.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request retrieving the row by index "sgns-dns-auth" from the"Network Protection Policies" table:

Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsIDSNewRulesTable/sgns-dns-auth?props=rsIDSNewRulesName,rsIDSNewRulesState,rsIDSNewRulesSource,rsIDSNewRulesDestination,rsIDSNewRulesPortmask,rsIDSNewRulesDirection,Vlan_MPLSRD_TagGroup,rsIDSNewRulesVlanTagGroup,rsIDSNewRulesMPLSRDGroup,Profiles,rsIDSNewRulesProfileNetflood,rsIDSNewRulesProfileDNS,rsIDSNewRulesProfileScanning,rsIDSNewRulesProfileStateful,rsIDSNewRulesProfileAppsec,rsIDSNewRulesProfileConlmt,rsIDSNewRulesProfileSynprotection,rsIDSNewRulesProfilePPS,rsIDSQuarantineStatusInPolicy,rsIDSNewRulesAction,rsIDSNewRulesPacketReportingStatus,rsIDSNewRulesPacketReportingEnforcement,rsIDSNewRulesPac

55

https://Vision

ketTraceStatus,rsIDSNewRulesPacketTraceEnforcement

The following is an example of a request retrieving the row by index "sadasdasdasdasd" from the"Server Protection Policies" table:

Path: https://Vision IP/mgmt/v2/devices/{DeviceID}/config/{module}/rsIDSNewRulesTable/sadasdasdasdasd?props=rsIDSNewRulesName,rsIDSNewRulesStateTwo,rsIDSNewRulesInstanceIdTwo,rsIDSNewRulesPriorityTwo,rsIDSNewRulesSource,rsIDSNewRulesDestination,rsIDSNewRulesPortmask,rsIDSNewRulesDirection,Vlan_MPLSRD_TagGroup,rsIDSNewRulesVlanTagGroup,rsIDSNewRulesMPLSRDGroup,Profiles,rsIDSNewRulesProfileNetfloodThree,rsIDSNewRulesProfileDNSThree,rsIDSNewRulesProfileScanningThree,rsIDSNewRulesProfileStatefulThree,rsIDSNewRulesProfileAppsecThree,rsIDSNewRulesProfileConlmtThree,rsIDSNewRulesProfileSynprotectionThree,rsIDSNewRulesProfilePPSThree,rsIDSNewRulesActionTwo,rsIDSNewRulesPacketReportingStatusTwo,rsIDSNewRulesPacketReportingEnforcementTwo,rsIDSNewRulesPacketTraceStatusTwo,rsIDSNewRulesPacketTraceEnforcementTwo

The following is an example of a request retrieving the row by index "SG2" from the "Networks" table:

Path https://Vision IP/mgmt/v2/devices/{DeviceID}/config/{module}/rsBWMNetworkTable/SG2?props=rsBWMNetworkName,rsBWMNetworkSubIndex,rsBWMNetworkMode,rsBWMNetworkAddress,rsBWMNetworkFromIP,rsBWMNetworkMask,rsBWMNetworkToIP&count=50

The following is an example of a request retrieving the row by indexes "Management/MNG-1" from the"Physical Ports" table:

Path: https://Vision IP/mgmt/v2/devices/{DeviceID}/config/{module}/rsBWMPhysicalPortGroupTable/Management/MNG-1?props=rsBWMPhysicalPortGroupName,rsBWMPhysicalPortGroupPort

Parameters



HeaderParameter


true ref


true ref

56

https://Vision

https://Vision

https://Vision



true string

PathParameter tableName The name ofthe table toretrieve fromthe device.

true string


true string

Responses



500 On failure, the response is aJSON in the following format:{"status": "error","message": "Message Text…"}

No Content

Produces


• text/html

• text/plain

Edit Device Table Row

PUT /mgmt/v2/devices/{deviceId}/config/{category}/{tableName}/{indexes : .+}

Description

Updates a row in a device table.Use cases:

57

If inconsistent columns data is specified in the JSON body, the HTTP 500 error code is returned with theerror forwarded from a device.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request updating the row with index "Test" (specified in the pathparameter) in the "Network Protection Policies" table:

Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{"rsIDSNewRulesActionTwo": "1""rsIDSNewRulesDestination": "SG4""rsIDSNewRulesDirection": "1""rsIDSNewRulesInstanceIdTwo": "1""rsIDSNewRulesName": "Test""rsIDSNewRulesPacketReportingEnforcementTwo": "1""rsIDSNewRulesPacketTraceEnforcementTwo": "1""rsIDSNewRulesPacketTraceStatusTwo": "1""rsIDSNewRulesPortmask": """rsIDSNewRulesPriorityTwo": "1""rsIDSNewRulesProfileAppsecThree": """rsIDSNewRulesProfileConlmtThree": """rsIDSNewRulesProfileDNSThree": """rsIDSNewRulesProfileNetfloodThree": """rsIDSNewRulesProfileSynprotectionThree": """rsIDSNewRulesSource": "SG2""rsIDSNewRulesStateTwo": "1""rsIDSNewRulesVlanTagGroup": ""}

The following is an example of a request updating the row with the indexes "SG2/1", specified in pathparameters, in the "Network" table:

Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsBWMNetworkTable/SG2/1/,

The request JSON is in the following format:{"rsBWMNetworkName": "SG2""rsBWMNetworkSubIndex": "1""rsBWMNetworkToIP": "66.152.0.0"}

The following is an example of a request updating the row with the index "BDOS_Critical", specified inthe path parameter, in the "BDoS Profiles" table:

Path: https://Vision IP/mgmt/v2/devices/{Device

58

https://Vision

https://Vision

https://Vision

ID}/config/{module}/rsNetFloodProfileTable/BDOS_Critical/,

The request JSON is in the following format:{"rsNetFloodProfileBandwidthIn": "343434""rsNetFloodProfileBandwidthOut": "343434""rsNetFloodProfileIcmpInQuota": "1""rsNetFloodProfileIcmpOutQuota": "1""rsNetFloodProfileIcmpStatus": "1""rsNetFloodProfileIgmpInQuota": "1""rsNetFloodProfileIgmpOutQuota": "1""rsNetFloodProfileIgmpStatus": "1""rsNetFloodProfileLevelOfReuglarzation": "1""rsNetFloodProfileName": "1""rsNetFloodProfilePacketReportStatus": "1""rsNetFloodProfilePacketTraceStatus": "1""rsNetFloodProfileTcpFinAckStatus": "1""rsNetFloodProfileTcpFragStatus": "2""rsNetFloodProfileTcpInQuota": "75""rsNetFloodProfileTcpOutQuota": "75""rsNetFloodProfileTcpRstStatus": "1""rsNetFloodProfileTcpSynAckStatus": "1""rsNetFloodProfileTcpSynStatus": "1""rsNetFloodProfileTransparentOptimization": "1""rsNetFloodProfileUdpFragStatus": "2""rsNetFloodProfileUdpInQuota": "50""rsNetFloodProfileUdpOutQuota": "50""rsNetFloodProfileUdpStatus": "2"}

The following is an example of a request updating the row with the index "450000", specified in thepath parameters, in the "Connection Limit Protections" table:

Path: https://Vision IP/mgmt/v2/devices/{DeviceID}/config/{module}/rsIDSConnectionLimitAttackTable/450000/,

The request JSON is in the following format:{"rsIDSConnectionLimitAttackId": "450000""rsIDSConnectionLimitAttackProtocol": "3""rsIDSConnectionLimitAttackReportMode": "0""rsIDSConnectionLimitAttackRisk": "2""rsIDSConnectionLimitAttackTrackingType": "4"}

The following is an example of a request updating the row with the index "200009", specified in the

59

https://Vision

path parameters, in the "SYN Protections" table:

Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsIDSSYNAttackTable/200009/,

The request JSON is in the following format:{"rsIDSSYNAttackActivationThreshold": "2501""rsIDSSYNAttackId": "200009""rsIDSSYNAttackRisk": "4""rsIDSSYNAttackTerminationThreshold": "1501"}

Parameters



BodyParameter

body false string

HeaderParameter


true ref


true ref


true string


true string

PathParameter indexes The table indexvaluesaccording tothe orderdefined in MIBfile.

true string

BodyParameter


true string

Responses

60

https://Vision



No Content


No Content

Consumes


Produces


• text/html

• text/plain

Add Device Table Row

POST /mgmt/v2/devices/{deviceId}/config/{category}/{tableName}/{indexes : .+}

Description

Adds a row to a device table.Use cases:

If inconsistent columns data is specified in the JSON body, the APSolute Vision server returns the errorfrom a device.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.


Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{"rsIDSNewRulesActionTwo": "1""rsIDSNewRulesDestination": "SG4""rsIDSNewRulesDirection": "1""rsIDSNewRulesInstanceIdTwo": "1"

61

https://Vision

"rsIDSNewRulesName": "Test""rsIDSNewRulesPacketReportingEnforcementTwo": "1""rsIDSNewRulesPacketTraceEnforcementTwo": "1""rsIDSNewRulesPacketTraceStatusTwo": "1""rsIDSNewRulesPortmask": """rsIDSNewRulesPriorityTwo": "1""rsIDSNewRulesProfileAppsecThree": """rsIDSNewRulesProfileConlmtThree": """rsIDSNewRulesProfileDNSThree": """rsIDSNewRulesProfileNetfloodThree": """rsIDSNewRulesProfileSynprotectionThree": """rsIDSNewRulesSource": "SG2""rsIDSNewRulesStateTwo": "1""rsIDSNewRulesVlanTagGroup": ""},


Path: https://Vision IP/mgmt/v2/devices/{DeviceID}/config/{module}/rsIDSSignaturesProfilesTable/Test/1/Risk/High/,

The request JSON is in the following format:{"rsIDSSignaturesProfileName": "Test""rsIDSSignaturesProfileRuleAttributeName": "High""rsIDSSignaturesProfileRuleAttributeType": "Risk""rsIDSSignaturesProfileRuleName": "1"}


Path: https://Vision IP/mgmt/v2/devices/{Device ID}/config/{module}/rsNewWhiteListTable/Entry1/,

The request JSON is in the following format:{"rsNewWhiteListAction": "Test""rsNewWhiteListAllModules": "1""rsNewWhiteListDescriptionTwo": "Attach White List Entry""rsNewWhiteListDirection": "1""rsNewWhiteListDstNetwork": "SG4""rsNewWhiteListDstPortGroup": "rtsp""rsNewWhiteListHttpFloodModuleTwo": "1""rsNewWhiteListName": "Entry1""rsNewWhiteListProtocol": "0""rsNewWhiteListServerCrackingModuleTwo": "1""rsNewWhiteListSignatureModuleTwo": "1"

62

https://Vision

https://Vision

"rsNewWhiteListSrcNetwork": "SG2""rsNewWhiteListSrcPortGroup": "msn""rsNewWhiteListState": "1""rsNewWhiteListSynModuleTwo": "1"

Parameters



BodyParameter

body false string

HeaderParameter


true ref


true ref


true string


true string


true string

BodyParameter


true string

Responses



No Content

63



No Content

Consumes


Produces


• text/html

• text/plain

General-MassOperationsConfig

Upload File to Device List

POST /mgmt/device/multi/config/sendtodevice

Description

Uploads the file to the specified devices.

The query parameters are application specific.The body parameters are the file content as an octal stream, and the leading device and device listinformation, as a JSON string inside the form data.The following is an example of a request uploading a tunnel with index "NewDNS" ,specified in thequery parameter, to the group of devices:

Path: https://VisionIP/mgmt/device/multi/config/sendtodevice?operationType=ImportTunnel&listeningAddress=10.206.158.114&listeningPort=80&fwAddress=10.206.158.114&protectedEntity=256,The request body is in the following format:{Content-Disposition: form-data; name="Filedata"; filename="dbVul.kvs"Content-Type: application/octet-streamContent-Disposition: form-data; name="requestStringData"{

64

https://Vision


Parameters


BodyParameter


HeaderParameter


true ref


true ref

BodyParameter



true string

Responses


200 On success of the operation onthe leading device, the responseis a JSON in the followingformat:{"ID":"R_<Unique OperationID>","message":"The Upload Fileoperation started for the groupof devices. (ID: R_<UniqueOperation ID>) "}

No Content


No Content

Consumes


65

Produces

• text/plain


Export Network Policy from several devices

POST /mgmt/device/multi/config/getnetworktemplate

Description

Error case:

If the Network Protection policy was created but the Update Policies operation was not yet performedon the DefensePro device, an error message is returned:

Configuration template import failed due to validation error. Import of network failed. The name ofthe network is invalid.

The following is an example of a request to export a network protection configuration template fromthe DefensePro device to the APSolute Vision database:

Path: https://VisionIP/mgmt/device/multi/config/getnetworktemplate?PolicyName=guy&ExportConfiguration=on&ExportBaselineDNS=on&ExportBaselineBDoS=on&saveToDb=true&fileName=172.16.22.20_guy_2015.11.17_16.48.53

Query parameterse:

PolicyName - The name of the Network Protection policy.ExportConfiguration - Flag to indicate whether to export the configuration. Values: on / off.ExportBaselineDNS - Flag to indicate whether to export the DNS baseline. Values: on / off.ExportBaselineBDoS - Flag to indicate whether to export the BDoS baseline. Values: on / off.saveToDb - Flag to indicate whether to save the template to the APSolute Vision database, or to thelocal OS. Values: true / false. Use "true" to store the file in the APSolute Vision database. Use "false" tostore it on the local OS.fileName - The name of the file to be stored in APSolute Vision database. Additionally this name can beused for importing or deleting the configuration template from the device.

Parameters


BodyParameter

body false string

66

https://Vision


HeaderParameter


true ref


true ref

Responses



No Content


No Content

Produces



Get Result of Export operation

GET /mgmt/device/multi/config/getexportedfile

Description

Retrieves the result archive file from database and sends it to the client computer.

Query parameters:operationId - OperationId in the database.

Parameters


HeaderParameter


true ref

67



true ref

Responses


200 On operation start, the responseis a JSON in the followingformat:{"ID":"R_<Unique OperationID>","message":"The manageoperation started for the groupof devices. See the Alertsbrowser for details. (ID:R_<Unique Operation ID>) "}

No Content

500 On failure the response is a JSONin the following format{"status": "error","message": "Message Text…"}

No Content

Produces



Delete White List Files from Devices

POST /mgmt/device/multi/config/whitelistdelete

Description

Deletes the White List files from the several devices.

Parameters


BodyParameter

body false string

68


HeaderParameter


true ref


true ref

Responses



No Content


No Content

Consumes


Produces


Perform Update Policies on Device List

POST /mgmt/device/multi/config/updatepolicies

Description

"Performs the Update Policies action on the specified devices.The following is an example of a request to perform the Update Policies action on a group of devices:

Path: https://Vision IP/mgmt/device/multi/config/updatepolicies,

69

https://Vision

The request JSON is in the following format:{"deviceIpAddresses":["172.16.162.1","172.16.162.2","172.16.162.4"]

}

Parameters


BodyParameter

body false string


true ref

BodyParameter


true string

Responses


200 On operation start, the responseis a JSON in the followingformat:{"ID":"R_<Unique OperationID>","message":"The UpdatePolicies operation started for thegroup of devices. See the Alertsbrowser for details. (ID:R_<Unique Operation ID>) "}

No Content


No Content

Consumes


Produces

• text/plain


70

Upload the DNS Key file to the specified devices

POST /mgmt/device/multi/config/dnskeyimport

Description

Uploads the DNS Key file to the specified devices.

Query parameters:id - The DNS Key unique identifier.type - The type of file; The value should be "zone" for DNS Key.passphrase - The password for the DNS keys encryption.The rest are application-specific parameters.

The body parameters are the file content as an octal stream, and the leading device and the device listinformation, as JSON string inside the form data.The following is an example of a request uploading a key with index "NewDNS", specified in the queryparameter, to the specified devices:

Path: https://VisionIP/mgmt/device/multi/config/dnskeyimport?id=NewDNS&type=zone&state=1&passphrase=radware&keysz=1024&hash=1&ttl=86400&exp=2419200&rollover=604800&sigval=604800&sigPUB=302400,The request body is in the following format:{Content-Disposition: form-data; name="Filedata"; filename="DNS_key_example.txt"Content-Type: application/octet-streamContent-Disposition: form-data; name="requestStringData"{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"]}

Parameters


BodyParameter


HeaderParameter


true ref


true ref

71

https://Vision


BodyParameter



true string

Responses


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The Upload DNSKEY as File operation started forthe group of devices. (ID:R_<Unique Operation ID>) "}

No Content


No Content

Consumes


Produces

• text/plain


Get Capture Files from Alteon Devices

POST /mgmt/device/multi/config/getcapturefile

Description

Retrieves the capture files from the several Alteon devices and sends them as archive to the clientcomputer.

72

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref

Responses



No Content


No Content

Produces


Export Server Policy from several devices

POST /mgmt/device/multi/config/getservertemplate

Description

Error case:

If the Server Protection policy was created but the Update Policies operation was not yet performed on

73

the DefensePro device, an error message is returned

Configuration template import failed due to validation error. Import of server failed. The name ofthe server is invalid.

The following is an example of a request to export a server protection configuration template from theDefensePro device to the APSolute Vision database:

https://VisionIP/mgmt/device/multi/config/getservertemplate?ServerName=DC_FTP_Servers&ExportConfiguration=on&ExportBaselineHttp=on&saveToDb=true&fileName=172.16.22.21_DC_FTP_Servers_2015.11.17_17.23.55

Query parameters:

ServerName – The name of the Server Protection policy.ExportConfiguration - Flag to indicate whether to export the configuration. Values: on / off.ExportBaselineHttp - Flag to indicate whether to export the HTTP baseline. Values: on / off.saveToDb - Flag to indicate whether to save the template to the APSolute Vision database, or to thelocal OS. Values: true / false. Use "true" to store the file in the APSolute Vision database. use "false" tostore it on the local OS.fileName - The name of the file to be stored in APSolute Vision database. Additionally this name can beused for importing or deleting the configuration template from the device.

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref

Responses



No Content

74

https://Vision



No Content

Produces



Manage vADC List

POST /mgmt/device/multi/config/manage

Description

Adds a list of vADC devices to APSolute Vision management.Error cases:

If one of the specified device names already exists in the Vision server, the APSolute Vision serverreturns the following error: Node name in the tree must be unique. Please enter another name.(ID:M_00023)

If the specified device IP addresses is already used by another device connected to the APSolute Visionserver, the APSolute Vision server returns the error: Device with IP Address [Device IP Address]already exists, please use a different IP Address. (ID:M_00302) (ID:M_00023)

The following is an example of a request to add the specified vADC devices to APSolute Vision:

Path: https://Vision IP/mgmt/device/multi/config/manage,The request JSON is in the following format:{"cliPassword":"admin","cliPort":"22","cliUsername":"admin","cliPassword":"admin","exclusivelyReceiveDeviceEvents":"false","httpPassword":"admin","httpPort":"80","httpsPassword":"admin","httpsPort":"443",

75

https://Vision

"httpsUsername":"admin","httpUsername":"admin","managementIp":"172.16.62.62","registerDeviceEvents":"true","siteName":"Default","snmpV2ReadCommunity":"public","snmpV2WriteCommunity":"private","snmpVersion":"SNMP_V2","type":"Alteon","verifyHttpsCredentials":"true","createDeviceDtoList":["deviceIP":"172.16.162.1","deviceName" : "172.16.62.62_vADC-1"},{"deviceIP" :"172.16.162.2","deviceName" : "172.16.62.62_vADC-2"}],}

Parameters


BodyParameter

body false string

PathParameter uriInfo Request URI. true ref

BodyParameter


Responses



No Content


No Content

76

Consumes


Produces

• text/plain


Upload Certificate to Device List

POST /mgmt/device/multi/config/sslcertimport

Description

Uploads certificate file to the specified devices.

Query parameters:id - The certificate unique identifier.type - The type of file; Possible values are "key" for SSL key; "cert" for certificate; "req" for certificaterequest; "p12" for certificate and key; "interm" for intermediate certificate.passphrase - The password for the private keys encryption.src - Source type. Possible values are "txt" or "file". In this case, the value should be "file".

Body parameters are the file content as an octal stream, and the leading device, and the device listinformation as JSON string inside the form data.The following is an example of a request to upload a key with index "888" ,specified in the queryparameter, to the specified devices:

Path: https://VisionIP/mgmt/device/multi/config/sslcertimport?id=888&type=key&passphrase=radware&src=file,The request body is in the following format:{Content-Disposition: form-data; name="Filedata"; filename="13.key"Content-Type: application/octet-streamContent-Disposition: form-data; name="requestStringData"{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"]}

Parameters

77

https://Vision


BodyParameter


HeaderParameter


true ref


true ref

BodyParameter



true string

Responses


200 On success, of the operation onthe leading device, the responseis a JSON in the followingformat:{"ID":"R_<Unique OperationID>","message":"The UploadCertificate as File operationstarted for the group of devices.(ID: R_<Unique Operation ID>) "}

No Content


No Content

Consumes


Produces

• text/plain


Upload Subdomains Whitelist File to specified devices

78

POST /mgmt/device/multi/config/whitelistimport

Description

Uploads the Subdomains Whitelist file to specified devices.

Query parameters:policyName - The Network Protection policy for which you want to apply actions on the SubdomainsWhitelist.clearBeforeImport - This parameter specifies whether to clear the existing Subdomains Whitelistentries before importing the Subdomains Whitelist file.The body parameters are the file content as an octal stream, and the leading device and the device listinformation, as JSON string inside the form data.The following is an example of a request uploading a key with index "NewDNS", specified in the queryparameter, to the specified devices:

Path: https://Vision IP/mgmt/device/multi/config/whitelist?policyName=yy&clearBeforeImport=off,The request body is in the following format:{Content-Disposition: form-data; name="Filedata"; filename="WhiteList.txt"Content-Type: application/octet-streamContent-Disposition: form-data; name="requestStringData"{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"]}

Parameters


BodyParameter


HeaderParameter


true ref


true ref

BodyParameter



true string

79

https://Vision

Responses


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The Upload DNSKEY as File operation started forthe group of devices. (ID:R_<Unique Operation ID>) "}

No Content


No Content

Consumes


Produces

• text/plain


Get Configuration Files from Devices

POST /mgmt/device/multi/config/getcfg

Description

Retrieves the configuration files from the several devices and sends them as archive to the clientcomputer.

Query parameters:saveToDb - Values: true, false. Default: false.includePrivateKeys - Possible values are "true" or "false". The default is "false".passphrase - The password for the private keys encryption. Relevant for "includePrivateKeys" value"true" only.

Parameters

80


BodyParameter

body false string

HeaderParameter


true ref


true ref

Responses



No Content


No Content

Produces


Perform Revert on Device List

POST /mgmt/device/multi/config/revert

Description

Activates the Revert action on each of the specified Alteon or LinkProof NG devices.The following is an example of a request to perform the Revert action on the specified Alteon devices:

Path: https://Vision IP/mgmt/device/multi/config/revert,The request JSON is in the following format:

81

https://Vision

{"deviceIpAddresses":["172.16.162.1","172.16.162.2"]}

Parameters


BodyParameter

body false string


BodyParameter


Responses


200 On operation start, the responseis a JSON in the followingformat:{"ID":"R_<Unique OperationID>","message":"The revertoperation started for the groupof devices. See the Alertsbrowser for details. (ID:R_<Unique Operation ID>) "}

No Content


No Content

Consumes


Produces

• text/plain


Perform Revert Apply on Device List

82

POST /mgmt/device/multi/config/revertApply

Description

Reverts the applied configuration for each of the specified Alteon or LinkProof NG devices.The following is an example of a request reverting the applied configuration for the specified Alteondevices:

Path: https://Vision IP/mgmt/device/multi/config/revertApply,The request JSON is in the following format:{"deviceIpAddresses":["172.16.162.1","172.16.162.2"]}

Parameters


BodyParameter

body false string


BodyParameter


Responses


200 On operation start, the responseis a JSON in the followingformat:{"ID":"R_<Unique OperationID>","message":"The revertoperation started for the groupof devices. See the Alertsbrowser for details. (ID:R_<Unique Operation ID>) "}

No Content


No Content

83

https://Vision

Consumes


Produces

• text/plain


Get Capture Files from DefensePro Devices

POST /mgmt/device/multi/config/getcapture

Description

Retrieves the capture files from the several DefensePro devices and sends them as archive to the clientcomputer.

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref

Responses



No Content

84



No Content

Produces


Delete Table Row from Device List

DELETE /mgmt/device/multi/config/{tableName}/{indexes : .+}

Description

Deletes a row from the leading device table and from the table on all specified devices.Error cases:

If the wrong index is specified in the path, the APSolute Vision server returns the error from a leadingdevice.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request to delete a row with index "Test" (specified in the pathparameter) from the "Network Protection Policies" table:

Path: https://Vision IP/mgmt/device/multi/config/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{


The following is an example of a request deleting a row with the indexes "Test", "1', "Risk", "High",specified in the path parameters, from the "Signature Profile" table:


The request JSON is in the following format:{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"]

85

https://Vision

https://Vision

}

The following is an example of a request deleting a row with the index "Entry1", specified in the pathparameters, from the "White List" table:



Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref


true string


true string

BodyParameter


true string

Responses

86

https://Vision


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The delete tablerow operation started for thegroup of devices.(ID: R_<UniqueOperation ID>) "}

No Content


No Content

Consumes


Produces


Edit Table Row on Device List

PUT /mgmt/device/multi/config/{tableName}/{indexes : .+}

Description

Updates a row in the device table on the leading device and on all specified devices.Error cases:

If wrong column data is specified in the JSON body, the APSolute Vision server returns the error from aleading device.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.

The following is an example of a request updating a row with index "Test" (specified in the pathparameter) to the "Network Protection Policies" table:

Path: https://Vision IP/mgmt/device/multi/config/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{{"leadingDeviceIp": "172.16.22.46",

87

https://Vision

"deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"],"requestData": {"rsIDSNewRulesStateTwo": "1","rsIDSNewRulesName": "Test""rsIDSNewRulesInstanceIdTwo": "0""rsIDSNewRulesPortmask": """rsIDSNewRulesInstanceIdTwo": "1""rsIDSNewRulesDirection": "1""rsIDSNewRulesVlanTagGroup": """rsIDSNewRulesMPLSRDGroup": """rsIDSNewRulesProfileNetfloodThree": """rsIDSNewRulesProfileDNSThree": """rsIDSNewRulesProfileAppsecThree": """rsIDSNewRulesProfileConlmt": """rsIDSNewRulesProfileSynprotectionThree": """rsIDSNewRulesActionTwo": "1"}}

The following is an example of a request updating a row with the index "Test", specified in the pathparameters, to the "Signature Profile" table:



The following is an example of a request updating a row with the index "Entry1", specified in the pathparameters, to the "White List" table:


The request JSON is in the following format:{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"],"requestData": {"rsNewWhiteListAction": "Test""rsNewWhiteListAllModules": "1""rsNewWhiteListDescriptionTwo": "Attach White List Entry""rsNewWhiteListDirection": "1"

88

https://Vision

https://Vision

"rsNewWhiteListDstNetwork": "SG4""rsNewWhiteListDstPortGroup": "rtsp""rsNewWhiteListHttpFloodModuleTwo": "1""rsNewWhiteListName": "Entry1""rsNewWhiteListProtocol": "0""rsNewWhiteListServerCrackingModuleTwo": "1""rsNewWhiteListSignatureModuleTwo": "1""rsNewWhiteListSrcNetwork": "SG2""rsNewWhiteListSrcPortGroup": "msn""rsNewWhiteListState": "1""rsNewWhiteListSynModuleTwo": "1"}}

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref


true string


true string

BodyParameter


true string

Responses

89


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The updatetable row operation started forthe group of devices.(ID:R_<Unique Operation ID>) "}

No Content


No Content

Consumes


Produces


Add Table Row to Device List

POST /mgmt/device/multi/config/{tableName}/{indexes : .+}

Description

Adds a row to a device table on the leading device and on the specified devices.Error cases:

If wrong columns data is specified in the JSON body, the APSolute Vision server returns the error froma leading device.If the path parameter is not provided, the HTTP 500 error code is returned with the error message.


Path: https://Vision IP/mgmt/device/multi/config/rsIDSNewRulesTable/Test/,The request JSON is in the following format:{{"leadingDeviceIp": "172.16.22.46",

90

https://Vision

"deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"],"requestData": {"rsIDSNewRulesStateTwo": "1","rsIDSNewRulesName": "Test""rsIDSNewRulesInstanceIdTwo": "0""rsIDSNewRulesPortmask": """rsIDSNewRulesInstanceIdTwo": "1""rsIDSNewRulesDirection": "1""rsIDSNewRulesVlanTagGroup": """rsIDSNewRulesMPLSRDGroup": """rsIDSNewRulesProfileNetfloodThree": """rsIDSNewRulesProfileDNSThree": """rsIDSNewRulesProfileAppsecThree": """rsIDSNewRulesProfileConlmt": """rsIDSNewRulesProfileSynprotectionThree": """rsIDSNewRulesActionTwo": "1"}}






The request JSON is in the following format:{"leadingDeviceIp": "172.16.22.46","deviceIpAddresses":["172.16.22.44","172.16.22.43","172.16.22.42"],"requestData": {"rsNewWhiteListAction": "Test""rsNewWhiteListAllModules": "1""rsNewWhiteListDescriptionTwo": "Attach White List Entry""rsNewWhiteListDirection": "1"

91

https://Vision

https://Vision

"rsNewWhiteListDstNetwork": "SG4""rsNewWhiteListDstPortGroup": "rtsp""rsNewWhiteListHttpFloodModuleTwo": "1""rsNewWhiteListName": "Entry1""rsNewWhiteListProtocol": "0""rsNewWhiteListServerCrackingModuleTwo": "1""rsNewWhiteListSignatureModuleTwo": "1""rsNewWhiteListSrcNetwork": "SG2""rsNewWhiteListSrcPortGroup": "msn""rsNewWhiteListState": "1""rsNewWhiteListSynModuleTwo": "1"}}

Parameters


BodyParameter

body false string

HeaderParameter


true ref


true ref


true string


true string

BodyParameter


true string

Responses

92


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_<Unique OperationID>","message":"The create tablerow operation started for thegroup of devices.(ID: R_<UniqueOperation ID>) "}

No Content


No Content

Consumes


Produces


Update Scalar on Device List

PUT /mgmt/device/multi/config

Description

Updates single variable (scalar) values on the leading device and on all specified devices.Error condition regarding the leading device:

If the wrong variable values are specified in the JSON body, the APSolute Vision server returns deviceerror message.

Error condition regarding the remaining devices:

If the wrong variable values are specified in the JSON body, the device error message will appear in thesummarizing message on the client and in the summarizing alert.

The following is an example of a request to update variable (scalar) values on the leading device andon all specified devices:

Path: https://Vision IP/mgmt/device/multi/config/,The request JSON is in the following format:

93

https://Vision

{"leadingDeviceIp": "172.16.162.7","deviceIpAddresses":["172.16.162.1","172.16.162.2","172.16.162.4"],"requestData": {"agMgmtNewCfgRadius": "1","agMgmtNewCfgTacacs": "2","agMgmtNewCfgSyslog": "2","agMgmtNewCfgSnmp": "2","agMgmtNewCfgTftp": "2","agMgmtNewCfgReport": "2"}}

Parameters


BodyParameter

body false string

HeaderParameter

headers Originalrequest HTTPheaders.

true ref

BodyParameter


Responses


200 On success, of the operation onleading device, the response is aJSON in the following format:{"ID":"R_22886","message":"Theupdate scalars operation startedfor the group of devices. (ID:R_22886) "}

No Content


No Content

Consumes


94

Produces


Perform Save on Device List

POST /mgmt/device/multi/config/save

Description

Activates the Save action on each of the specified Alteon or LinkProof NG devices.The following is an example of a request to perform the Save action on the specified Alteon devices:

Path: https://Vision IP/mgmt/device/multi/config/save,The request JSON is in the following format:{"deviceIpAddresses":["172.16.162.1","172.16.162.2"]}

Parameters


BodyParameter

body false string


BodyParameter


Responses


200 On operation start, the responseis a JSON in the followingformat:{"ID":"R_<Unique OperationID>","message":"The saveoperation started for the groupof devices. See the Alertsbrowser for details. (ID:R_<Unique Operation ID>) "}

No Content

95

https://Vision



No Content

Consumes


Produces

• text/plain


Perform Apply on Device List

POST /mgmt/device/multi/config/apply

Description

Activates the Apply action on each of the specified Alteon or LinkProof NG devices.The following is an example of a request to perform the Apply action on the specified Alteon devices:

Path: https://Vision IP/mgmt/device/multi/config/apply,The request JSON is in the following format:{"deviceIpAddresses":["172.16.162.1","172.16.162.2"]}

Parameters


BodyParameter

body false string


BodyParameter


96

https://Vision

Responses


200 On operation start, the responseis a JSON in the followingformat:{"ID":"R_<Unique OperationID>","message":"The applyoperation started for the groupof devices. See the Alertsbrowser for details. (ID:R_<Unique Operation ID>) "}

No Content


No Content

Consumes


Produces

• text/plain


Get White List Files from Devices

POST /mgmt/device/multi/config/whitelistexport

Description

Retrieves the White List files from the several devices and sends them as archive to the clientcomputer.

Parameters


BodyParameter

body false string

97


HeaderParameter


true ref


true ref

Responses



No Content


No Content

Consumes


Produces



General-SystemAdminScripts

Get Admin Script Source

GET /mgmt/system/adminscripts/{scriptname}/source

98

Description

Gets the source of a specified administrative script.

Parameters


PathParameter scriptname The scriptname.Example:ADC_Create_Users.vm

true string

Responses


200 Admin Script Source file No Content

Produces


Execute Admin Script

POST /mgmt/system/adminscripts/{scriptname}/active/

Description

Source template_parameters

Parameters


BodyParameter

body false string

QueryParameter

requireDeviceLock

false string


true string

99


BodyParameter

requestBody The scriptparameters.This API is gettingvDirecttemplate APIparameterstructure. It isadvised to usethe V2 APIinstead of thisone.Foradditionalinformation,please refer tothe vDirectREST APIdocumentation.

true string

Responses


200 On success, the response is aJSON in the following format:{"message":"M_01310: TheAdmin Script task operationstarted. (ID: R_7)","ID":"R_7"}

No Content

Consumes

• text/plain


Produces

• text/plain


Get Admin Script

GET /mgmt/system/adminscripts/{scriptname}

100

Description

Gets a specified administrative script.

Parameters



true string

Responses


200 success AdminScriptPojo

Produces


Get Admin Scripts

GET /mgmt/system/adminscripts

Description

Gets all the administrative scripts.

Parameters


QueryParameter

filter false string

Responses


200 success AdminScriptPojo array

101

Produces


General-SystemAdminScriptsV2

Get Admin Scripts

GET /system/v2/adminscripts

Description

Gets all the administrative scripts.

Parameters


QueryParameter

filter false string

Responses



Produces


Execute Admin Script

POST /system/v2/adminscripts/{scriptname}/active/

Description

Source template_parameters

Parameters


BodyParameter

body false string

102


QueryParameter

requireDeviceLock

false string


true string

BodyParameter

requestBody The scriptparameters.Foradditionalinformation,please refer tothe vDirectREST APIdocumentation.

true string

Responses


200 On success, the response is aJSON in the following format:{"message":"M_01310: TheAdmin Script task operationstarted. (ID: R_7)","ID":"R_7"}

No Content

Consumes

• text/plain


Produces

• text/plain


Get Admin Script Source

GET /system/v2/adminscripts/{scriptname}/source

103

Description

Gets the source of a specified administrative script.

Parameters



true string

Responses


200 Admin Script Source file No Content

Produces


Get Admin Script

GET /system/v2/adminscripts/{scriptname}

Description

Gets a specified administrative script.

Parameters



true string

Responses


200 success AdminScriptPojo

104

Produces


General-SystemConfig

Upload Policy Template to Server

POST /mgmt/system/config/action/uploadtemplate

Description

Uploads a DefensePro configuration template to the APSolute Vision server

Parameters


BodyParameter


HeaderParameter

headers Originalrequest HTTPheaders

true ref

QueryParameter

uriInfo Request URI true ref

BodyParameter


The file bytesas multipart.

true MultipartFormDataInput

Responses


200 On success, the response is aJSON in the following format{"status": "ok", "jsessionid":"sessionid"}

No Content

500 On failure, the response is aJSON in the following format{"status": "error", "message":"<Message>" …}

No Content

Consumes


105

Produces


Perform Action

POST /mgmt/system/config/action/{actionName}

Description

Performs an action via the APSolute Vision server.Supported actions are:"Uploads the DefensePro configuration template to DefensePro devices";"Register the APSolute Vision server to receive notifications from a group of devices"

Parameters


BodyParameter

body false string

HeaderParameter

headers Originalrequest HTTPheaders

true ref

QueryParameter

uriInfo Request URI true ref

PathParameter actionName Action name:"importtemplatelist""eventregister"

true string

106


BodyParameter

requestBody The JSON bodyof the requestis in thefollowingformat

{"deviceIpAddresses":["<IP Address>","IP Address", …],"templateNames":["<FirstTemplateName>,…,<N-th TemplateName> "]}

true string

Responses


200 The operation is performed inthe background after the successresponse is returned as a JSONin the following format{"message":"The DefenseProTemplate List Import operationstarted for the group of devices.See the Alerts browser fordetails. (ID:R_32850)","ID":"32850"}

No Content


No Content

Produces

• application/json;charset=utf-8

107

General-SystemConfigItemList

Get Alerts

GET /mgmt/system/config/itemlist/alert

Description

Retrieves APSolute Vision alerts (alerts from the APSolute Vision Alert Browser).

Caution: The command can retrieve alerts only from the newest 10,000 alerts that match the filtercriteria. The filter criteria and the rate at which you run this command must be sufficiently refinedand frequent so that the response contains fewer than 10,000 alerts.

The following is an example of a request for retrieving the APSolute Vision alerts:

"Path: https://VisionIP/mgmt/system/config/itemlist/alert?page=1&filter=module:DEVICE_GENERAL,deviceType:DEFENSE_PRO,severity:MAJOR,raisedTime:2015-05-04 07:00:00&filtertype=any&maxrows=50

The following is a response example:

"alerts": [50]{"dbId": 3563"module": "DEVICE_GENERAL""deviceType": "DEFENSE_PRO""severity": "MAJOR""raisedTime": 1430657303000"message": "User radware failed uploading file Signature to device DP 91 - 6.12 - 172.16.22.91.""userName": "radware""deviceOrmId": "2c9127b84d18d4e9014d18e83fcf005f""deviceIp": "172.16.22.91""deviceName": "DP 91 - 6.12""trapSid": null"port": null"cleared": false"clearedTime": null"acknowledged": false"acknowledgedTime": null"mailed": false"repeatedMessageKey": null"originatedFromAnAuditMessage": false"messageAsOneLineString": "User radware failed uploading file Signature to device DP 91 - 6.12 -

108

https://Vision

172.16.22.91.""}"1": {"dbId": 3537"module": "DEVICE_GENERAL""deviceType": "DEFENSE_PRO""severity": "MAJOR""raisedTime": 1430657177000"message": "User radware failed uploading file Signature to device DP 91 - 6.12 - 172.16.22.91.""userName": "radware""deviceOrmId": "2c9127b84d18d4e9014d18e83fcf005f""deviceIp": "172.16.22.91""deviceName": "DP 91 - 6.12""trapSid": null"port": null"cleared": false"clearedTime": null"acknowledged": false"acknowledgedTime": null"mailed": false"repeatedMessageKey": null"originatedFromAnAuditMessage": false"messageAsOneLineString": "User radware failed uploading file Signature to device DP 91 - 6.12 -172.16.22.91."}]

Parameters


QueryParameter

page Number of thealert page.

false ref

QueryParameter

props Column namesto be retrieved.When thisoptionalparameter isnot specified,all columnsfrom the"Alert" tableare returned.

false ref

109


QueryParameter

filter Filter stringwhich iscomposedfrom any of thefollowingparts:

module - Thealert type,which can beone of thefollowing:DEVICE_SECURITY - Securityalerts from adevice.DEVICE_GENERAL - Alertsfrom thedevice whentheconfigurationchanges oruser connectsto device.INSITE_GENERAL - APSoluteVision alerts.INSITE_CONFIGURATION -APSoluteVisionconfigurationalerts.INSITE_CONTROL - APSoluteVision alerts.

deviceType -The devicetype(s) inAPSoluteVision:DEFENSE_PRO,LINKPROOF,ALTEON,APPWALL,DEFENSE_FLOW,

false ref

110


QueryParameter

filtertype Filter type.Values:exact -Requires thefull match ofthe providedfilter for themessage field.any - Requiresinclusion of thespecified filterfor themessage field.The number ofresults islimited to 300.Exceeding thelimit results inan error. Thefilter resultwith the dateparameter,"raisedTime",is always "laterthan"(regardless ofthe specifiedfilter type).

false ref

QueryParameter

maxrows Maximumnumber ofrows to return.

false ref

Responses


200 success AlertsInfoDto array


No Content

Produces


111

Get Alteon Devices

GET /mgmt/system/config/itemlist/alteon

Responses


200 success ThinDeviceTransformerDTOarray

Produces


Get Alert Profiles

GET /mgmt/system/config/itemlist/alertprofile

Description

Gets list of all the Alert Profiles

Responses


200 success AlertProfilePojo array

Produces


Create Alert Profile

POST /mgmt/system/config/itemlist/alertprofile

Description

Creates a new Alert Profile

Parameters

112


BodyParameter

body false string

BodyParameter

requestBody application/json

true AlertProfilePojo

Responses


200 On success, the response is aJSON in the following format{"status": "ok"}

No Content

Consumes


Produces


Get Alert Rules

GET /mgmt/system/config/itemlist/alertrule

Description

Gets list of all the Alert Rules

Responses


200 success AlertRulePojo array

Produces


Create Alert Rule

113

POST /mgmt/system/config/itemlist/alertrule

Description

Creates a new Alert Rule

Parameters


BodyParameter

body false string

BodyParameter


true AlertRulePojo

Responses



No Content

Consumes


Produces


Create SNMP Trap Target

POST /mgmt/system/config/itemlist/snmptraptarget

Description

Creates a new SNMP Trap Target.

Parameters

114


BodyParameter

body false string

BodyParameter


true SNMPTrapTargetPojo

Responses



No Content

Consumes


Produces


Get Toolbox Scripts

GET /mgmt/system/config/itemlist/toolbox

Description

Gets all toolbox scripts users.

Parameters


QueryParameter

assigntodashboard

If set to 'true',the OperatorToolbox scriptsassigned todashboard arereturned.

true string

115


QueryParameter

assigntotoolbar If set to 'true',the OperatorToolbox scriptsassigned todevice toolbarare returned.

true string

Responses



Produces


Get Alert Rule

GET /mgmt/system/config/itemlist/alertrule/{id}

Description

Gets a specific Alert Rule

Parameters


PathParameter id Item ID(ormID)retrieved fromthe APSoluteVision server.

true string

Responses


200 success AlertRulePojo

Produces


116

Update Alert Rule

PUT /mgmt/system/config/itemlist/alertrule/{id}

Description

Updates an existing Alert Rule

Parameters


BodyParameter

body false string


true string

BodyParameter


true AlertRulePojo

Responses



No Content

Consumes


Produces


Get Local User

GET /mgmt/system/config/itemlist/user/{id}

117

Description

Gets a specific local user.

Parameters



true string

Responses


200 success UserPojo

Produces


Update Local User

PUT /mgmt/system/config/itemlist/user/{id}

Description

Updates an existing local user.

Parameters


BodyParameter

body false string


true string

BodyParameter


true UserPojo

118

Responses



Consumes


Produces


Get Managed Device List

GET /mgmt/system/config/itemlist/alldevices

Description

Retrieves the list of managed devices.

Responses


200 success ThinSiteTransformerDTO array

500 On failure, the response is aJSON in the following format{"status": "error","message": "Message Text"}

No Content

Produces


Get Local Users

GET /mgmt/system/config/itemlist/user

Description

Gets all local users.

119

Parameters


QueryParameter

filter false string

Responses


200 success UserPojo array

Produces


Create Local User

POST /mgmt/system/config/itemlist/user

Description

Creates a new local user.

Parameters


BodyParameter

body false string

BodyParameter


true UserPojo

Responses



No Content

Consumes


120

Produces


Get AppWall Devices

GET /mgmt/system/config/itemlist/appwall

Responses



Produces


Get Alert Profile

GET /mgmt/system/config/itemlist/alertprofile/{id}

Description

Gets a specific Alert Profile

Parameters



true string

Responses


200 success AlertProfilePojo

Produces


121

Update Alert Profile

PUT /mgmt/system/config/itemlist/alertprofile/{id}

Description

Updates an existing Alert Profile

Parameters


BodyParameter

body false string


true string

BodyParameter



Responses



No Content

Consumes


Produces


Delete an Item from the Server

DELETE /mgmt/system/config/itemlist/{item}/{id}

122

Description

Deletes an APSolute Vision item from the list.

Supported item types:

"user" - APSolute Vision local user."deviceconfigurationfiles" - Device configuration file downloaded and stored on APSolute Vision."alltemplates" - DefensePro configuration templates downloaded and stored on APSolute Vision.

Parameters


PathParameter item Item type. Seethe commanddescription forthe list ofsupportedtypes.

true string


true string

Responses



No Content

Produces


Get Logical Groups

GET /mgmt/system/config/itemlist/logicalgroups

Description

Gets list of all the Logical Groups

123

Responses


200 success ThinLogicalGroupDto array

Produces


Get LinkProof NG Devices

GET /mgmt/system/config/itemlist/linkproofng

Responses



Produces


Download Policy Templates from Server

GET /mgmt/system/config/itemlist/alltemplates

Description

Retrieves DefensePro configuration templates from the APSolute Vision server.

Query parameter:"filter" - Filter to retrieve the data.Filter parts:exportedFileType - The type of exported objects. Values: SERVER_PROTECTION_TEMPLATE,NETWORK_PROTECTION_TEMPLATEfiltertype - The type of filter.Values: "exact" - Requires the full match of the provided filterany- Requires inclusion of the provided filterFilter example:"exportedFileType:SERVER_PROTECTION_TEMPLATE&filtertype=exact&filterRange=700"

124

Parameters


QueryParameter

filter Filter used forretrieving ofDefenseProconfigurationtemplates.

true string

Responses


200 success DeviceExportedFile array

500 On failure, the response is aJSON in the following format{"status": "error","message": "Message Text".}

No Content

Produces


Get DefensePro Devices

GET /mgmt/system/config/itemlist/defensepro

Responses



Produces


Get Alerts By TrapIds

GET /mgmt/system/config/itemlist/alertbytrapids

125

Description

Retrieves APSolute Vision alerts (alerts from the APSolute Vision Alert Browser) by trapsids.

The following is an example of a request for retrieving the APSolute Vision alerts by trapsids:

"The following is a response example:

"alerts": [50]{"dbId": 3563"module": "DEVICE_GENERAL""deviceType": "DEFENSE_PRO""severity": "MAJOR""raisedTime": 1430657303000"message": "User radware failed uploading file Signature to device DP 91 - 6.12 - 172.16.22.91.""userName": "radware""deviceOrmId": "2c9127b84d18d4e9014d18e83fcf005f""deviceIp": "172.16.22.91""deviceName": "DP 91 - 6.12""trapSid": null"port": null"cleared": false"clearedTime": null"acknowledged": false"acknowledgedTime": null"mailed": false"repeatedMessageKey": null"originatedFromAnAuditMessage": false"messageAsOneLineString": "User radware failed uploading file Signature to device DP 91 - 6.12 -172.16.22.91.""}"1": {"dbId": 3537"module": "DEVICE_GENERAL""deviceType": "DEFENSE_PRO""severity": "MAJOR""raisedTime": 1430657177000"message": "User radware failed uploading file Signature to device DP 91 - 6.12 - 172.16.22.91.""userName": "radware""deviceOrmId": "2c9127b84d18d4e9014d18e83fcf005f""deviceIp": "172.16.22.91""deviceName": "DP 91 - 6.12""trapSid": null"port": null

126

"cleared": false"clearedTime": null"acknowledged": false"acknowledgedTime": null"mailed": false"repeatedMessageKey": null"originatedFromAnAuditMessage": false"messageAsOneLineString": "User radware failed uploading file Signature to device DP 91 - 6.12 -172.16.22.91."}]

Parameters


QueryParameter

trapsids false string

QueryParameter

page false string

QueryParameter

size false string

Responses




No Content

Produces


General-SystemConfigTree

Lock Device

POST /mgmt/system/config/tree/device/byip/{ip}/lock

127

Description

Locks the device in the APSolute Vision server.

Parameters


PathParameter ip IP address ofthe device tolock.

true ref

Responses


200 No Content


No Content

402 Device cannot be locked. Thenumber of devices managed byAPSolute Vision exceeds thenumber of permitted devices inthe installed RTU license.

No Content

Consumes


Get Logical Groups

GET /mgmt/system/config/tree/logicalgroups

Description

Gets list of all the Logical Groups

Responses


200 success LogicalGroupDtoContainerPojo

128

Produces


Get Site by Name

GET /mgmt/system/config/tree/site/byname/{name}

Description

Get a site by a specified name.

Parameters


PathParameter name true string


true string

Responses


200 success SitePojo

Produces


Get Device Data

GET /mgmt/system/config/tree/device/byip/{ip}

Description

Retrieves device information, device properties, and status from the APSolute Vision server.

Parameters

129


PathParameter ip The IP addressof themanageddevice.

true ref

Responses


200 success Device


No Content

Produces


Delete Logical Group by Id

DELETE /mgmt/system/config/tree/logicalgroup/byid/{id}

Description

Deletes the Logical Group by a specified item ID(ormID)

Parameters



true string

130


QueryParameter

promptUser true - if userneeds to bealerted fornon-emptyLogical Group,false -otherwise

true boolean

Responses


200 On success, the response is aJSON in the following format{"status": "ok""message": "Message Text…"}

No Content

Produces


Get Logical Group by Id

GET /mgmt/system/config/tree/logicalgroup/byid/{id}

Description

Gets the Logical Group by a specified item ID(ormID).

Parameters



true string

Responses


200 success LogicalGroupPojo

131

Produces


Delete Logical Group by name

DELETE /mgmt/system/config/tree/logicalgroup/byname/{name}

Description

Deletes the Logical Group by a specified name

Parameters


PathParameter name Item ID(ormID)retrieved fromthe APSoluteVision server.

true string

Responses



No Content

Produces


Get Logical Group by Name

GET /mgmt/system/config/tree/logicalgroup/byname/{name}

Description

Get a Logical Group by a specified name.

132

Parameters


PathParameter name true string


true string

Responses


200 success LogicalGroupPojo

Produces


Unlock Device

POST /mgmt/system/config/tree/device/byip/{ip}/unlock

Description

Unlocks the device on the APSolute Vision server.

Parameters


PathParameter ip IP address ofthe device tounlock.

true ref

Responses



No Content

133


500 On failure, the response is aJSON in the following format{"status": "error","message": "Message Text"}

No Content

Consumes


Update Logical Group

PUT /mgmt/system/config/tree/logicalgroup

Description

Updates a new Logical Group

Parameters


BodyParameter

body false string

BodyParameter


true LogicalGroupPojo

Responses


200 On success, the response is aJSON in the following format{"status": "ok""message": "Logical Groupupdated successfully"}

No Content

Consumes


134

Create Logical Group

POST /mgmt/system/config/tree/logicalgroup

Description

Creates a new Logical Group

Parameters


BodyParameter

body false string

BodyParameter


true LogicalGroupPojo

Responses


200 On success, the response is aJSON in the following format{"status": "ok""message": "Logical Groupcreated successfully"}

No Content

Consumes


Get Site by Id

GET /mgmt/system/config/tree/site/byid/{id}

Description

Gets the site by a specified item ID(ormID).

Parameters

135



true string

Responses


200 success SitePojo

Produces


Get Logical Groups

POST /mgmt/system/config/tree/logicalgroups/filter

Description

Gets list of all the Logical Groups based on the given filter criteria

Parameters


BodyParameter

body false string

BodyParameter

requestBody Map of keyvalue pair ofthe fields andvalues bywhich to filterthe LogicalGroups

true [Map]

Responses


200 success LogicalGroupDtoContainerPojo

136

Produces


Add Device to the Server

POST /mgmt/system/config/tree/device

Description

Adds a device to the APSolute Vision server.Error cases:

If the device name already exists on the APSolute Vision server, the server returns the error:"Nodename in the tree must be unique. Please enter another name. (ID:M_00023)"

If the device IP address is already used by another device connected to the APSolute Vision server, theserver returns the error:"Device with IP Address < IP address> already exists, please use a different IPAddress." (ID:M_00302) (ID:M_00023)

The following is an example of a request to add an Alteon device with IP address 1.1.1.1 to APSoluteVision:

Path: https://<Vision IP>/mgmt/system/config/tree/device,The request JSON is in the following format:{"deviceSetup":{"deviceAccess":{"cliPassword": "admin","cliPort": "22","exclusivelyReceiveDeviceEvents": "false","httpPassword": "admin","httpPort": "80","httpUsername": "admin","httpsPassword": "admin","httpsPort": "443","httpsUsername": "admin","managementIp": "1.1.1.1","registerDeviceEvents": "true","snmpV1ReadCommunity": "public","snmpV1WriteCommunity": "private","snmpV2ReadCommunity": "public","snmpV2WriteCommunity": "private",

137

https://<Vision

"snmpVersion": "SNMP_V2","verifyHttpsCredentials": "true"},},"name": "Alteon 1.1.1.1","parentOrmID": "303981ae4e7295d4014e7295e85d0015","type": "Alteon"}

You can retrieve the parent (site) orm id using the REST command:https://<VisionIP>/mgmt/system/config/tree/site/byname/<Device Name>The command for getting 'Site and Clusters' Tree root is:https://<VisionIP>/mgmt/system/config/tree/site/byname/DefaultThe command for getting 'Physical Containers' Tree root is:https://<VisionIP>/mgmt/system/config/tree/site/byname/Default (Physical)

For a vADC the physicalParentId (Physical container id) parameter is required.You can retrie this using the REST command:https://<VisionIP>/mgmt/system/config/tree/device/byname/<Device Name>

Parameters


BodyParameter

body false string

BodyParameter


true [DevicePojo]

Responses



Consumes


General-SystemMonitor

Get Alerts By TrapIds

GET /mgmt/system/monitor/itemlist/alertbytrapids

138

Description

Retrieves APSolute Vision alerts (alerts from the APSolute Vision Alert Browser) by trapsids.

The following is an example of a request for retrieving the APSolute Vision alerts by trapsids:

"The following is a response example:

"alerts": [50]{"dbId": 3563"module": "DEVICE_GENERAL""deviceType": "DEFENSE_PRO""severity": "MAJOR""raisedTime": 1430657303000"message": "User radware failed uploading file Signature to device DP 91 - 6.12 - 172.16.22.91.""userName": "radware""deviceOrmId": "2c9127b84d18d4e9014d18e83fcf005f""deviceIp": "172.16.22.91""deviceName": "DP 91 - 6.12""trapSid": null"port": null"cleared": false"clearedTime": null"acknowledged": false"acknowledgedTime": null"mailed": false"repeatedMessageKey": null"originatedFromAnAuditMessage": false"messageAsOneLineString": "User radware failed uploading file Signature to device DP 91 - 6.12 -172.16.22.91.""}"1": {"dbId": 3537"module": "DEVICE_GENERAL""deviceType": "DEFENSE_PRO""severity": "MAJOR""raisedTime": 1430657177000"message": "User radware failed uploading file Signature to device DP 91 - 6.12 - 172.16.22.91.""userName": "radware""deviceOrmId": "2c9127b84d18d4e9014d18e83fcf005f""deviceIp": "172.16.22.91""deviceName": "DP 91 - 6.12""trapSid": null"port": null

139

"cleared": false"clearedTime": null"acknowledged": false"acknowledgedTime": null"mailed": false"repeatedMessageKey": null"originatedFromAnAuditMessage": false"messageAsOneLineString": "User radware failed uploading file Signature to device DP 91 - 6.12 -172.16.22.91."}]

Parameters


QueryParameter

trapsids false string

QueryParameter

page false string

QueryParameter

size false string

Responses




No Content

Produces


Get Alerts

GET /mgmt/system/monitor/itemlist/alert

Description

Retrieves the APSolute Vision alerts from the alert browser.

140

Parameters


QueryParameter

page Number of thealert page,where thereare 50 alertsper page.

true ref

QueryParameter

props Column namesto be retrieved.When thisoptionalparameter isnot specified,all columnsfrom the"Alert" tableare returned.

true ref

Responses



500 On failure, the response is aJSON in the following format:{"status": "error","message": "Message Text"}

No Content

Produces


General-SystemUser

Server Login

POST /mgmt/system/user/login

Description

Logs in to APSolute Vision using the configured mechanism Local/TACACS+/RADIUS.

141

APSolute Vision REST API uses the standard HTTP session cookie mechanism.The successful login response returns the session ID that should be sent inside the cookie in eachsubsequent REST request.

The following is an example of request headers, including a cookie with session ID:

Request Headers

Accept: /Accept-Encoding: gzip, deflate, sdchAccept-Language: en-US,en;q=0.8,ru;q=0.6,he;q=0.4Connection: keep-aliveContent-Type: text/plain; charset=utf-8<b>Cookie: JSESSIONID=6C270E7CCC972D79873EFCD687AF8039</b>Host: 172.17.197.60User-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko)Chrome/42.0.2311.135 Safari/537.36

Parameters


BodyParameter

body JSON includingthe usernameand thepassword inthe form:{username:"user",password:"pass"}

true [text/json]

Responses


200 On successful login the responseis a JSON in the following format{"status": "ok","jsessionid": "sessionid"}

No Content

142


401 On unsuccessful login theresponse is a JSON in thefollowing format{"status": "error","message": "Invalid Username orinvalid Password. Re-enter."}

No Content

Consumes


Produces


Server Logout

POST /mgmt/system/user/logout

Responses


200 On successful logout, theresponse is a JSON in thefollowing format {"status": "ok"}

No Content

SecurityMonitoring-AttackDetails

Get Behavioral DoS Attack Details: Characteristics Section

POST /mgmt/monitor/security/dp/attacks/details/bdos/characteristics

Description

Retrieves the Behavioral DoS Attack Details: Characteristics tab.

Parameters

143


BodyParameter

body application/json

true DetailsRequest

HeaderParameter

JSESSIONID The uniqueuser sessionidentifierreturned uponsuccessfullogin.

true string

Responses


default success Characteristics

Produces


Get Behavioral DoS (TCP) Attack Details: Attack Statistics Chart Section

POST /mgmt/monitor/security/dp/attacks/details/bdos/statistics/tcp

Description

Retrieves the Behavioral DoS (TCP) Attack Details: Attack Statistics Chart tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses

144


default success Statistics

Produces


Get Sampled Data CSV File Token

POST /mgmt/monitor/security/dp/attacks/details/sample-data/csv

Description

Retrieves a token used to download the Sampled Data CSV file.Returns a token. To download the file, use /mgmt/monitor/security/dp/csv/download/{token}.

Parameters


BodyParameter


true GeneralRequest

HeaderParameter


true string

Responses


default success string

Produces

• application/text

Get Cracking Attack Details: Scan Details Section

POST /mgmt/monitor/security/dp/attacks/details/cracking/event

145

Description

Retrieves the Cracking Attack Details: Scan Details tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses


default success ProtectEvent

Produces


Get Anti-Scanning Attack Details: Info Section

POST /mgmt/monitor/security/dp/attacks/details/antiscanning/details

Description

Retrieves the Anti-Scanning Attack Details: Info tab.

Parameters


BodyParameter


true DetailsRequest

146


HeaderParameter


true string

Responses


default success AntiScanningDetails

Produces


Download Capture File

GET /mgmt/monitor/security/dp/attacks/details/capture/{attackIpsId}

Description

Downloads a capture file for the specified attack.

Parameters


QueryParameter

JSESSIONID true string

PathParameter attackIpsId The unique IDof the relatedattackinstance.

true string

Check Capture File Availability

POST /mgmt/monitor/security/dp/attacks/details/capture/{attackIpsId}

Description

Checks whether a capture file is available for the specified attack.

147

Parameters


PathParameter attackIpsId The unique IDof the relatedattackinstance.

true string

HeaderParameter


true string

Responses


default success boolean

Produces


Get Cracking Attack Details: Info Section

POST /mgmt/monitor/security/dp/attacks/details/cracking/details

Description

Retrieves the Cracking Attack Details: Info tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

148

Responses


default success BlockingDetails

Produces


Get Behavioral DoS Attack Details: Attack Statistics Graph Section

POST /mgmt/monitor/security/dp/attacks/details/bdos/statistics

Description

Retrieves the Behavioral DoS Attack Details: Attack Statistics Graph tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses


default success Statistics

Produces


Get Behavioral DoS Attack Details (TCP): Attack Statistics Table tab

POST /mgmt/monitor/security/dp/attacks/details/bdos/statistics/table/tcp

149

Description

Retrieves the Behavioral DoS (TCP) Attack Details: Attack Statistics Table tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Produces


Get DoS Attack Details: Info Section

POST /mgmt/monitor/security/dp/attacks/details/dos

Description

Retrieves the DoS Attack Details: Info tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses

150


default success Dos

Produces


Get Anti-Scanning Attack Details: Footprint Section

POST /mgmt/monitor/security/dp/attacks/details/antiscanning/footprint

Description

Retrieves the Anti-Scanning Attack Details: Footprint tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses


default success AntiScanningFootprint

Produces


Get Info Section, Region Field

POST /mgmt/monitor/security/dp/attacks/details/bdos/region

151

Description

Retrieves the Behavioral DoS Attack Details: Info tab, Region field.

Parameters


BodyParameter


true RegionRequest

HeaderParameter


true string

Responses



Produces


Get DNS Attack Details: Footprint Section

POST /mgmt/monitor/security/dp/attacks/details/dns/footprint

Description

Retrieves the DNS Attack Details: Footprint tab.

Parameters


BodyParameter


true DetailsRequest

152


HeaderParameter


true string

Responses


default success DnsFootprint

Produces


Get DNS Attack Details: Attack Statistics Table Section

POST /mgmt/monitor/security/dp/attacks/details/dns/statistics/table

Description

Retrieves the DNS Attack Details: Attack Statistics Table tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Produces


153

Get SYN Flood Attack Details: Info Section

POST /mgmt/monitor/security/dp/attacks/details/synflood

Description

Retrieves the SYN Flood Attack Details: Info tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses


default success SynFlood

Produces


Get Behavioral DoS Attack Details: Attack Statistics Table Section

POST /mgmt/monitor/security/dp/attacks/details/bdos/statistics/table

Description

Retrieves the Behavioral DoS Attack Details: Attack Statistics Table tab.

Parameters


BodyParameter


true DetailsRequest

154


HeaderParameter


true string

Responses


default success StatisticsTableRow array

Produces


Get Cracking Attack Protection Details

POST /mgmt/monitor/security/dp/attacks/details/cracking/attackDetails

Description

Retrieves the Cracking Attack Protection Details.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


Responses


default success ProtectDetails

Produces


155

Get DNS Attack Details: Attack Statistics Graph Section

POST /mgmt/monitor/security/dp/attacks/details/dns/statistics

Description

Retrieves the DNS Attack Details: Attack Statistics Graph tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses


default success DnsStatistics

Produces


Get HTTP Attack Details: Attack Statistics Table Section

POST /mgmt/monitor/security/dp/attacks/details/mgmt/monitor/security/dp/http/statistics

Description

Retrieves the HTTP Attack Details: Attack Statistics Table tab.

Parameters


BodyParameter


true DetailsRequest

156


HeaderParameter


true string

Responses


default success HttpStatistics array

Produces


Get HTTP Attack Details: Info Section

POST /mgmt/monitor/security/dp/attacks/details/mgmt/monitor/security/dp/http/info

Description

Retrieves the HTTP Attack Details: Info tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses


default success HttpFloodInfo

157

Produces


Get Anti-Scanning Attack Details: Scan Details Section

POST /mgmt/monitor/security/dp/attacks/details/antiscanning/events

Description

Retrieves the Anti-Scanning Attack Details: Scan Details tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses


default success EventSample array

Produces


Get Behavioral DoS Attack Details: Attack Sampled Data

POST /mgmt/monitor/security/dp/attacks/details/sample-data

Description

Retrieves the Attack Sampled Data. Required parameters: attackIpsId, start, count

158

Parameters


BodyParameter


true GeneralRequest

HeaderParameter


true string

Responses


default success DocumentationSampleDataResponse array

Produces


Get HTTP Attack Details: Blocked Users Section

POST /mgmt/monitor/security/dp/attacks/details/mgmt/monitor/security/dp/http/blocked

Description

Retrieves the HTTP Attack Details: Blocked Users tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

159

Responses


default success BlockedUser array

Produces


Get Behavioral DoS Attack Details: Footprint Section

POST /mgmt/monitor/security/dp/attacks/details/bdos/footprint

Description

Retrieve Behavioral DoS Attack Details: Footprint tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses


default success Footprint

Produces


Get : Characteristics Section

POST /mgmt/monitor/security/dp/attacks/details/dns/characteristics

160

Description

Retrieves the DNS Attack Details: Characteristics tab.

Parameters


BodyParameter


true DetailsRequest

HeaderParameter


true string

Responses


default success DnsCharacteristics

Produces


SecurityMonitoring-BDoS-Baseline-DefenseFlow

Get Behavioral DoS Traffic Monitoring Report, Statistics Table

POST /mgmt/monitor/security/df/protection/bdos/statistics

Description

Retrieves the Statistics Table

Parameters


HeaderParameter


BodyParameter


true DFProtectionSimpleRequest

161

Responses


default success DFBDosRealTimeEdge array

Produces


Get BDoS Traffic Monitoring Report, BDoS Traffic Statistics Section

POST /mgmt/monitor/security/df/protection/bdos/edge

Description

Retrieves the Suspected Edge and Attack Edge values.

Parameters


BodyParameter


true DFProtectionSimpleRequest

HeaderParameter


Responses


default success DFBDosRealTimeEdge array

Produces


SecurityMonitoring-CsvDownload

Download CSV File

GET /mgmt/monitor/security/dp/csv/download/{uid}

162

Description

The service receives a token and returns the CSV file. The Token to be used is the response of/mgmt/monitor/security/dp/attacks/csv.

Parameters


PathParameter uid Taken from theresponse of/mgmt/monitor/security/dp/attacks/csv

true string

Produces


SecurityMonitoring-Devices

Get Device Properties for Monitored Device List

POST /mgmt/monitor/security/dp/devices/

Description

Retrieves full device information regarding devices that provide security monitoring information.Request: array of deviceId, Response: Map[deviceId, Device]

Parameters


HeaderParameter


true string

BodyParameter

body true string array

Responses

163


default success DeviceMapResponse

Produces


Get Basic Device Properties for Monitored Device List

GET /mgmt/monitor/security/dp/devices/all

Description

Retrieves the basic information regarding devices that provide security monitoring information.The values of ports and policies in this service are empty. To retrieve full data use the service /devices.

Parameters


HeaderParameter


true string

Responses


default success Device array

Produces


SecurityMonitoring-DnsTopTalkersMonitoring

Get the Top-10 FQDNs for a specified period

POST /dns/topfqdn

164

Description

Gets the 10 FQDNs that have the highest hit count for a specified period.

Parameters


BodyParameter


true NetworkFqdnRequest

HeaderParameter


true string

Responses


default success TopTalkerTotalHitsValue array

Produces


Get the FQDN hit-count trend

POST /dns/topfqdn/{name}

Description

Gets the hit count for a single FQDN over time.

Parameters


BodyParameter


true NetworkFqdnRequest

165


HeaderParameter


true string

PathParameter name The domainfully qualifiedname (FQDN).

true string

Responses


default success TopTalkerTotalHitsValue array

Produces


SecurityMonitoring-HttpReports

Get HTTP Request Size Distribution Reports

POST /mgmt/monitor/security/dp/http/distribution

Description

Retrieves the HTTP Request Size Distribution report.

Parameters


HeaderParameter


true string

BodyParameter


true ReportRequest

166

Responses


default success com.radware.novis.dp.model.http.distribution.UriValue]

Produces


Get Continuous Learning Statistics reports

POST /mgmt/monitor/security/dp/http/report

Description

Retrieves the Continuous Learning Statistics reports. The information for all of the sub-reports isreturned in the same request.

Parameters


HeaderParameter


true string

BodyParameter


true ReportRequest

Produces


Get Hour-Specific Learning Statistics Reports

POST /mgmt/monitor/security/dp/http/week/{reportType}

Description

Retrieves the Hour-Specific Learning Statistics reports.Use the report type parameter to specify the report type: get-post/outbound/other.

167

Parameters


HeaderParameter


true string

PathParameter reportType true string

BodyParameter


true ReportRequest

Produces


SecurityMonitoring-HttpServers

HTTP servers

POST /mgmt/monitor/security/dp/http/servers

Description

Retrieves the list of HTTP servers for the specified device.

Parameters


HeaderParameter


true string

BodyParameter


true ServersRequest

Responses

168


default success Server array

Produces


SecurityMonitoring-ProtectionMonitoring

Get DNS Traffic Monitoring Report, Last Sample Statistics Section

POST /mgmt/monitor/security/dp/protection/table/dns

Description

Retrieves the DNS Traffic Monitoring Report, Last Sample Statistics tabSample statistics service.

Parameters


HeaderParameter


true string

BodyParameter


true NetworkRuleRequest

Responses


default success DnsSampleStatisticsRow array

Produces


Get Traffic Monitoring Report and Traffic Statistics Section (part 3)

169

POST /mgmt/monitor/security/dp/protection/status/{reportType}

Description

Retrieves the BDoS/DNS Traffic Monitoring Report, BDoS/DNS Traffic Statistics tab (part 3): AttackStatus field.Attack Status service. The report type parameter should be bdos/dns.

Parameters


HeaderParameter


true string


BodyParameter



Responses


default success WrappedString

Produces



POST /mgmt/monitor/security/dp/protection/traffic/dns/portion

Description

Retrieves the Normal Noise, Total Noise and Partial Noise values.

Parameters

170


HeaderParameter


true string

BodyParameter



Responses


default success EdgeResult array

Produces


Get Bdos Traffic Monitoring Report, Last Sample Statistics Section

POST /mgmt/monitor/security/dp/protection/table/bdos

Description

Retrieves the BDoS Traffic Monitoring Report, Last Sample Statistics tabSample statistics service.

Parameters


HeaderParameter


true string

BodyParameter



Responses

171


default success SampleStatisticsRow array

Produces


Get Attack Status Report

POST /mgmt/monitor/security/dp/protection/attack/status

Description

Retrieves the Attack Status Report (DNS or BDoS)

Parameters


BodyParameter


true GeneralRequest

HeaderParameter


true string

Responses


default success BdosAttackStatusResult

Produces



POST /mgmt/monitor/security/dp/protection/traffic/bdos/edge

172

Description

Retrieves the BDoS Traffic Monitoring Report and BDoS Traffic Statistics tab (part 2).Retrieves the Suspected Edge and Attack Edge values. Traffic edge service. The report type is bdos.

Parameters


HeaderParameter


true string

BodyParameter



Responses



Produces



POST /mgmt/monitor/security/dp/protection/traffic/dns/edge

Description

Retrieves the DNS Traffic Monitoring Report and DNS Traffic Statistics tab (part 2).Retrieves the Suspected Edge, Attack Edge, Attack Noise and Suspected Noise values. Traffic edgeservice. The report type is dns.

Parameters

173


HeaderParameter


true string

BodyParameter



Responses



Produces



POST /mgmt/monitor/security/dp/protection/traffic/{reportType}/rate

Description

Retrieves the BDoS/DNS Traffic Monitoring Report and BDoS/DNS Traffic Statistics tab (part 1).Retrieves the Total Traffic, Legitimate Traffic and Normal Edge values. Traffic rate service. The reporttype parameter should be bdos/dns.

Parameters


HeaderParameter


true string


BodyParameter



174

Responses


default success RateResult array

Produces


SecurityMonitoring-SecurityDashboard

Get Current Attacks Table and Ongoing Attacks Monitor

POST /mgmt/monitor/security/dp/attacks/

Description

The number of results limited to 10,000. Exceeding the limit results in an error.Request filter enumeration format:actionType - Can receive one of the following values (case sensitive): Forward, Proxy, Drop, SourceReset, Destination Reset, Source Destination Reset, Bypass, Challenge, Quarantine, Drop & Quarantine,Http 200 Ok, Http 200 Ok Reset Dest, Http 403 Forbidden, Http 403 Forbidden Reset DestattackRisk - Can receive one of the following values (case sensitive): Info, Low, Medium, HighattackProtocol - Can receive one of the following values (case sensitive): IP, TCP, UDP, ICMP, IGMP, Non-IP, SCTP, ICMPv6threatGroup - Can receive one of the following values (case sensitive): Black List, Network Scans,Application DDoS, Intrusion, Packet Anomalies, Server Cracking, DDoS, Stateful ACL, BandwidthManagementattackCategory - Can receive one of the following values (case sensitive): ACL, Anti-Scanning,Behavioral DoS, DoS, HTTP Flood, Intrusions, Server Cracking, SYN Flood, Anomalies, Stateful ACL, DNSFlood, Bandwidth ManagementpolicyDirection - Can receive one of the following values (case sensitive): Inbound, Outbound, BothattackStatus - Can receive one of the following values (case sensitive): Started, Terminated, Sampled,Occurred, Ongoingdirection - Can receive one of the following values (case sensitive): in, outphysicalPort - Can receive one of the following values (case sensitive): G-1, G-2, G-3, G-4, G-5, G-6, G-7,G-8, G-9, G-10, G-11, G-12, G-13, G-14, G-15, G-16, SFP-1, SFP-2, SFP-3, SFP-4, T-1, T-2, T-3, T-4, T-5, T-6, T-7,MNG-1, MNG-2, XG-1, XG-2, XG-3, XG-4, Multiple, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18,19, 20, 21, 22, 23, 24, 125, 126, 127, 128

Parameters

175


BodyParameter


true GeneralRequest

HeaderParameter


true string

Responses


default success DocumentationCurrentAttacksResponse

Produces


Get Attack Description

POST /mgmt/monitor/security/dp/attacks/description

Description

Retrieves the attack description for the relevant attack, based on the attack ID.

Parameters


BodyParameter


true RadwareRequest

HeaderParameter


true string

Responses

176


default success Description

Produces


Get Drop intensity Information

POST /mgmt/monitor/security/dp/intensity/

Parameters


BodyParameter


true GeneralRequest

HeaderParameter


true string

Responses


default success Intensity

Produces


Download Security Attacks CSV

POST /mgmt/monitor/security/dp/attacks/csv

Description

Returns a token. To download the file use the following:/mgmt/monitor/security/dp/csv/download/{token}.

177

Parameters


BodyParameter


true GeneralRequest

HeaderParameter


true string

Responses



Produces


SecurityMonitoring-SecurityDashboard-DefenseFlow

Download SecurityAttacks Table as CSV

POST /mgmt/monitor/security/df/attack/csv

Description

Returns a token. To download the file, use the following: /csv/download/{token}.

Parameters


BodyParameter


true DFGeneralRequest

HeaderParameter


Responses

178



Produces


Get DefenseFlow Ongoing BDoS Traffic Monitoring ReportAttack MonitorDrop Intensity Information

POST /mgmt/monitor/security/df/intensity

Parameters


BodyParameter



HeaderParameter


Responses


default success Intensity

Produces


Get DefenseFlow Current Attacks Table

POST /mgmt/monitor/security/df/attack

Description

Request filter enumeration format:actionType - Can receive one of the following values (case sensitive): Forward, Proxy, Drop, SourceReset, Destination Reset, Source Destination Reset, Bypass, Challenge, Quarantine, Drop & Quarantine,Http 200 Ok, Http 200 Ok Reset Dest, Http 403 Forbidden, Http 403 Forbidden Reset DestattackRisk - Can receive one of the following values (case sensitive): Info, Low, Medium, HighattackProtocol - Can receive one of the following values (case sensitive): IP, TCP, UDP, ICMP, IGMP, Non-

179

IP, SCTP, ICMPv6threatGroup - Can receive one of the following values (case sensitive): Black List, Network Scans,Application DDoS, Intrusion, Packet Anomalies, Server Cracking, DDoS, Stateful ACL, BandwidthManagementattackCategory - Can receive one of the following values (case sensitive): ACL, Anti-Scanning,Behavioral DoS, DoS, HTTP Flood, Intrusions, Server Cracking, SYN Flood, Anomalies, Stateful ACL, DNSFlood, Bandwidth ManagementpolicyDirection - Can receive one of the following values (case sensitive): Inbound, Outbound, BothattackStatus - Can receive one of the following values (case sensitive): Started, Terminated, Sampled,Occurred, Ongoingdirection - Can receive one of the following values (case sensitive): in, outphysicalPort - Can receive one of the following values (case sensitive): G-1, G-2, G-3, G-4, G-5, G-6, G-7,G-8, G-9, G-10, G-11, G-12, G-13, G-14, G-15, G-16, SFP-1, SFP-2, SFP-3, SFP-4, T-1, T-2, T-3, T-4, T-5, T-6, T-7,MNG-1, MNG-2, XG-1, XG-2, XG-3, XG-4, Multiple, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18,19, 20, 21, 22, 23, 24, 125, 126, 127, 128

Parameters


BodyParameter



HeaderParameter


Responses


default success TableResponse

Produces


SecurityMonitoring-TrafficMonitoring

Get Connection Rate Report

POST /mgmt/monitor/security/dp/traffic/connections/rate

Description

Required parameters: devices list, range, protocol, isPolicySelected.

180

The protocol parameter can receive one of the following values: TCP, UDP, ALL.

Parameters


BodyParameter


true GeneralRequest

HeaderParameter


true string

Responses


default success ConnectionRateResult array

Produces


Get Traffic Utilization Report, Last Sample Statistics Section

POST /mgmt/monitor/security/dp/traffic/utilization/table

Description

Required parameters: devices list, traffic, isPolicySelected, units. The traffic parameter can receive oneof the following values: Inbound, OutboundThe units parameter can receive one of the following values: Kbps, Packet/Sec, QPS.

Parameters


BodyParameter


true GeneralRequest

HeaderParameter


181

Responses


default success TrafficUtilizationTableRow array

Produces


Get Traffic Utilization Report, Traffic Statistics Section

POST /mgmt/monitor/security/dp/traffic/utilization

Description

There should be a separate request for inbound and outbound traffic. Required parameters: deviceslist, traffic, protocol, isPolicySelected, unitsThe protocol parameter can receive one of the following values: UDP, TCP, ICMP, Other, All, SCTP, IGMP,DNS, HTTPThe traffic parameter can receive one of the following values: Inbound, OutboundThe units parameter can receive one of the following values: Kbps, Packet/Sec, QPS

Parameters


BodyParameter


true GeneralRequest

HeaderParameter


Responses


default success TrafficUtilizationValue array

Produces


Get Concurrent Connections Report

POST /mgmt/monitor/security/dp/traffic/connections/concurrent

182

Description

Required parameters: devices list, range, protocol, isPolicySelectedThe protocol parameter can receive one of the following values: TCP, UDP, ALL.

Parameters


BodyParameter


true GeneralRequest

HeaderParameter


true string

Responses


default success ConcurrentConnection array

Produces


Get Traffic Utilization Report, Traffic Authentication Statistics Section

POST /mgmt/monitor/security/dp/traffic/utilization/auth

Description

Required parameters: devices list, traffic, isPolicySelected, units.

Parameters


BodyParameter


true GeneralRequest

183


HeaderParameter


true string

Responses


default success TrafficAuth array

Produces


SecurityMonitoring-TrafficMonitoring-DefenseFlow

Get DefenseFlow Traffic Utilization Report, Last Sample Statistics Section

POST /mgmt/monitor/security/df/traffic/utilization/table

Description

Required parameters: devices list, traffic, isPolicySelected, units. The traffic parameter can receive oneof the following values: Inbound, OutboundThe units parameter can receive one of the following values: Kbps, Packet/Sec, QPS

Parameters


BodyParameter



HeaderParameter


Responses


default success TrafficUtilizationTableRow array

184

Produces


Get DefenseFlow Traffic Utilization Report, Traffic Statistics Section

POST /mgmt/monitor/security/df/traffic/utilization

Description

Sends a separate request for inbound and outbound traffic. Required parameters: devices list, traffic,protocol, isPolicySelected, units

The protocol parameter can receive one of the following values: UDP, TCP, ICMP, Other, All, SCTP, IGMP,DNS, HTTPThe traffic parameter can receive one of the following values: Inbound, OutboundThe units parameter can receive one of the following values: Kbps, Packet/Sec, QPS

Parameters


BodyParameter



HeaderParameter


Responses


default success TrafficUtilizationChartValuearray

Produces


Definitions

AdminScriptPojo

185

Name Description Required Schema Default

deviceType true string

toolboxIcon true string

adminScriptRoles true [java.util.Collection<com.radware.vision.pojo.staticmodel.AdminScriptRolePojo]>

actionTitle true string

icon true string

toolTip true string

description true string

assignToDashboard true boolean

uploadDate true string

toolboxSettingsID true string

createdBy true string

name true string

assignToToolbar true string

category true string

Alert


deviceIp false string

acknowledged false boolean

trapSid false string

deviceOrmId false string

raisedTime false string (date-time)

deviceName false string

repeatedMessageKey

false string

alertKeysEnum false [AlertKeysEnum]

dbId false integer (int64)

186


originatedFromAnAuditMessage

false boolean

details false string

alertId false integer (int32)

clearedTime false string (date-time)

mailed false boolean

deviceType false [DeviceTypeEnum]

severity false [AlertSeverityEnum]

auditRequired false boolean

module false [AlertModuleEnum]

messageAsOneLineString

false string

message false string

userName false string

port false string

alertKeyArgs false [Object] array

category false string

cleared false boolean

categoryEnum false [AttackCategoryEnum]

acknowledgedTime false string (date-time)

AlertProfilePojo


unAcknowledged false boolean

device_throughput_license_errors

false boolean

acknowledged false boolean

minor false boolean

187


critical false boolean

raisedInTheLastTimeUnit

false [TimeUnitsEnumPojo]

description false string

appdirector false boolean

retention_alerts false boolean

device_throughput_license_exceeded_errors

false boolean

device_general false boolean

selectionType false string

device_security false boolean

ormID false string

major false boolean

linkproof false boolean

insite_configuration

false boolean

alteon false boolean

appwall false boolean

deviceOrmIds false string array

warning false boolean

defense_flow false boolean

categories List of AttackCategories for thisAlert Profile

false [AttackCategoryEnumPojo] array

trouble_ticket false boolean

insite false boolean

device_health_errors

false boolean

raisedInTheLastInt false integer (int32)

info false boolean

insite_control false boolean

188


security_reporting false boolean

operator_toolbox false boolean

rt_alerts false boolean

modules List of AlertModules for thisAlert Profile

false [AlertModuleEnumPojo] array

logicalGroupOrmIds

false string array

name false string

insite_general false boolean

allSelected false boolean

severities List of AlertSeverities for thisAlert Profile

false [AlertSeverityEnumPojo] array

defense_pro false boolean

cid false boolean

AlertRulePojo


snmpProfile Alert Profile forthis Alert Rule


ormID true string

name Name of the AlertRule

true string

description Brief description ofAlert Rule

false string

snmpTarget SNMP Trap Targetfor this Alert Rule

true SNMPTrapTargetPojo

enabled If this Alert Rule isto be enabled

false boolean

AlertSeverityPercentage

189


warning false integer (int32)

error false integer (int32)

AlertsInfoDto


alerts false Alert array

alertsSummary false int]

numOfPages false integer (int32)

criticalAlerts false Alert array

alertsServiceAvailable

false boolean

totalNumberOfRows


AntiScanningDetails


scanningActionReason

Describes thedifference betweenthe configuredaction and theactual action.Possible values:Enum values:Configuration,Footprint-accuracy-level, Multiple-probed-ports

false string

sourceAddress The source IPaddress of theattack. If there aremultiple IP sourcesfor an attack,thisfield displays“Multiple”.

false string

190


attackIpsId The unique ID ofthe related attackinstance.

false string

blockingDuration The blockingduration, inseconds, of theattacker source IPaddress.


scanningActualAction

false string

startTime The start time ofthe related attack.


avgTimeBetweenEvents

The average timebetween scanevents in seconds.

false number (float)

numberOfEvents The number ofsessions attemptsin this attack.


AntiScanningFootprint


strictnessLevel The desiredfootprint strictnesslevel. If a createdfootprint does notmatch the desiredstrictness, theattack will not beblocked.

false string


false string



text The text of thefootprint.

false string

191


direction The direction ofthe scan. Possiblevalues:In,out,unknown.

false string

ApmServerConfiguredOnDevice



ormVersion false integer (int32)

apmServerIp false string

ormID false string

name false string


device false Device

ApplicationApplication


maxEventTypes false integer (int32)

transactionTypesInUse


name The applicationname.

false string


id The application ID. false integer (int32)

permissionName The permission onthis applicationVIEW/MANAGE.

false string

eventTypesPercentageUsage

false string

192

ApplicationsListApplications List


offset The offset in theresults list.

true integer (int32)

totalApplicationsCount

Total number ofapplicationsreturned in theresult.


limit The maximumnumber of resultsrequested.


hasNext Specifies whether anext page of resultsexists.

true boolean

list false [T] array

results false integer (int32)

apps false Application array

BdosAttackStatusResult


table false Map[AttackStatusColumn,string]]

BigInteger


bitLength false integer (int32)

signum false integer (int32)

lowestSetBit false integer (int32)

bitCount false integer (int32)

193

BlockedUser


sourceNums The blockedsources.


ip The source IPaddressesmitigated asattackers.

false string

requestUri The HTTP requestURIs that took partin the HTTP floodattack and weremitigated.

false string

status The status of theHTTP request.Possible values:Blocked, Bypassed

false string

BlockingDetails


blockDuration The blockingduration, inseconds, of theattacker source IPaddress.



false string

numEvents The number ofscan events fromthe time the attackstarted.




avgTimeBetweenEvents

The average timebetween scanevents in seconds.


194

CellDto


type false [GMTypesEnumDto]

valueAsStr false string

isindex false boolean

columnName false string

Characteristics


destinationPort The Layer 4destination port ofthe attack.

false string

icmpMessageType The ICMP messagetype, for example:Echo reply,DestinationUnreachable,RouterAdvertisement,Router Solicitation,Traceroute, and soon.

false string

sourcePort The Layer 4 sourceport of the attack.

false string

fragmentOffset The fragmentoffset.

false string

maxBurstRate The maximal rate,in Kbps, of thecurrent attack.

false string

dnsId The DNS identifier. false string

dnsQuery The DNS query. false string

195


controllerState The protectionstate. Possiblevalues:non-attack,footprint-analysis,blocking,suspicious-activities,non-strict-footprint

false string

tcpSequenceNumber

The TCP sequencenumber.

false string



dnsQCount The DNS queriescount.

false string

flowLabel The flow label. false string


false string

isBurstActive The value of thefield indicateswhether the burstattack is activenow.

false string

averageBurstRate The average rate,in Kbps, of thebursts in thecurrent attack.

false string

packetSize The packet size inbytes.

false string

currentBurstNumber

A burst attackconsists of separatebursts. The valueof this field is thenumber of thecurrent burst.

false string

ttl The TTL. false string

destinationIP The destination IPaddress of theattack.

false string

196


fragment The datagramfragment.

false string

l4Checksum The L4 checksum. false string

sourceIp The source IPaddress of theattack.

false string

ipIdNumber The unique ID ofthe related attackinstance.

false string

toS The TOS. false string

averageTimeBetweenBursts

The average timebetween the burstsof the currentattack.

false string

averageBurstDuration

The averageduration of burstsin the currentattack.

false string

ConcurrentConnection


secondsFromNow The time in whichthe data wasreceived, relativeto the filter timerange, in multiplesof 15 seconds.Possible values: 0,15, 30, 45,…


chartValue See schema foradditional details.

false ConcurrentConnectionChartValue

ConcurrentConnectionChartValue


udpValue The UDPconnections persecond.


197


tcpValue The TCPconnections persecond.


ConnectionRateResult




inbound The number ofinboundconnections persecond.


outbound The number ofoutboundconnections persecond.


CsvConfig


timezone false string

titles false string array

fields false string array

CurrentAttack


deviceIp The IP address ofthe device thatdetected the attack.

false string

198



false string

vlanTag The VLAN tagvalue.

false string

packetCount The total packetcount of the attack.


destMsisdn The MSISDNResolution featureis not supported inAPSolute Visionversion 3.0 andlater.

false string

attackCategory The attack categoryto which the attackbelongs.Possiblevalues:ACL, Anti-Scanning,Behavioral DoS,DoS, Intrusions,HTTP Flood, ServerCracking, SYNFlood, Anomalies,Stateful ACL, DNSFlood, BandwidthManagement.

false string

destPort The Layer 4destination port ofthe attack.

false string

threatGroup The threat type towhich the attackbelongs.Possiblevalues:Black List,Network Scans,Application DDoS,Intrusions, PacketAnomalies, ServerCracking, DDoS,StatefulACL,BandwidthManagement.

false string

199


destAddress The destination IPaddress of theattack.

false string



radwareId The unique attackidentifier issued bydevice.


direction The direction ofthe attack. Possiblevalues: In, out,unknown.

false string

attackName The name of thedetected attack.

false string

mplsRd The MultiprotocolLabel SwitchingRouteDistinguisher. Thevalue of “N/A” or“0” in this fieldindicates that theMPLS RD is notavailable.

false string

attackRisk The attack risklevel.Possiblevalues: Info, Low,Medium, High

false string


false string


false string

200


policyName The name of theconfiguredNetwork Protectionpolicy or ServerProtection policythat was violatedby this attack.

false string

srcMsisdn The MSISDNResolution featureis not supported inAPSolute Visionversion 3.0 andlater.

false string

physicalPort The port on thedevice to which theattack’s packetsarrived.

false string

actionType The reportedaction against theattack. Possiblevalues:Forward, Proxy,Drop, Source Reset,Destination Reset,Source DestinationReset, Bypass,Challenge,Quarantine, Drop& Quarantine, Http200 Ok, Http 200Ok Reset Dest, Http403 Forbidden,Http 403 ForbiddenReset Dest

false string

ormId false string

201


packetBandwidth For mostprotections, thisvalue is the volumeof the attack, inkilobits, from whenthe attack started.For SYN protection(SYN cookies), thisvalue is thenumber of SYNpackets dropped,multiplied by 60bytes (the SYNpacket size).


attackProtocol The transmissionprotocol used tosend the attack.Possible values: IP,TCP, UDP, ICMP,IGMP, NonIP, SCTP,ICMPV6

false string

endTime The date and timethat the attackended.


attackStatus The last-reportedstatus of the attack.Possible values:Started,Terminated,Sampled, Occurred,Ongoing

false string

DFBDosRealTimeEdge


timeStamp false string (date-time)

suspectedAttack false number (float)

legitimateTraffic false number (float)

secondsFromNow false integer (int32)

normal false number (float)

202


normalEdge false number (float)

doa false integer (int32)

protection false [ProtectionEnum]

partial false number (float)

totalTraffic false number (float)

suspectedEdge false number (float)

full false number (float)

DFGeneralRequest


filter false FieldValue]


start false integer (int32)

count false integer (int32)

csvConfig false CsvConfig

sort false SortObject array

reportScope false DFReportScope

DFProtectionSimpleRequest



poNames false string array

policyName false string

fromTime false integer (int64)

protection false string

units false string

isIpv4 false boolean

direction false string

203

DFReportScope


devices false string array

protectedObjects false ProtectedObjectarray

policies false Policy array

range false integer (int64)

policySelected false boolean

ports false Ports

Description


content The description ofthe attack from theAttack Descriptionsfile.

false string

DetailsRequest


attackIpsId true string

Device


parent false SiteTreeNodeIfc


type false string

lockState false [Object]

deviceStatus false DeviceStatus

lastConfigBackup false string (date-time)

requiresReset false boolean

204



vrmVirtualServices false DpmVirtualServicearray

isDeleted false boolean

ormID false string

reportingDevice false boolean

physicalParentId false string

apmServerConfiguredOnDevice

false ApmServerConfiguredOnDevice array

isRegisteredToMessages

false boolean

isMonitored false boolean

deviceSetup false DeviceSetup

lastSoftwareVersionUpgrade

false string (date-time)

usedByDF false boolean

treeType false string

externalId false string

siteElementContainerAbsRef

false SiteElementContainerAbs

isSynchronizeSucceededOnce

false boolean

isCollectingStatistics

false boolean

hierarchyPath false string

virtualServices false VirtualServicearray

name false string

DeviceAccess


cliPort false integer (int32)

205


useHttpsAuthentication

false boolean

useSnmpV3Authentication

false boolean

isSsh false boolean

verifyHttpCredentials

false boolean

useSnmpV3Privacy false boolean

exclusivelyReceiveDeviceEvents

false boolean

httpsSocketTimeout



httpsPort false integer (int32)

httpSocketTimout false integer (int32)


cliUsername false string

ormID false string

snmpV3PrivacyPassword

false string

snmpV3PrivacyProtocol

false [SnmpV3PrivacyProtocolEnum]

httpsUsername false string

snmpV3AuthenticationPassword

false string

snmpV2WriteCommunity

false string

useHttpAuthentication

false boolean

snmpV3AuthenticationProtocol

false [SnmpV3AuthenticationProtocolEnum]

snmpV3Username false string

206


visionMgtPort false [VisionMgtPortEnum]

snmpVersion false [SnmpVersionEnum]

verifyHttpsCredentials

false boolean

httpPort false integer (int32)

httpPassword false string

registerDeviceEvents

false boolean

managementIp false string

httpsConnectionTimeout


httpsPassword false string

name false string

httpUsername false string

httpConnectionTimeout


cliPassword false string

snmpV2ReadCommunity

false string

snmpV1WriteCommunity

false string

mgt2Ip false string

snmpV1ReadCommunity

false string

mgt1Ip false string

DeviceDriver

207


deviceType false enum(APPDIRECTOR,DEFENSE_PRO,MANAGEMENT_SERVER, LINKPROOF,ALTEON, GENERIC,CID, APPWALL,DEFENSE_FLOW)

restOnly false boolean

restCategory false string

creationTime false string (date-time)

driverBlob false string array


driverNameWithExtension

false string

deviceVersion false string

minimumVisionVersion

false string

restApiVersion false [RestApiVersion]

driverBuildID false string

driverID false string

supportedLanguages

false string

driverVersion false string

supportingVisionWeb

false boolean

localizationSupported

false boolean

driverName false string

supportingRest false boolean

driverNameWithoutExtension

false string

208

DeviceExportedFile


deviceType false string

deviceFileFromDB false string array


ormID false string

name false string


exportedFileType false [ExportedFileTypeEnum]

deviceName false string

fileContent false string array

downloadTime false string (date-time)

DeviceMapResponse


deviceId false Device

DeviceSetup


license false License


ormID false string

deviceSoftware false Software

deviceDriver false DeviceDriver

name false string


deviceAccess false DeviceAccess

hardware false Hardware

209

DeviceStatus


isApplySaveRequired

false [ApplySaveRequired]

isReportingServiceUp

false boolean

defenseFlowPendingActionsAmount


lastDeviceChangesNotification


redundancyStatus false [RedundancyStatusEnum]


isUpdatePoliciesRequired

false boolean

lastDeviceStatusChange


isSyncRequired false boolean


defenseFlowPendingActionAboveThreshold

false boolean

highAvailabilityPriority

false [HighAvailabilityPriorityEnum]

ormID false string

name false string

isFirstTimeConnectionSucceed

false boolean

redundancyRole false [RedundancyRoleEnum]

deviceOperationMode


status false [DeviceStatusEnum]

210

DnsCharacteristics


destinationPort The Layer 4destination port ofthe attack.

false string

dnsQCount The DNS queriescount.

false string


false string

blockingState The protectionstate. Possiblevalues:non-attack,footprint-analysis,blocking,suspicious-activities, non-strict-footprint

false string

dnsAQCount The DNS answerscount.

false string

flags The datagramflags.

false string

dnsQueryName The DNS queryname.

false string

packetSize The packet size inbytes.

false string

ttl The TTL. false string

dnsId The DNS identifier. false string

destinationIP The destination IPaddress of theattack.

false string

211


actionType The reportedaction against theattack. Possiblevalues:Forward, Proxy,Drop, Source Reset,Destination Reset,Source DestinationReset, Bypass,Challenge,Quarantine, Drop& Quarantine, Http200 Ok, Http 200Ok Reset Dest, Http403 Forbidden,Http 403 ForbiddenReset Dest

false string

l4Checksum The L4 checksum. false string

ipIdNumber The unique ID ofthe related attackinstance.

false string



DnsFootprint


timeStamp The timestamp, inmilliseconds, onthe APSolute Visionserver, at the timethe data wasreceived.


excludedSubDomains

Excluded sub-domains list.

false string array


false string



212


text The text of thefootprint.

false string

DnsSampleStatisticsRow


legitimateTraffic The actualforwarded trafficrate, after thedevice blocked theattack.

false string

normalPortionNoise

false string

legitimatePortion The actualpercentage of theforwarded trafficrate of thespecified typerelative to othertypes of traffic,after the deviceblocked the attack.

false string

baseLine The normal trafficrate expected bythe device.

false string

fullPortionNoise false string

doa Degree of Attack. Anumeric value thatevaluates thecurrent level ofattack. A value of 8or greater signifiesan attack.

false string

legitimatePortionNoise

false string

213


protection The protectiontype. Each specifictraffic type anddirection has abaseline that thedevice learnsautomatically.

false string

attackNoiseDegree Degree of AttackNoise. A numericvalue thatevaluates thecurrent level ofattack noise.

false string

totalTraffic The total trafficrate that theDefensePro devicesees for the specifictraffic type anddirection.

false string

baselinePortion An indication forthe rate invariantbaseline—that is,the normalpercentage of thespecific traffic typeto all other trafficin the samedirection.

false string

rtPortion The actualpercentage of thespecific traffic typerelative to all othertraffic in the samedirection.

false string

DnsStatistics


chartValues false integer (int64)array



214


normalValue false integer (int64)

DocumentationCurrentAttacksResponse


request false GeneralRequest

totalRows false integer (int32)

rows false CurrentAttackarray

DocumentationSampleDataResponse


request false GeneralRequest


rows false SampleData array

Dos


attackerIp The IP address ofthe attacker.

false string

attackDuration The attackduration, inseconds.



false string

protectedHost The protected host. false string

attackTotalDropRate

The averagedropped packetsrate, per second.


protectedPort The protected port. false integer (int32)

action The protectionAction taken.

false string

215




attackRate The attack rate, inseconds.


DpmVirtualService


uniqueKey false string


virtualServerIp false string

deviceExternalId false string

reportingEnabled false boolean

virtualServerId false string


ormID false string

virtualServiceId false string

name false string

virtualServicePort false integer (int32)

device false Device

applicationName false string

EdgeResult


suspectedAttack false integer (int32)


suspectedEdge false integer (int32)

EmailTemplate

216


alertType false string

alertTypeObj false [AlertType]

subject false string

name false string

textBody false string

id false integer (int32)

body false string

Event


receivedBytes false integer (int64)

cpuUsage false integer (int64)

responseEndTime false string (date-time)

locationDescription false string

destinationProcessId


referenceParentId false string

networkTime false integer (int32)

grossResponseTime


dNSTime false integer (int64)

destinationNodeId false string

connectTime false integer (int64)

clientIP false string

renderingTime false integer (int32)

id false string

sourceProcessId false integer (int64)

dataCenterSla false integer (int32)

successful false boolean

217


area false string

dataCenterResponseTime


responseStartTime false string (date-time)

memoryUsage false integer (int64)

domProcessing false integer (int64)

redirectTime false integer (int64)

sourceAgentPort false integer (int32)

appName false string

requestEndTime false string (date-time)

metDataCenterSla false boolean

sourceProcessName

false string

version false integer (int32)

requestStartTime false string (date-time)

sourceIp false string

sourceNodeId false string

desktopSla false integer (int32)

name false string

eventParameters false string

destinationProcessName

false string

applicationId false integer (int32)

sentBytes false integer (int64)

destinationHost false string

realServerIP false string

EventDetails


dNSTime false integer (int64)

218


event false Event

EventSample




flag The TCP packettype. This isdisplayed only forTCP traffic.

false string


false string

icmpMsgType The ICMP messagetype, for example:Echo reply,DestinationUnreachable,RouterAdvertisement,Router Solicitation,Traceroute, and soon.

false string


false string



Footprint


footprint The text of thefootprint.

false string



219


timestamp The timestamp, inmilliseconds, onthe APSolute Visionserver, at the timethe data wasreceived.


GeneralRequest


filter Represents thefilter object. Thekey of the map is afieldName. Thevalue is an objectwith the followingfields:operator - Can be'=', 'like', 'in'.value - A fieldValuearrayValue - Whenusing an 'in'operator, these arevalues for theoperator.For example, if wewant to filter bydeviceIp in(127.0.0.1,127.0.0.2) andattackName=BDOS,the filter will be:{attackName:{operator:'=',value:'BDOS'},deviceIp:{operator:'in',arrayValue:['127.0.0.1', '127.0.0.2']}}

false {operator:'=',value:'fieldValue',arrayValue:[]}]


220


start Represents thestart value forpaging. Use 0 or anempty value for nopaging.


count false integer (int32)

sort Represents thesorting object. Forexample, if youwant to sort byascending AttackName anddescendingTimeStamp theobject will be:[{field:'attackName', dir:'asc'},field:'timeStamp',dir:'desc'}]

false SortObject array

reportScope The main requestobject.

true ReportScope

Hardware


trankPortsStartNumber


powerSupplyType false [PowerSupplyTypeEnum]

hasAccelerationEngineEnabled

false boolean

formFactorType false string

numberOfPhisicalInterfaces


platformType false string

baseMacAddress false string


221


compressionCardName

false string

licenseMacAddress false string

hasAccelerator false boolean


ormID false string

hasSme false boolean

sslCardName false string

name false string

hasSata false boolean

fullHardwareTypeName

false string

status false [java.util.Collection<com.radware.insite.model.setup.HardwareStatus]>

HourData


hour false integer (int32)

value false integer (int32)

HttpFloodInfo


suspiciousSources The number ofsources that theprotection modulesuspects as beingmalicious.


challengeMode The user-specifiedChallenge Mode.

false string

222


webUtilization The HTTPAuthenticationTable Utilization[%].


newMitigationState The current actionthat protectionmodule is using tomitigate the attack.

false string

challengedCandidates

The number ofsources that theprotection modulehas identifiedasbeing attackers andis now challengingthem.


escalationMode The configurationof the mitigationflow for the profile.

false string

newProtectionState The state of theprotection process.

false string

HttpReportStatistics


timeStamp The timestamp, inmilliseconds, onthe APSolute Visionserver, at the timethe data wasreceived.


httpReqPerConn The maximumnumber of HTTPGET and POSTrequests per TCPconnection.


223


anomalyOutboundMbps

The bandwidth, inmegabits persecond, of theHTTP serverssending theresponses, whichwas detected asanomaly.

false number (double)

outboundMbps The bandwidth, inmegabits persecond, of theHTTP serverssending theresponses.


anomalyHttpReqPerConn

The number ofHTTP GET andPOST requests perTCP connection,which wasdetected asanomaly.


anomalySrcReqPerSec

The rate of HTTPGET and POSTrequests persecond per sourceIP address, whichwas detected asanomaly.


srcReqPerSec The maximum rateof HTTP GET andPOST requests persecond per sourceIP address.


anomalyOtherReqPerSec

The rate of HTTPrequests that arenot POST or GETsent per second tothe protectedserver, which wasdetected asanomaly.


224


anomalyHttpReqPerSec

The rate of HTTPGET and POSTrequests sent persecond to theprotected server,which wasdetected asanomaly.


httpReqPerSec The rate of HTTPGET and POSTrequests sent persecond to theprotected server.


otherReqPerSec The rate of HTTPrequests that arenot POST or GETsent per second tothe protectedserver.


HttpStatistics


rc The GET and POSTrequests/sec.



false string

conRC The GET and POSTper connection.


src The GET and POSTper source/sec.




statisticsType StatisticType—Anomaly orNormal.

false string

outBC The OutboundKbps.


225


normalLDT The normal binvalues ofsizeDistribStatisticsgraph in HTTP-flood attack details.

false integer (int32)array

rateSTD The anomaly binvalues ofsizeDistribStatisticsgraph in HTTP-flood attack details.

false integer (int32)array

otherC The Other HTTPrequests/sec.


Intensity


bandwidthAverage false number (double)

packetsAverage false number (double)

License


bdosEnabled false boolean

hardwareLicenseString

false string

throughputLicenseString

false string

tenGigabyteEnabled

false boolean


bwmAndIpsEnabled

false boolean


dosEnabled false boolean

security false boolean

226


ormID false string

apmLicenseLimit false integer (int32)

ipv6 false boolean

softwareLicenseString

false string

name false string

globalRedirectionEnabled

false boolean

vxApmLicenseLimit


throughput false [ThroughputLicenseEnum]

cookiePersistencyEnabled

false boolean

sp false boolean

productType false [ProductTypeEnum]

LogicalGroupDtoContainerPojo


groups List of objects ofLogicalGroupMemberDtoPojo

true LogicalGroupMemberDtoPojo array

LogicalGroupMemberDtoPojo


name Name of theLogical GroupMember

true string

meIdentifier Managed ElementIdentifier details ofthe Logical GroupMember

true ManagedElementIdentifierPojo

227

LogicalGroupPojo


deviceType true string

ormID true string

members true [java.util.Collection<java.lang.String]>

name true string


ManagedElementIdentifierPojo


managedElementClass

false [Class]

managedElementID

false [Serializable]

dbId false integer (int64)

Message


message false string

timestamp false integer (int64)

MultipartFormDataInput


formDataMap false List[InputPart]]

formData false InputPart]

NetworkFqdnRequest

228


policyName true string

fqdn true string

range true integer (int32)

deviceId true string

NetworkProtectionRuleIdPojo


rsIDSNewRulesName

true string


NetworkProtectionRulePojo


networkProtectionRuleId

true NetworkProtectionRuleIdPojo

NetworkRuleRequest


policyName true string

range true integer (int32)

protection true string

units true string

isIpv4 true boolean


direction true string

Policy


sourceNetwork false string

229


active false boolean

type false [PolicyType]

deviceId false string

policy false string

destinationNetwork

false string

Port


port false string

deviceId false string

Ports


biDir false Port array

source false Port array

dest false Port array

ProtectDetails


attackerIp The IP address ofthe attacker.

false string


false string

protectedHost The protected host. false string

protectedPort The protected port. false integer (int32)

230


action The reportedaction against theattack. Possiblevalues:Forward, Proxy,Drop, Source Reset,Destination Reset,Source DestinationReset, Bypass,Challenge,Quarantine, Drop& Quarantine, Http200 Ok, Http 200Ok Reset Dest, Http403 Forbidden,Http 403 ForbiddenReset Dest

false string



attackerUrl The URL of theattacker.

false string

ProtectEvent


protocol The transmissionprotocol used tosend the attack.Possible values: IP,TCP, UDP, ICMP,IGMP, NonIP, SCTP,ICMPV6

false string


false string

messages false Message array



231

ProtectedObject


name false string

RadwareRequest


radwareId The unique attackidentifier issued bydevice.


RateResult



total false integer (int32)

normalEdge false integer (int32)

legitimate false integer (int32)

RegionRequest


attackIpsId true string


true string

ReportRequest


servers The serverId list(taken fromHttpServersWs).

true string array

232


devices The deviceId list.Only one value issupported.

true string array

weekDay (1 = 'Mo', 2 = 'Tu' …7 = 'Su') if == -1 ornull ⇒ use range


range Used only ifweekDay is notspecified, thisvalue is secondsbefore now.


pageSize false integer (int32)

pageNum false integer (int32)

ReportScope


devices The deviceId array. true string array

policies false Policy array

range The range of thereport, in seconds.


policySelected Relevant only forTraffic Monitoring,specifies the scope:port or policy.

false boolean

ports false Ports

RowDto


cells false CellDto array

SNMPTrapTargetPojo

233


snmpVersion Target SNMPVersion

true [ImConstants$SnmpVersionEnumPojo]

ipAddress Target machine IPaddress

true string

privacy If privacy needs tobe enabled

false boolean


community Target SNMPCommunity string -required forSNMPv2c

false string

userName Target SNMPCommunity username - requiredfor SNMPv3

false string

authenticationPassword

Authenticationpassword -required ifauthentication isenabled

false string

authenticationProtocol

Authenticationprotocol - requiredif authentication isenabled

false [ImConstants$SnmpV3AuthenticationProtocolEnumPojo]

privacyProtocol Privacy Protocol -required if privacyis enabled

false [ImConstants$SnmpV3PrivacyProtocolEnumPojo]

privacyPassword Privacy Password -required if privacyis enabled

false string

ormID true string

port Target machineport


name true string

authentication If authenticationneeds to beenabled

false boolean

234

SampleData


mplsRd The MultiprotocolLabel SwitchingRouteDistinguisher. Thevalue of “N/A” or“0” in this fieldindicates that theMPLS RD is notavailable.

false string


false string

protocol The transmissionprotocol used tosend the attack.Possible values: IP,TCP, UDP, ICMP,IGMP, NonIP, SCTP,ICMPV6

false string

vlanTag The VLAN tagvalue.

false string


false string


false string


false string


false string

235


srcMsisdn The MSISDNResolution featureis not supported inAPSolute Visionversion 3.0 andlater.

false string

destMsisdn The MSISDNResolution featureis not supported inAPSolute Visionversion 3.0 andlater.

false string



physicalPort The port on thedevice to which theattack’s packetsarrived.

false string

SampleStatisticsRow


legitimateTraffic The actualforwarded trafficrate, after thedevice blocked theattack.

false string

baseLine The normal trafficrate expected bythe device.

false string

legitimatePortion The actualpercentage of theforwarded trafficrate of thespecified typerelative to othertypes of traffic,after the deviceblocked the attack.

false string

236


doa Degree of Attack. Anumeric value thatevaluates thecurrent level ofattack. A value of 8or greater signifiesan attack.

false string


false string

attackNoiseDegree Degree of AttackNoise. A numericvalue thatevaluates thecurrent level ofattack noise.

false string

totalTraffic The total trafficrate that theDefensePro devicesees for the specifictraffic type anddirection.

false string

baselinePortion An indication forthe rate invariantbaseline—that is,the normalpercentage of thespecific traffic typeto all other trafficin the samedirection.

false string

rtPortion The actualpercentage of thespecific traffic typerelative to all othertraffic in the samedirection.

false string

237

Sensitivity


intervalUnits false string

repeat false integer (int32)

interval false integer (int32)

intervalMilliseconds


type false [SensitivityTypes]

measurements false integer (int32)

timeUnit false [TimeUnit]

Server


ormId false string

name false string

ServersRequest


devices The deviceId array. true string array

SharepathServer


dataIp false string

localAioApmServer false boolean

sharepathServerUrl

false string

httpPort false integer (int32)


usageCounter false integer (int32)

238


percentOfCPUUsedByIO




backupIp false string

ormID false string

aioEnabled false boolean

tps false number (float)

name false string

throughput false integer (int32)

cpuUsagePercent false number (float)

managementIpAio false string

lastUpdateTime false string (date-time)

SiteElementContainerAbs


hierarchyPath false string



ormID false string


name false string

siteTreeElementCollection

false [java.util.Collection<com.radware.insite.model.device.SiteTreeElementAbs]>


siteElementContainerAbsRef

false SiteElementContainerAbs

239

SitePojo


ormID true string

name true string


parentOrmID false string

type true string

SiteTreeNodeIfc



name false string

SlaWatch


averageResponseTime


percentageFailedSla


averageResponseTimeValue

false string

aggDate false integer (int64)

averageRenderingTime


transactionDescription

false string

slaWatchSeverityPercentage

false SlaWatchSeverityPercentage

percent950Stddev false number (double)

averageDCTimeValue

false string


240


complianceCount false integer (int64)

areaDescription false string

tpmValue false string

transactionId false integer (int32)

volume false integer (int64)

secondaryDeleted false boolean

stddevValue false string

percent95StddevValue

false string

secondaryDescription

false string

volumeHadSla false integer (int64)

percentageSla false number (double)

applicationDescription

false string


percentageFailed false number (double)

secondaryId false integer (int32)

maxResponseTime false integer (int64)

locationDescription false string

averageRenderingTimeValue

false string

volumeMetSla false integer (int64)


transactionName false string

numberFailed false integer (int64)

averageNetworkTime


desktopData false boolean

responseSum false integer (int64)

locationId false integer (int32)

241


percentageSlaValue

false string

stddev false number (double)

objectId false integer (int32)

averageNetworkTimeValue

false string

minResponseTime false integer (int64)

percentageFailedSlaValue

false string

volumeExceedSla false integer (int64)

wasYesterday false boolean

percentageFailedValue

false string

areaId false integer (int32)

deleted false boolean

tps false number (double)

averageDCTime false number (double)

SlaWatchListWrapper


total false integer (int32)

aggregations false SlaWatch array

SlaWatchSeverityPercentage


slaError false integer (int32)

failedError false integer (int32)

slaWarning false integer (int32)


failedWarning false integer (int32)

242

Software



ormID false string

name false string


version false string

status false [java.util.Collection<com.radware.insite.model.setup.SoftwareStatus]>

SortObject


field false string

dir false string

Statistics


inValue Inbound IP traffic false integer (int64)

unit false [TrafficUnit]


false string

outValue false integer (int64)

dataType false [DataType]

chartValues false integer (int64)array

243



false string



normalValue The normaladapted trafficbaseline.



false string

StatisticsTable


protection false string

rows false StatisticsColumn]

StatisticsTableRow


in false integer (int32)

type false string

out false integer (int32)

StatisticsTableRowTcp


synIn false integer (int32)

rstIn false integer (int32)

synAckOut false integer (int32)

244


fragIn false integer (int32)

synAckIn false integer (int32)

fragOut false integer (int32)

rstOut false integer (int32)

finOut false integer (int32)

type false string

finIn false integer (int32)

synOut false integer (int32)

SynFlood




spoofed The number ofestablished,spoofed TCPconnections persecond during theattack life cycle(aggregated). Theseare the sessionsthat wereestablishedthrough the SYN-cookies mechanismor were passedthrough the SYNprotection trustedlist.


webUtilization The HTTPAuthenticationTable Utilization[%].


245


httpChallenge The HTTPAuthenticationMethod thatidentified theattack. Possiblevalues: 302-Redirect,JavaScript.

false string


false string

tcpUtilization The currentutilization, inpercent, of the TCPAuthenticationtable.



false string

threshold The configuredattack triggerthreshold, in halfconnections persecond.




tcpChallenge The AuthenticationMethod thatidentified theattack. Possiblevalues:Transparent Proxy,Safe-Reset.

false string

attackRate The average rate ofspoofed SYNs anddata connectionattempts persecond, calculatedevery 10 seconds.


246

TableDto


rows false RowDto array

tableName false string

columnsName false string array

TableResponse


request false [REQUEST]


rows false [RESPONSE] array

ThinDeviceTransformerDTO



formFactor false string

supportTemplate false boolean

name false string


type false string

highAvailabilityPriorityEnum


status false string

ThinLogicalGroupDto


deviceType false string

ormID false string

name false string

247



state false string

ThinSiteTransformerDTO


formFactor false string


supportTemplate false boolean


type false string

highAvailabilityPriorityEnum



deleted false boolean

ormId false string

children false ThinSiteTransformerDTO array

name false string

parentOrmId false string

status false string

ThresholdAlert



emailTemplateAlertOffId


emailTemplateAlertOff

false EmailTemplate

enabled false boolean

timeframe false Timeframe

248


applicationDeleted false boolean

emailTemplateAlertOn

false EmailTemplate

emailTemplateAlertOnId


statusName false string


timestamp false string (date-time)

cc false string

applicationDesc false string

severityPercentage false AlertSeverityPercentage

customClassName false string

back2NormalAlert false boolean


alertTypeName false string

parentName false string

fileTemplate false string

timeframeId false integer (int32)

application false Application

sensitivityType false [SensitivityTypes]

sensitivityLabel false string

name false string

shScript false string

sensitivity false string

timeframeName false string

to false string


formatedTimestamp

false string

249


fileMaxRows false integer (int32)

timeframeDesc false string

statusObj false [Status]

measuredValue false number (double)

status false integer (int32)

ThresholdAlertList


alerts false ThresholdAlertarray






true boolean

list false [T] array


Timeframe


expression false string

name false string



TopTalkerTotalHitsValue


score false integer (int64)

250


fqdn false string

TrafficAuth


protocol The protocol forthe statisticsdisplayed in therow. Possiblevalues: HTTP, TCP,DNS.

false string

currentAttacks The number ofattacks currently inthe device.


challenge The rate, in PPS,that the device issending challenges.


utilization The percentage ofthe AuthenticationTable that is full.


TrafficUtilizationChartValue




diverted The amount ofdiverted traffic.Supported only byDefenseFlowdevices.

false BigInteger

discarded The amount ofdiscarded traffic.

false BigInteger

251


inbound The amount ofinbound traffic.

false BigInteger

dropped The amount ofdropped traffic.

false BigInteger

clean The amount ofclean traffic.

false BigInteger

TrafficUtilizationTableRow


diverted The amount ofdiverted traffic.Supported only byDefenseFlowdevices.

false BigInteger

protocol The trafficprotocol. Possiblevalues: TCP, UDP,ICMP, IGMP, SCTP,Other, All

false [TrafficMonitorProtocol]

discarded The amount ofdiscarded traffic.

false BigInteger

inbound The amount ofinbound traffic.

false BigInteger

dropped The amount ofdropped traffic.

false BigInteger

clean The amount ofclean traffic.

false BigInteger

timestamp The timestamp, inmilliseconds, onthe APSolute Visionserver, at the timethe data wasreceived.


TrafficUtilizationValue

252


inBound The amount ofinbound traffic.




outBound The amount ofoutbound traffic.


inDiscard The amount ofdiscarded inboundtraffic.


inExcluded The amount ofexcluded inboundtraffic.


outExclude The amount ofexcluded outboundtraffic.


outDiscard The amount ofdiscardedoutbound traffic.


TriggeredAlert


triggeredSensitivity

false Sensitivity

parentAlertid false integer (int32)


emailTemplateAlertOffId


emailTemplateAlertOff

false EmailTemplate

back2NormalTimestamp


253


severityLevel false [SeverityLevels]

applicationDeleted false boolean

emailTemplateAlertOn

false EmailTemplate

emailTemplateAlertOnId


statusName false string


timestamp false string (date-time)

cc false string

applicationDesc false string

alertType false string

customClassName false string

back2NormalAlert false boolean

thresholdValue false number (double)

sLAObjectId false integer (int32)


sLAObjectType false string

fileTemplate false string

timeframeId false integer (int32)

application false Application

sensitivityType false [SensitivityTypes]

name false string

sensitivityLabel false string

shScript false string

sensitivity false string

timeframeName false string

to false string


254


formatedTimestamp

false string

fileMaxRows false integer (int32)

timeframeDesc false string

statusObj false [Status]

measuredValue false number (double)

status false integer (int32)

TriggeredAlertList







true boolean

list false TriggeredAlertarray


UserContactInfoPojo


phoneNumber true string

address true string

organisation true string

UserPojo

255


password If not specifiedthen the defaultpassword is setfollowing the valuein UserManagementSettings

false string

userSettings false UserSettingsPojo

ormID true string

contactInfo false UserContactInfoPojo

roleGroupPairList true [java.util.Collection<com.radware.vision.pojomodel.user.management.UserRoleGroupPairPojo]>

userFullName false string

networkPolicies false NetworkProtectionRulePojo array

name true string


UserSettingsPojo


userLocale true string

ormID true string

name true string


globalLandingPage true string

VirtualService

256


virtualServiceName

false string

virtualServerId false string


ormID false string

virtualServiceId false string

name false string


sharepathServer false SharepathServer

virtualServerIp false string

virtualServicePort false integer (int32)

device false Device

WrappedString


result false string

257

APSolute Vision 4.20 REST API - Check Point Software

Documents

Transcript of APSolute Vision 4.20 REST API - Check Point Software