af_waf_relaxation_rules
Configuration for WAF Learning engine ready to deploy relaxation rules learnt for Level 2 resource.
Properties
(click to see Operations )
Name | Data Type | Permissions | Description |
---|---|---|---|
sms_profile |
|
Read-write | SMS Profile name. |
field_type |
|
Read-write | Field type to be relaxed.
Maximum length = 512 |
is_auto_deploy |
|
Read-write | Field to check if auto deploying is ENABLED/DISABLED. |
status |
|
Read-write | Status is true when the rule is enabled and false when the rule is disabled. |
mode |
|
Read-write | Deployment mode would be OPEN(0) / CLOSE(1). |
count_value |
|
Read-write | count for the number of times this rule has caused violation. |
slack_profile |
|
Read-write | Slack Profile name. |
grace_period |
|
Read-write | time before a rule is auto deployed. |
ctnsappname |
|
Read-write | ctnsappname.
Maximum length = 255 |
violation_location |
|
Read-write | Violation Location. |
violation_id |
|
Read-write | Violation Category. |
field_name |
|
Read-write | Field name to be relaxed.
Maximum length = 512 |
resourceid |
|
Read-write | Resource Id generated for each relaxation rule which is bound to appfw profile..
Minimum length = 1 Maximum length = 128 |
mail_profile |
|
Read-write | Mail Profile name. |
is_system |
|
Read-write | Set to true when system generated and false for user configured rule. |
rpt_sample_time |
|
Read-write | Report Sample time.. |
max_value |
|
Read-write | Maximum length of the filed to be relaxed. |
user_name |
|
Read-write | Field used to maintain the name of User who take an action that lead to this transaction record. |
learning_mode |
|
Read-write | Learning mode to differentate between a rule to be pruned (2) or deployed (0 or 1). |
value_type |
|
Read-write | Value type to be relaxed.
Maximum length = 512 |
value_expr |
|
Read-write | Value expression to be relaxed.
Maximum length = 512 |
is_deployed |
|
Read-write | Field refelecting status of rule i.e 0-ready to deploy,1-deployed,2-skipped,4-failed. |
http_req_url |
|
Read-write | HTTP Request URL to be relaxed.
Maximum length = 2000 |
si_device_ip_address |
|
Read-write | Citrix ADC IP Address..
Minimum length = 1 Maximum length = 512 |
min_value |
|
Read-write | minimum length of the field to be relaxed. |
regex |
|
Read-write | Regex number 1 is REGEX and 2 is NOTREGEX in bind appfw profile per security check. |
servicenow_profile |
|
Read-write | servicenow Profile name. |
profile_name |
|
Read-write | profile_name.
Maximum length = 32 |
adm_learn_profile_name |
|
Read-write | adm_learn_profile_name.
Minimum length = 1 Maximum length = 32 |
no_of_violations |
|
Read-write | Number of violations. |
comment |
|
Read-write | Comment to be added to a relaxation rule while deploying it.
Maximum length = 255 |
grace_period_expiry |
|
Read-write | Number of seconds left to trigger autodeploy for relaxation of URL. |
id |
|
Read-only | Id is system generated key.. |
Operations
(click to see Properties )
- ADD
- DELETE
- GET (ALL)
- UPDATE
Some options that you can use for each operations:
-
Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:
http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes
If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.
-
Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,
To do this, you must specify the username and password in the request header of the NITRO request as follows:
X-NITRO-USER: <username>
X-NITRO-PASS: <password>
Note: In such cases, make sure that the request header DOES not include the following:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>
*Note:
*
Mandatory parameters are marked in
red
and placeholder content is marked in
green
The following parameters can be used in the nitro request : onerror <String_value>
Use this parameter to set the onerror status for nitro request. Applicable only for bulk requests.
Default value: EXIT
Possible values = EXIT, CONTINUE
add
URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules?onerror=<String_value> HTTPS Method: POST
Request Headers: Content-Type: application/json
X-NITRO-USER:username_value<String>
X-NITRO-PASS:password_value<String>
or
Cookie:NITRO_AUTH_TOKEN=token_value<String>
Request Payload:
{"af_waf_relaxation_rules": {
"mode":<Integer_value>,
"field_name":<String_value>,
"violation_id":<Integer_value>,
"violation_location":<Integer_value>,
"resourceid":<String_value>,
"is_system":<Boolean_value>,
"learning_mode":<Integer_value>,
"http_req_url":<String_value>,
"regex":<Integer_value>,
"is_auto_deploy":<Boolean_value>,
"count_value":<Integer_value>,
"rpt_sample_time":<Double_value>,
"si_device_ip_address":<String_value>,
"profile_name":<String_value>,
"field_type":<String_value>,
"sms_profile":<String_value>,
"no_of_violations":<Double_value>,
"slack_profile":<String_value>,
"ctnsappname":<String_value>,
"mail_profile":<String_value>,
"grace_period_expiry":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"value_type":<String_value>,
"is_deployed":<Integer_value>,
"value_expr":<String_value>,
"min_value":<Integer_value>,
"servicenow_profile":<String_value>,
"status":<Boolean_value>,
"grace_period":<Double_value>,
"comment":<String_value>,
"adm_learn_profile_name":<String_value>}}
<!--NeedCopy-->
Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error
Response Payload:
{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "af_waf_relaxation_rules":[{
"sms_profile":<String_value>,
"field_type":<String_value>,
"is_auto_deploy":<Boolean_value>,
"status":<Boolean_value>,
"mode":<Integer_value>,
"count_value":<Integer_value>,
"slack_profile":<String_value>,
"grace_period":<Double_value>,
"ctnsappname":<String_value>,
"violation_location":<Integer_value>,
"id":<String_value>,
"violation_id":<Integer_value>,
"field_name":<String_value>,
"resourceid":<String_value>,
"mail_profile":<String_value>,
"is_system":<Boolean_value>,
"rpt_sample_time":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"learning_mode":<Integer_value>,
"value_type":<String_value>,
"value_expr":<String_value>,
"is_deployed":<Integer_value>,
"http_req_url":<String_value>,
"si_device_ip_address":<String_value>,
"min_value":<Integer_value>,
"regex":<Integer_value>,
"servicenow_profile":<String_value>,
"profile_name":<String_value>,
"adm_learn_profile_name":<String_value>,
"no_of_violations":<Double_value>,
"comment":<String_value>,
"grace_period_expiry":<Double_value>}]}
<!--NeedCopy-->
delete
URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules/id_value<String> HTTPS Method: DELETE
Request Headers: X-NITRO-USER:username_value<String>
X-NITRO-PASS:password_value<String>
or
Cookie:NITRO_AUTH_TOKEN=token_value<String>
Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error
Response Payload:
{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt }
<!--NeedCopy-->
get (all)
URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules Query-parameters:
filter https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules ?filter=property-name1:property-value1,property-name2:property-value2 Use this query-parameter to get the filtered set of af_waf_relaxation_rules resources configured on the system. You can set a filter on any property of the resource.
pagesize=#no;pageno=#no https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules ?pagesize=#no;pageno=#no Use this query-parameter to get the af_waf_relaxation_rules resources in chunks.
count https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules ?count=yes Use this query-parameter to get the count of af_waf_relaxation_rules resources.
HTTPS Method: GET
Request Headers: Accept: application/json
X-NITRO-USER:username_value<String>
X-NITRO-PASS:password_value<String>
or
Cookie:NITRO_AUTH_TOKEN=token_value<String>
Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error
Response Headers:
Content-Type:application/json
Response Payload:
{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "af_waf_relaxation_rules":[{
"sms_profile":<String_value>,
"field_type":<String_value>,
"is_auto_deploy":<Boolean_value>,
"status":<Boolean_value>,
"mode":<Integer_value>,
"count_value":<Integer_value>,
"slack_profile":<String_value>,
"grace_period":<Double_value>,
"ctnsappname":<String_value>,
"violation_location":<Integer_value>,
"id":<String_value>,
"violation_id":<Integer_value>,
"field_name":<String_value>,
"resourceid":<String_value>,
"mail_profile":<String_value>,
"is_system":<Boolean_value>,
"rpt_sample_time":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"learning_mode":<Integer_value>,
"value_type":<String_value>,
"value_expr":<String_value>,
"is_deployed":<Integer_value>,
"http_req_url":<String_value>,
"si_device_ip_address":<String_value>,
"min_value":<Integer_value>,
"regex":<Integer_value>,
"servicenow_profile":<String_value>,
"profile_name":<String_value>,
"adm_learn_profile_name":<String_value>,
"no_of_violations":<Double_value>,
"comment":<String_value>,
"grace_period_expiry":<Double_value>}]}
<!--NeedCopy-->
update
URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules/id_value<String> HTTPS Method: PUT
Request Headers: Content-Type: application/json
X-NITRO-USER:username_value<String>
X-NITRO-PASS:password_value<String>
or
Cookie:NITRO_AUTH_TOKEN=token_value<String>
Request Payload:
{"af_waf_relaxation_rules":{
"mode":<Integer_value>,
"field_name":<String_value>,
"violation_id":<Integer_value>,
"violation_location":<Integer_value>,
"resourceid":<String_value>,
"is_system":<Boolean_value>,
"learning_mode":<Integer_value>,
"http_req_url":<String_value>,
"regex":<Integer_value>,
"is_auto_deploy":<Boolean_value>,
"count_value":<Integer_value>,
"rpt_sample_time":<Double_value>,
"si_device_ip_address":<String_value>,
"profile_name":<String_value>,
"field_type":<String_value>,
"sms_profile":<String_value>,
"no_of_violations":<Double_value>,
"slack_profile":<String_value>,
"ctnsappname":<String_value>,
"mail_profile":<String_value>,
"grace_period_expiry":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"value_type":<String_value>,
"is_deployed":<Integer_value>,
"value_expr":<String_value>,
"min_value":<Integer_value>,
"servicenow_profile":<String_value>,
"status":<Boolean_value>,
"grace_period":<Double_value>,
"comment":<String_value>,
"adm_learn_profile_name":<String_value>}}
<!--NeedCopy-->
Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error
Response Payload:
{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "af_waf_relaxation_rules":[{
"sms_profile":<String_value>,
"field_type":<String_value>,
"is_auto_deploy":<Boolean_value>,
"status":<Boolean_value>,
"mode":<Integer_value>,
"count_value":<Integer_value>,
"slack_profile":<String_value>,
"grace_period":<Double_value>,
"ctnsappname":<String_value>,
"violation_location":<Integer_value>,
"id":<String_value>,
"violation_id":<Integer_value>,
"field_name":<String_value>,
"resourceid":<String_value>,
"mail_profile":<String_value>,
"is_system":<Boolean_value>,
"rpt_sample_time":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"learning_mode":<Integer_value>,
"value_type":<String_value>,
"value_expr":<String_value>,
"is_deployed":<Integer_value>,
"http_req_url":<String_value>,
"si_device_ip_address":<String_value>,
"min_value":<Integer_value>,
"regex":<Integer_value>,
"servicenow_profile":<String_value>,
"profile_name":<String_value>,
"adm_learn_profile_name":<String_value>,
"no_of_violations":<Double_value>,
"comment":<String_value>,
"grace_period_expiry":<Double_value>}]}
<!--NeedCopy-->