ADM NITRO APIs

af_waf_relaxation_rules

Configuration for WAF Learning engine ready to deploy relaxation rules learnt for Level 2 resource.

Properties

(click to see Operations )

Name Data Type Permissions Description
sms_profile Read-write SMS Profile name.
field_type Read-write Field type to be relaxed.

Maximum length = 512
is_auto_deploy Read-write Field to check if auto deploying is ENABLED/DISABLED.
status Read-write Status is true when the rule is enabled and false when the rule is disabled.
mode Read-write Deployment mode would be OPEN(0) / CLOSE(1).
count_value Read-write count for the number of times this rule has caused violation.
slack_profile Read-write Slack Profile name.
grace_period Read-write time before a rule is auto deployed.
ctnsappname Read-write ctnsappname.

Maximum length = 255
violation_location Read-write Violation Location.
violation_id Read-write Violation Category.
field_name Read-write Field name to be relaxed.

Maximum length = 512
resourceid Read-write Resource Id generated for each relaxation rule which is bound to appfw profile..

Minimum length = 1

Maximum length = 128
mail_profile Read-write Mail Profile name.
is_system Read-write Set to true when system generated and false for user configured rule.
rpt_sample_time Read-write Report Sample time..
max_value Read-write Maximum length of the filed to be relaxed.
user_name Read-write Field used to maintain the name of User who take an action that lead to this transaction record.
learning_mode Read-write Learning mode to differentate between a rule to be pruned (2) or deployed (0 or 1).
value_type Read-write Value type to be relaxed.

Maximum length = 512
value_expr Read-write Value expression to be relaxed.

Maximum length = 512
is_deployed Read-write Field refelecting status of rule i.e 0-ready to deploy,1-deployed,2-skipped,4-failed.
http_req_url Read-write HTTP Request URL to be relaxed.

Maximum length = 2000
si_device_ip_address Read-write Citrix ADC IP Address..

Minimum length = 1

Maximum length = 512
min_value Read-write minimum length of the field to be relaxed.
regex Read-write Regex number 1 is REGEX and 2 is NOTREGEX in bind appfw profile per security check.
servicenow_profile Read-write servicenow Profile name.
profile_name Read-write profile_name.

Maximum length = 32
adm_learn_profile_name Read-write adm_learn_profile_name.

Minimum length = 1

Maximum length = 32
no_of_violations Read-write Number of violations.
comment Read-write Comment to be added to a relaxation rule while deploying it.

Maximum length = 255
grace_period_expiry Read-write Number of seconds left to trigger autodeploy for relaxation of URL.
id Read-only Id is system generated key..

Operations

(click to see Properties )

  • ADD
  • DELETE
  • GET (ALL)
  • UPDATE

Some options that you can use for each operations:

  • Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

    http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.

  • Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER: <username>

    X-NITRO-PASS: <password>

    Note: In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

*Note: * Mandatory parameters are marked in red and placeholder content is marked in green

The following parameters can be used in the nitro request : onerror <String_value>

Use this parameter to set the onerror status for nitro request. Applicable only for bulk requests.

Default value: EXIT

Possible values = EXIT, CONTINUE

add

URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules?onerror=<String_value> HTTPS Method: POST

Request Headers: Content-Type: application/json

X-NITRO-USER:username_value<String>

X-NITRO-PASS:password_value<String>

or

Cookie:NITRO_AUTH_TOKEN=token_value<String>

Request Payload:

{"af_waf_relaxation_rules": {
"mode":<Integer_value>,
"field_name":<String_value>,
"violation_id":<Integer_value>,
"violation_location":<Integer_value>,
"resourceid":<String_value>,
"is_system":<Boolean_value>,
"learning_mode":<Integer_value>,
"http_req_url":<String_value>,
"regex":<Integer_value>,
"is_auto_deploy":<Boolean_value>,
"count_value":<Integer_value>,
"rpt_sample_time":<Double_value>,
"si_device_ip_address":<String_value>,
"profile_name":<String_value>,
"field_type":<String_value>,
"sms_profile":<String_value>,
"no_of_violations":<Double_value>,
"slack_profile":<String_value>,
"ctnsappname":<String_value>,
"mail_profile":<String_value>,
"grace_period_expiry":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"value_type":<String_value>,
"is_deployed":<Integer_value>,
"value_expr":<String_value>,
"min_value":<Integer_value>,
"servicenow_profile":<String_value>,
"status":<Boolean_value>,
"grace_period":<Double_value>,
"comment":<String_value>,
"adm_learn_profile_name":<String_value>}}

<!--NeedCopy-->

Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "af_waf_relaxation_rules":[{
"sms_profile":<String_value>,
"field_type":<String_value>,
"is_auto_deploy":<Boolean_value>,
"status":<Boolean_value>,
"mode":<Integer_value>,
"count_value":<Integer_value>,
"slack_profile":<String_value>,
"grace_period":<Double_value>,
"ctnsappname":<String_value>,
"violation_location":<Integer_value>,
"id":<String_value>,
"violation_id":<Integer_value>,
"field_name":<String_value>,
"resourceid":<String_value>,
"mail_profile":<String_value>,
"is_system":<Boolean_value>,
"rpt_sample_time":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"learning_mode":<Integer_value>,
"value_type":<String_value>,
"value_expr":<String_value>,
"is_deployed":<Integer_value>,
"http_req_url":<String_value>,
"si_device_ip_address":<String_value>,
"min_value":<Integer_value>,
"regex":<Integer_value>,
"servicenow_profile":<String_value>,
"profile_name":<String_value>,
"adm_learn_profile_name":<String_value>,
"no_of_violations":<Double_value>,
"comment":<String_value>,
"grace_period_expiry":<Double_value>}]}

<!--NeedCopy-->

delete

URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules/id_value<String> HTTPS Method: DELETE

Request Headers: X-NITRO-USER:username_value<String>

X-NITRO-PASS:password_value<String>

or

Cookie:NITRO_AUTH_TOKEN=token_value<String>

Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt }

<!--NeedCopy-->

get (all)

URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules Query-parameters:

filter https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules ?filter=property-name1:property-value1,property-name2:property-value2 Use this query-parameter to get the filtered set of af_waf_relaxation_rules resources configured on the system. You can set a filter on any property of the resource.

pagesize=#no;pageno=#no https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules ?pagesize=#no;pageno=#no Use this query-parameter to get the af_waf_relaxation_rules resources in chunks.

count https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules ?count=yes Use this query-parameter to get the count of af_waf_relaxation_rules resources.

HTTPS Method: GET

Request Headers: Accept: application/json

X-NITRO-USER:username_value<String>

X-NITRO-PASS:password_value<String>

or

Cookie:NITRO_AUTH_TOKEN=token_value<String>

Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Headers:

Content-Type:application/json

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "af_waf_relaxation_rules":[{
"sms_profile":<String_value>,
"field_type":<String_value>,
"is_auto_deploy":<Boolean_value>,
"status":<Boolean_value>,
"mode":<Integer_value>,
"count_value":<Integer_value>,
"slack_profile":<String_value>,
"grace_period":<Double_value>,
"ctnsappname":<String_value>,
"violation_location":<Integer_value>,
"id":<String_value>,
"violation_id":<Integer_value>,
"field_name":<String_value>,
"resourceid":<String_value>,
"mail_profile":<String_value>,
"is_system":<Boolean_value>,
"rpt_sample_time":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"learning_mode":<Integer_value>,
"value_type":<String_value>,
"value_expr":<String_value>,
"is_deployed":<Integer_value>,
"http_req_url":<String_value>,
"si_device_ip_address":<String_value>,
"min_value":<Integer_value>,
"regex":<Integer_value>,
"servicenow_profile":<String_value>,
"profile_name":<String_value>,
"adm_learn_profile_name":<String_value>,
"no_of_violations":<Double_value>,
"comment":<String_value>,
"grace_period_expiry":<Double_value>}]}

<!--NeedCopy-->

update

URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules/id_value<String> HTTPS Method: PUT

Request Headers: Content-Type: application/json

X-NITRO-USER:username_value<String>

X-NITRO-PASS:password_value<String>

or

Cookie:NITRO_AUTH_TOKEN=token_value<String>

Request Payload:

{"af_waf_relaxation_rules":{
"mode":<Integer_value>,
"field_name":<String_value>,
"violation_id":<Integer_value>,
"violation_location":<Integer_value>,
"resourceid":<String_value>,
"is_system":<Boolean_value>,
"learning_mode":<Integer_value>,
"http_req_url":<String_value>,
"regex":<Integer_value>,
"is_auto_deploy":<Boolean_value>,
"count_value":<Integer_value>,
"rpt_sample_time":<Double_value>,
"si_device_ip_address":<String_value>,
"profile_name":<String_value>,
"field_type":<String_value>,
"sms_profile":<String_value>,
"no_of_violations":<Double_value>,
"slack_profile":<String_value>,
"ctnsappname":<String_value>,
"mail_profile":<String_value>,
"grace_period_expiry":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"value_type":<String_value>,
"is_deployed":<Integer_value>,
"value_expr":<String_value>,
"min_value":<Integer_value>,
"servicenow_profile":<String_value>,
"status":<Boolean_value>,
"grace_period":<Double_value>,
"comment":<String_value>,
"adm_learn_profile_name":<String_value>}}

<!--NeedCopy-->

Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "af_waf_relaxation_rules":[{
"sms_profile":<String_value>,
"field_type":<String_value>,
"is_auto_deploy":<Boolean_value>,
"status":<Boolean_value>,
"mode":<Integer_value>,
"count_value":<Integer_value>,
"slack_profile":<String_value>,
"grace_period":<Double_value>,
"ctnsappname":<String_value>,
"violation_location":<Integer_value>,
"id":<String_value>,
"violation_id":<Integer_value>,
"field_name":<String_value>,
"resourceid":<String_value>,
"mail_profile":<String_value>,
"is_system":<Boolean_value>,
"rpt_sample_time":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"learning_mode":<Integer_value>,
"value_type":<String_value>,
"value_expr":<String_value>,
"is_deployed":<Integer_value>,
"http_req_url":<String_value>,
"si_device_ip_address":<String_value>,
"min_value":<Integer_value>,
"regex":<Integer_value>,
"servicenow_profile":<String_value>,
"profile_name":<String_value>,
"adm_learn_profile_name":<String_value>,
"no_of_violations":<Double_value>,
"comment":<String_value>,
"grace_period_expiry":<Double_value>}]}

<!--NeedCopy-->
af_waf_relaxation_rules