GraphQL API Schema Reference
GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.
References
Version: 1.0.4
Authentication
Use the Client ID and Client Secret to request a token (JWT). This will be used as a Bearer token to make authenticated requests to the GraphQL API.
curl -L -X POST 'https:/auth.appsecportal.com/oauth/token' \
-H 'Content-Type: application/json' \
-d '{
"client_id": "<CLIENT_ID>",
"client_secret": "<CLIENT_SECRET>",
"audience": "https://api.appsecportal.com/",
"grant_type": "client_credentials"
}'
The request above will return a bearer token in the access_token field which should be used in the Authorization header for all further API requests. Example Response:
{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlFUTXdSVVF4UVVJMU9ESTFNVVJHUWtJeU16STRSRGM1UmpWR016TkZPRU5DTmpVMVFrWkNSQSJ9.eyJodHRwczovL2FwaS5hcHBzZWNwb3J0YWwuY29tL25zciI6eyJkbm0iOiJTUF9VV0FGVEVTVCIsInVpZCI6ImF1dGgwfDVmNDU1ZmU2ODJkMGNjMDA2ZGNjZmNlOSIsInNubSI6InV3YWZ0ZXN0IiwidGt5IjoiIn0sImlzcyI6Imh0dHBzOi8vbmV1c3RhcnNlY3VyaXR5LmF1dGgwLmNvbS8iLCJzdWIiOiJnaU5CQm9QcWE3YjdMTXZ3eWRsZjRSZktBcjNTREhEU0BjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly9hcGkuYXBwc2VjcG9ydGFsLmNvbS8iLCJpYXQiOjE2Nzc3MDMxMjUsImV4cCI6MTY3Nzc4OTUyNSwiYXpwIjoiZ2lOQkJvUHFhN2I3TE12d3lkbGY0UmZLQXIzU0RIRFMiLCJzY29wZSI6ImFsZXJ0OnJlYWQgYXBwc2VjLWFsZXJ0OnJlYWQgYXVkaXQ6cmVhZCBibG9ja2VkLWlwOnJlYWQgYm90LW1pdGlnYXRpb246cmVhZCBjZXJ0aWZpY2F0ZTp3cml0ZSBjb21wYW55OndyaXRlIG1hc3F1ZXJhZGU6b3RoZXIgbWl0aWdhdGlvbjpyZWFkIG5ldHdvcmstY29uZmlnOnJlYWQgcG9saWN5OmJvdC1zaWduYXR1cmVzIHBvbGljeTpzaWduYXR1cmVzIHBvbGljeTp3cml0ZSBwcm94eTp3cml0ZSByZXBvcnRzOnJlYWQgcmVwb3J0czp3cml0ZSBzc286d3JpdGUgdW5pZmllZC1hbGVydHM6cmVhZCB1bmlmaWVkLWV2ZW50czpyZWFkIHVzZXI6cmVhZCB1c2VyOndyaXRlIHdhZi1taXRpZ2F0aW9uOnJlYWQiLCJndHkiOiJjbGllbnQtY3JlZGVudGlhbHMiLCJwZXJtaXNzaW9ucyI6WyJhbGVydDpyZWFkIiwiYXBwc2VjLWFsZXJ0OnJlYWQiLCJhdWRpdDpyZWFkIiwiYmxvY2tlZC1pcDpyZWFkIiwiYm90LW1pdGlnYXRpb246cmVhZCIsImNlcnRpZmljYXRlOndyaXRlIiwiY29tcGFueTp3cml0ZSIsIm1hc3F1ZXJhZGU6b3RoZXIiLCJtaXRpZ2F0aW9uOnJlYWQiLCJuZXR3b3JrLWNvbmZpZzpyZWFkIiwicG9saWN5OmJvdC1zaWduYXR1cmVzIiwicG9saWN5OnNpZ25hdHVyZXMiLCJwb2xpY3k6d3JpdGUiLCJwcm94eTp3cml0ZSIsInJlcG9ydHM6cmVhZCIsInJlcG9ydHM6d3JpdGUiLCJzc286d3JpdGUiLCJ1bmlmaWVkLWFsZXJ0czpyZWFkIiwidW5pZmllZC1ldmVudHM6cmVhZCIsInVzZXI6cmVhZCIsInVzZXI6d3JpdGUiLCJ3YWYtbWl0aWdhdGlvbjpyZWFkIl19.K_dZh5t9_hpn0s2yLKyk2rRx3qt5u5VDaUaCBPdwPVSt-RhM7BzQxf5EizWkl4z8c09YJJ0nw-PZPZb_SRcM1f5aoNcTgocyfxi68G1XQArOmw1M2xopaH-0K2uusXqsfrr262E2ibBNM3DSGD3pVDy5B-erzYsW0Bavm6NUWLoJGKFTHsXWOr9eS_HZGTrdE2VUNPtiOzBIcE4e9xqY26Eig3w4JGUNzIEPlZ1WMDwKDAAwuv0B6WI0dlWi_5Rl4Lp8i44n1Fs10eCsdYYySy7cl02fMRQxPAmcna0a1n9r8ysDH3ttayF8RUegajAz7LvkFktw0kY0Gat-_QMuWA","scope":"alert:read appsec-alert:read audit:read blocked-ip:read bot-mitigation:read certificate:write company:write masquerade:other mitigation:read network-config:read policy:bot-signatures policy:signatures policy:write proxy:write reports:read reports:write sso:write unified-alerts:read unified-events:read user:read user:write waf-mitigation:read","expires_in":86400,"token_type":"Bearer"}
Formatting your API Request
The GraphQL API has a single endpoint.
Requires:
- Bearer Token (see Authentication)
- Query object
curl -L -X POST 'https://api.appsecportal.com/query' \
-H 'Authorization: Bearer <TOKEN>' \
-H 'Content-Type: application/json' \
--data-raw '{"query": <QUERY> }'
Example Request with Authentication:
curl -L -X POST 'https://api.appsecportal.com/query' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlFUTXdSVVF4UVVJMU9ESTFNVVJHUWtJeU16STRSRGM1UmpWR016TkZPRU5DTmpVMVFrWkNSQSJ9.eyJodHRwczovL2FwaS5hcHBzZWNwb3J0YWwuY29tL25zciI6eyJkbm0iOiJTUF9VV0FGVEVTVCIsInVpZCI6ImF1dGgwfDVmNDU1ZmU2ODJkMGNjMDA2ZGNjZmNlOSIsInNubSI6InV3YWZ0ZXN0IiwidGt5IjoiIn0sImlzcyI6Imh0dHBzOi8vbmV1c3RhcnNlY3VyaXR5LmF1dGgwLmNvbS8iLCJzdWIiOiJnaU5CQm9QcWE3YjdMTXZ3eWRsZjRSZktBcjNTREhEU0BjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly9hcGkuYXBwc2VjcG9ydGFsLmNvbS8iLCJpYXQiOjE2Nzc3MTE2NjcsImV4cCI6MTY3Nzc5ODA2NywiYXpwIjoiZ2lOQkJvUHFhN2I3TE12d3lkbGY0UmZLQXIzU0RIRFMiLCJzY29wZSI6ImFsZXJ0OnJlYWQgYXBwc2VjLWFsZXJ0OnJlYWQgYXVkaXQ6cmVhZCBibG9ja2VkLWlwOnJlYWQgYm90LW1pdGlnYXRpb246cmVhZCBjZXJ0aWZpY2F0ZTp3cml0ZSBjb21wYW55OndyaXRlIG1hc3F1ZXJhZGU6b3RoZXIgbWl0aWdhdGlvbjpyZWFkIG5ldHdvcmstY29uZmlnOnJlYWQgcG9saWN5OmJvdC1zaWduYXR1cmVzIHBvbGljeTpzaWduYXR1cmVzIHBvbGljeTp3cml0ZSBwcm94eTp3cml0ZSByZXBvcnRzOnJlYWQgcmVwb3J0czp3cml0ZSBzc286d3JpdGUgdW5pZmllZC1hbGVydHM6cmVhZCB1bmlmaWVkLWV2ZW50czpyZWFkIHVzZXI6cmVhZCB1c2VyOndyaXRlIHdhZi1taXRpZ2F0aW9uOnJlYWQiLCJndHkiOiJjbGllbnQtY3JlZGVudGlhbHMiLCJwZXJtaXNzaW9ucyI6WyJhbGVydDpyZWFkIiwiYXBwc2VjLWFsZXJ0OnJlYWQiLCJhdWRpdDpyZWFkIiwiYmxvY2tlZC1pcDpyZWFkIiwiYm90LW1pdGlnYXRpb246cmVhZCIsImNlcnRpZmljYXRlOndyaXRlIiwiY29tcGFueTp3cml0ZSIsIm1hc3F1ZXJhZGU6b3RoZXIiLCJtaXRpZ2F0aW9uOnJlYWQiLCJuZXR3b3JrLWNvbmZpZzpyZWFkIiwicG9saWN5OmJvdC1zaWduYXR1cmVzIiwicG9saWN5OnNpZ25hdHVyZXMiLCJwb2xpY3k6d3JpdGUiLCJwcm94eTp3cml0ZSIsInJlcG9ydHM6cmVhZCIsInJlcG9ydHM6d3JpdGUiLCJzc286d3JpdGUiLCJ1bmlmaWVkLWFsZXJ0czpyZWFkIiwidW5pZmllZC1ldmVudHM6cmVhZCIsInVzZXI6cmVhZCIsInVzZXI6d3JpdGUiLCJ3YWYtbWl0aWdhdGlvbjpyZWFkIl19.TOaT7k8GYEiTYEta8hfjA66RJdXuT_LEJl8IbQ9l_8v6z8kwhs8hRwBVpUM8YEirAxZTIYfiQ74bomXwJpWg1sTKtcuqgm33zoaP27xcR0w_k9IlFy-0odEWR0ySnFvB4bR4xPtTGms9DKe27yNU1V8BzjyZmqRthU8hHAxESaGkCnZzKWdz4KkTzJzwKE2L2amImn0CI3uKUFZp1AOa63EXPLZ0UB92KF3Rqa6FLtxHYmTtNMx1aykeIti3ycGOGfRE81aVM0gUE3bOas16iKICNGAg8rhlqq2H3wfribrV32n0jGu0mmKSIMj4T4ds5P5AMfH2Ct2y-H5OEdzfTg' \
-H 'Content-Type: application/json' \
--data-raw '{"query":"{company(filter:{dName: \"SP_UWAFTEST\"}){dName}}"}'
Example Response:
{"data":{"company":{"dName":"SP_UWAFTEST"}}}
Query Examples
Company Notifications Configuration
User Notifications Configuration
Shared Host Detection Settings
| Name | Request Example |
Company Filter |
Filter by Customer Reseller's Data |
Events |
|
Violation Logs |
|
Proxies |
|
Policies |
|
Audit Logs |
|
Alerts |
|
Blocked IP Logs |
|
Company Notifications Configuration |
|
User Notifications Configuration |
|
Notifications |
|
Shared Host Detection Settings |
|
DDoS Filter Lists |
|
Queries
baseBotSignatures
BotSignaturesWithPagination
| Name | Description |
|---|---|
filter -
BotSignatureFilterInput
|
Reduce the returned list to specific items |
page -
UnsignedInt32!
|
The page number to fetch results for. Default = 1 |
perPage -
UnsignedInt32!
|
The maximum number of results to show per page. Default = 1000 |
sortBy -
[BotSignatureSortBy!]
|
Sort the results |
Example
Query
query baseBotSignatures($filter: BotSignatureFilterInput, $page: UnsignedInt32!, $perPage: UnsignedInt32!, $sortBy: [BotSignatureSortBy!]) {
baseBotSignatures(filter: $filter, page: $page, perPage: $perPage, sortBy: $sortBy) {
pageInfo {
...PaginationFragment
}
results {
...BaseBotSignatureFragment
}
version {
...BotSignaturesVersionFragment
}
}
}
Variables
{
"filter": BotSignatureFilterInput,
"page": 1,
"perPage": 1000,
"sortBy": [BotSignatureSortBy]
}
Response
{
"data": {
"baseBotSignatures": {
"pageInfo": Pagination,
"results": [BaseBotSignature],
"version": BotSignaturesVersion
}
}
}
baseWAFSignatures
BaseWAFSignaturesResponse
| Name | Description |
|---|---|
filter -
WAFSignatureFilterInput
|
Reduce the returned list to specific items |
page -
UnsignedInt32!
|
The page number to fetch results for. Default = 1 |
perPage -
UnsignedInt32!
|
The maximum number of results to show per page. Default = 1000 |
sortBy -
[BaseWAFSignatureSortBy!]
|
Sort the results |
Example
Query
query baseWAFSignatures($filter: WAFSignatureFilterInput, $page: UnsignedInt32!, $perPage: UnsignedInt32!, $sortBy: [BaseWAFSignatureSortBy!]) {
baseWAFSignatures(filter: $filter, page: $page, perPage: $perPage, sortBy: $sortBy) {
lastCheckedTime
signatures {
...BaseWAFSignaturesWithPaginationFragment
}
}
}
Variables
{
"filter": WAFSignatureFilterInput,
"page": 1,
"perPage": 1000,
"sortBy": [BaseWAFSignatureSortBy]
}
Response
{
"data": {
"baseWAFSignatures": {
"lastCheckedTime": Time,
"signatures": BaseWAFSignaturesWithPagination
}
}
}
company
Example
Query
query company($filter: CompanyFilterInput) {
company(filter: $filter) {
accountID
accountInfo {
...AccountInfoFragment
}
accountManagerEmail
accountManagerName
acls {
...ACLsOutputFragment
}
alerts {
...AlertsWithPaginationFragment
}
allCustomers {
...CompaniesWithPaginationFragment
}
apiPackage {
...APIAccessFragment
}
appDataAnalytics {
...AppDataAnalyticsResponseFragment
}
auditLogTransactions {
...AuditLogTransactionsWithPaginationFragment
}
bgpPackage {
...BGPPackageFragment
}
botAnalytics {
...BotAnalyticsResponseFragment
}
certificates {
...CertificateFragment
}
configurationChanges {
...ConfigurationChangeFragment
}
corporateDomain
corporateName
createdAt
customers {
...CompanyFragment
}
dName
ddosBlockedIPLogs {
...BlockedIPLogsWithPaginationFragment
}
deleted
destinationIPs
details {
...CompanyDetailsFragment
}
detectionAndAlertingPackage {
...DetectionAndAlertingPackageFragment
}
enabled
event {
...EventFragment
}
events {
...EventsWithPaginationFragment
}
executiveReports {
...ExecutiveReportsWithPaginationFragment
}
filterLists {
...FilterListsWithPaginationFragment
}
formerlyKnownAs
id
isReseller
legacyProxies {
...LegacyProxyFragment
}
managedObjects {
...ManagedObjectFragment
}
managementDomain
mfaPackage {
...MFAPackageFragment
}
notificationConfigurations {
...NotificationConfigurationsWithPaginationFragment
}
notificationRecords {
...NotificationRecordsWithPaginationFragment
}
oneTimeExecutiveReportConfigurations {
...OneTimeExecutiveReportConfigurationsWithPaginationFragment
}
policies {
...PolicyFragment
}
proxies {
...ProxyFragment
}
proxyPackage {
...ProxyPackageFragment
}
recurringExecutiveReportConfigurations {
...RecurringExecutiveReportConfigurationsWithPaginationFragment
}
resellBGP
resellBot
resellDetectionAndAlerting
resellProxy
resellWAF
reseller {
...CompanyFragment
}
responderAnalytics {
...ResponderAnalyticsResponseFragment
}
runBook {
...RunBookFragment
}
serviceProvider
shortname
ssoPackage {
...SSOPackageFragment
}
status {
...StatusOutputFragment
}
technicalEmail
technicalFirstName
technicalJobTitle
technicalLastName
technicalMobile
technicalPhone
traffic {
...TrafficOutputFragment
}
tunnels {
...TunnelFragment
}
updatedAt
userPurgeList {
...UserLoginIDWithPaginationFragment
}
users {
...UsersWithPaginationFragment
}
wafAnalytics {
...WAFAnalyticsResponseFragment
}
whiteLabel {
...WhiteLabelFragment
}
}
}
Variables
{"filter": CompanyFilterInput}
Response
{
"data": {
"company": {
"accountID": "xyz789",
"accountInfo": AccountInfo,
"accountManagerEmail": "abc123",
"accountManagerName": "abc123",
"acls": ACLsOutput,
"alerts": AlertsWithPagination,
"allCustomers": CompaniesWithPagination,
"apiPackage": APIAccess,
"appDataAnalytics": [AppDataAnalyticsResponse],
"auditLogTransactions": AuditLogTransactionsWithPagination,
"bgpPackage": BGPPackage,
"botAnalytics": BotAnalyticsResponse,
"certificates": [Certificate],
"configurationChanges": [ConfigurationChange],
"corporateDomain": "abc123",
"corporateName": "abc123",
"createdAt": Time,
"customers": [Company],
"dName": "xyz789",
"ddosBlockedIPLogs": BlockedIPLogsWithPagination,
"deleted": true,
"destinationIPs": [CIDR],
"details": CompanyDetails,
"detectionAndAlertingPackage": DetectionAndAlertingPackage,
"enabled": false,
"event": Event,
"events": EventsWithPagination,
"executiveReports": ExecutiveReportsWithPagination,
"filterLists": FilterListsWithPagination,
"formerlyKnownAs": "xyz789",
"id": "abc123",
"isReseller": true,
"legacyProxies": [LegacyProxy],
"managedObjects": [ManagedObject],
"managementDomain": "xyz789",
"mfaPackage": MFAPackage,
"notificationConfigurations": NotificationConfigurationsWithPagination,
"notificationRecords": NotificationRecordsWithPagination,
"oneTimeExecutiveReportConfigurations": OneTimeExecutiveReportConfigurationsWithPagination,
"policies": [Policy],
"proxies": [Proxy],
"proxyPackage": ProxyPackage,
"recurringExecutiveReportConfigurations": RecurringExecutiveReportConfigurationsWithPagination,
"resellBGP": true,
"resellBot": false,
"resellDetectionAndAlerting": false,
"resellProxy": true,
"resellWAF": false,
"reseller": Company,
"responderAnalytics": ResponderAnalyticsResponse,
"runBook": RunBook,
"serviceProvider": "abc123",
"shortname": "abc123",
"ssoPackage": SSOPackage,
"status": StatusOutput,
"technicalEmail": "xyz789",
"technicalFirstName": "xyz789",
"technicalJobTitle": "xyz789",
"technicalLastName": "xyz789",
"technicalMobile": "abc123",
"technicalPhone": "xyz789",
"traffic": TrafficOutput,
"tunnels": [Tunnel],
"updatedAt": Time,
"userPurgeList": UserLoginIDWithPagination,
"users": UsersWithPagination,
"wafAnalytics": WAFAnalyticsResponse,
"whiteLabel": WhiteLabel
}
}
}
configurationChangesLock
Example
Query
query configurationChangesLock {
configurationChangesLock {
status
timestamp
}
}
Response
{
"data": {
"configurationChangesLock": {
"status": ConfigurationChangesLockStatus,
"timestamp": Time
}
}
}
ipInfo
Example
Query
query ipInfo($address: IPAddressInput!) {
ipInfo(address: $address) {
address {
...IPAddressFragment
}
location {
...GeoLocationFragment
}
network {
...IPNetworkFragment
}
reputation {
...IPReputationFragment
}
}
}
Variables
{"address": IPAddressInput}
Response
{
"data": {
"ipInfo": {
"address": IPAddress,
"location": GeoLocation,
"network": IPNetwork,
"reputation": IPReputation
}
}
}
isCustomer
Example
Query
query isCustomer($customer: String!, $reseller: String!) {
isCustomer(customer: $customer, reseller: $reseller)
}
Variables
{"customer": "xyz789", "reseller": "abc123"}
Response
{"data": {"isCustomer": true}}
networkNodes
Example
Query
query networkNodes($filter: NetworkNodeFilterInput) {
networkNodes(filter: $filter) {
description
iataCode
}
}
Variables
{"filter": NetworkNodeFilterInput}
Response
{"data": {"networkNodes": [{"description": "xyz789", "iataCode": "abc123"}]}}
notificationsWhiteLabel
Example
Query
query notificationsWhiteLabel($filter: CompanyFilterInput!) {
notificationsWhiteLabel(filter: $filter) {
managementDomain
whiteLabel {
...WhiteLabelFragment
}
}
}
Variables
{"filter": CompanyFilterInput}
Response
{
"data": {
"notificationsWhiteLabel": {
"managementDomain": "xyz789",
"whiteLabel": WhiteLabel
}
}
}
policyChanges
Example
Query
query policyChanges($asOf: Time, $since: Time!) {
policyChanges(asOf: $asOf, since: $since) {
accountID
accountInfo {
...AccountInfoFragment
}
accountManagerEmail
accountManagerName
acls {
...ACLsOutputFragment
}
alerts {
...AlertsWithPaginationFragment
}
allCustomers {
...CompaniesWithPaginationFragment
}
apiPackage {
...APIAccessFragment
}
appDataAnalytics {
...AppDataAnalyticsResponseFragment
}
auditLogTransactions {
...AuditLogTransactionsWithPaginationFragment
}
bgpPackage {
...BGPPackageFragment
}
botAnalytics {
...BotAnalyticsResponseFragment
}
certificates {
...CertificateFragment
}
configurationChanges {
...ConfigurationChangeFragment
}
corporateDomain
corporateName
createdAt
customers {
...CompanyFragment
}
dName
ddosBlockedIPLogs {
...BlockedIPLogsWithPaginationFragment
}
deleted
destinationIPs
details {
...CompanyDetailsFragment
}
detectionAndAlertingPackage {
...DetectionAndAlertingPackageFragment
}
enabled
event {
...EventFragment
}
events {
...EventsWithPaginationFragment
}
executiveReports {
...ExecutiveReportsWithPaginationFragment
}
filterLists {
...FilterListsWithPaginationFragment
}
formerlyKnownAs
id
isReseller
legacyProxies {
...LegacyProxyFragment
}
managedObjects {
...ManagedObjectFragment
}
managementDomain
mfaPackage {
...MFAPackageFragment
}
notificationConfigurations {
...NotificationConfigurationsWithPaginationFragment
}
notificationRecords {
...NotificationRecordsWithPaginationFragment
}
oneTimeExecutiveReportConfigurations {
...OneTimeExecutiveReportConfigurationsWithPaginationFragment
}
policies {
...PolicyFragment
}
proxies {
...ProxyFragment
}
proxyPackage {
...ProxyPackageFragment
}
recurringExecutiveReportConfigurations {
...RecurringExecutiveReportConfigurationsWithPaginationFragment
}
resellBGP
resellBot
resellDetectionAndAlerting
resellProxy
resellWAF
reseller {
...CompanyFragment
}
responderAnalytics {
...ResponderAnalyticsResponseFragment
}
runBook {
...RunBookFragment
}
serviceProvider
shortname
ssoPackage {
...SSOPackageFragment
}
status {
...StatusOutputFragment
}
technicalEmail
technicalFirstName
technicalJobTitle
technicalLastName
technicalMobile
technicalPhone
traffic {
...TrafficOutputFragment
}
tunnels {
...TunnelFragment
}
updatedAt
userPurgeList {
...UserLoginIDWithPaginationFragment
}
users {
...UsersWithPaginationFragment
}
wafAnalytics {
...WAFAnalyticsResponseFragment
}
whiteLabel {
...WhiteLabelFragment
}
}
}
Variables
{"asOf": Time, "since": Time}
Response
{
"data": {
"policyChanges": [
{
"accountID": "abc123",
"accountInfo": AccountInfo,
"accountManagerEmail": "xyz789",
"accountManagerName": "xyz789",
"acls": ACLsOutput,
"alerts": AlertsWithPagination,
"allCustomers": CompaniesWithPagination,
"apiPackage": APIAccess,
"appDataAnalytics": [AppDataAnalyticsResponse],
"auditLogTransactions": AuditLogTransactionsWithPagination,
"bgpPackage": BGPPackage,
"botAnalytics": BotAnalyticsResponse,
"certificates": [Certificate],
"configurationChanges": [ConfigurationChange],
"corporateDomain": "xyz789",
"corporateName": "xyz789",
"createdAt": Time,
"customers": [Company],
"dName": "xyz789",
"ddosBlockedIPLogs": BlockedIPLogsWithPagination,
"deleted": true,
"destinationIPs": [CIDR],
"details": CompanyDetails,
"detectionAndAlertingPackage": DetectionAndAlertingPackage,
"enabled": false,
"event": Event,
"events": EventsWithPagination,
"executiveReports": ExecutiveReportsWithPagination,
"filterLists": FilterListsWithPagination,
"formerlyKnownAs": "xyz789",
"id": "xyz789",
"isReseller": false,
"legacyProxies": [LegacyProxy],
"managedObjects": [ManagedObject],
"managementDomain": "abc123",
"mfaPackage": MFAPackage,
"notificationConfigurations": NotificationConfigurationsWithPagination,
"notificationRecords": NotificationRecordsWithPagination,
"oneTimeExecutiveReportConfigurations": OneTimeExecutiveReportConfigurationsWithPagination,
"policies": [Policy],
"proxies": [Proxy],
"proxyPackage": ProxyPackage,
"recurringExecutiveReportConfigurations": RecurringExecutiveReportConfigurationsWithPagination,
"resellBGP": true,
"resellBot": false,
"resellDetectionAndAlerting": true,
"resellProxy": true,
"resellWAF": true,
"reseller": Company,
"responderAnalytics": ResponderAnalyticsResponse,
"runBook": RunBook,
"serviceProvider": "xyz789",
"shortname": "abc123",
"ssoPackage": SSOPackage,
"status": StatusOutput,
"technicalEmail": "abc123",
"technicalFirstName": "abc123",
"technicalJobTitle": "xyz789",
"technicalLastName": "xyz789",
"technicalMobile": "xyz789",
"technicalPhone": "xyz789",
"traffic": TrafficOutput,
"tunnels": [Tunnel],
"updatedAt": Time,
"userPurgeList": UserLoginIDWithPagination,
"users": UsersWithPagination,
"wafAnalytics": WAFAnalyticsResponse,
"whiteLabel": WhiteLabel
}
]
}
}
proxyChanges
Example
Query
query proxyChanges($asOf: Time, $since: Time!) {
proxyChanges(asOf: $asOf, since: $since) {
accountID
accountInfo {
...AccountInfoFragment
}
accountManagerEmail
accountManagerName
acls {
...ACLsOutputFragment
}
alerts {
...AlertsWithPaginationFragment
}
allCustomers {
...CompaniesWithPaginationFragment
}
apiPackage {
...APIAccessFragment
}
appDataAnalytics {
...AppDataAnalyticsResponseFragment
}
auditLogTransactions {
...AuditLogTransactionsWithPaginationFragment
}
bgpPackage {
...BGPPackageFragment
}
botAnalytics {
...BotAnalyticsResponseFragment
}
certificates {
...CertificateFragment
}
configurationChanges {
...ConfigurationChangeFragment
}
corporateDomain
corporateName
createdAt
customers {
...CompanyFragment
}
dName
ddosBlockedIPLogs {
...BlockedIPLogsWithPaginationFragment
}
deleted
destinationIPs
details {
...CompanyDetailsFragment
}
detectionAndAlertingPackage {
...DetectionAndAlertingPackageFragment
}
enabled
event {
...EventFragment
}
events {
...EventsWithPaginationFragment
}
executiveReports {
...ExecutiveReportsWithPaginationFragment
}
filterLists {
...FilterListsWithPaginationFragment
}
formerlyKnownAs
id
isReseller
legacyProxies {
...LegacyProxyFragment
}
managedObjects {
...ManagedObjectFragment
}
managementDomain
mfaPackage {
...MFAPackageFragment
}
notificationConfigurations {
...NotificationConfigurationsWithPaginationFragment
}
notificationRecords {
...NotificationRecordsWithPaginationFragment
}
oneTimeExecutiveReportConfigurations {
...OneTimeExecutiveReportConfigurationsWithPaginationFragment
}
policies {
...PolicyFragment
}
proxies {
...ProxyFragment
}
proxyPackage {
...ProxyPackageFragment
}
recurringExecutiveReportConfigurations {
...RecurringExecutiveReportConfigurationsWithPaginationFragment
}
resellBGP
resellBot
resellDetectionAndAlerting
resellProxy
resellWAF
reseller {
...CompanyFragment
}
responderAnalytics {
...ResponderAnalyticsResponseFragment
}
runBook {
...RunBookFragment
}
serviceProvider
shortname
ssoPackage {
...SSOPackageFragment
}
status {
...StatusOutputFragment
}
technicalEmail
technicalFirstName
technicalJobTitle
technicalLastName
technicalMobile
technicalPhone
traffic {
...TrafficOutputFragment
}
tunnels {
...TunnelFragment
}
updatedAt
userPurgeList {
...UserLoginIDWithPaginationFragment
}
users {
...UsersWithPaginationFragment
}
wafAnalytics {
...WAFAnalyticsResponseFragment
}
whiteLabel {
...WhiteLabelFragment
}
}
}
Variables
{"asOf": Time, "since": Time}
Response
{
"data": {
"proxyChanges": [
{
"accountID": "abc123",
"accountInfo": AccountInfo,
"accountManagerEmail": "abc123",
"accountManagerName": "xyz789",
"acls": ACLsOutput,
"alerts": AlertsWithPagination,
"allCustomers": CompaniesWithPagination,
"apiPackage": APIAccess,
"appDataAnalytics": [AppDataAnalyticsResponse],
"auditLogTransactions": AuditLogTransactionsWithPagination,
"bgpPackage": BGPPackage,
"botAnalytics": BotAnalyticsResponse,
"certificates": [Certificate],
"configurationChanges": [ConfigurationChange],
"corporateDomain": "abc123",
"corporateName": "abc123",
"createdAt": Time,
"customers": [Company],
"dName": "xyz789",
"ddosBlockedIPLogs": BlockedIPLogsWithPagination,
"deleted": false,
"destinationIPs": [CIDR],
"details": CompanyDetails,
"detectionAndAlertingPackage": DetectionAndAlertingPackage,
"enabled": false,
"event": Event,
"events": EventsWithPagination,
"executiveReports": ExecutiveReportsWithPagination,
"filterLists": FilterListsWithPagination,
"formerlyKnownAs": "abc123",
"id": "xyz789",
"isReseller": false,
"legacyProxies": [LegacyProxy],
"managedObjects": [ManagedObject],
"managementDomain": "abc123",
"mfaPackage": MFAPackage,
"notificationConfigurations": NotificationConfigurationsWithPagination,
"notificationRecords": NotificationRecordsWithPagination,
"oneTimeExecutiveReportConfigurations": OneTimeExecutiveReportConfigurationsWithPagination,
"policies": [Policy],
"proxies": [Proxy],
"proxyPackage": ProxyPackage,
"recurringExecutiveReportConfigurations": RecurringExecutiveReportConfigurationsWithPagination,
"resellBGP": true,
"resellBot": true,
"resellDetectionAndAlerting": true,
"resellProxy": false,
"resellWAF": true,
"reseller": Company,
"responderAnalytics": ResponderAnalyticsResponse,
"runBook": RunBook,
"serviceProvider": "xyz789",
"shortname": "abc123",
"ssoPackage": SSOPackage,
"status": StatusOutput,
"technicalEmail": "xyz789",
"technicalFirstName": "xyz789",
"technicalJobTitle": "abc123",
"technicalLastName": "abc123",
"technicalMobile": "abc123",
"technicalPhone": "xyz789",
"traffic": TrafficOutput,
"tunnels": [Tunnel],
"updatedAt": Time,
"userPurgeList": UserLoginIDWithPagination,
"users": UsersWithPagination,
"wafAnalytics": WAFAnalyticsResponse,
"whiteLabel": WhiteLabel
}
]
}
}
user
Example
Query
query user($filter: UserFilterInput) {
user(filter: $filter) {
company {
...CompanyFragment
}
createdAt
email
enabled
firstName
id
jobTitle
lastLogin
lastName
mobile
notificationConfiguration {
...UserNotificationConfigurationFragment
}
phone
roles
updatedAt
userName
}
}
Variables
{"filter": UserFilterInput}
Response
{
"data": {
"user": {
"company": Company,
"createdAt": Time,
"email": "xyz789",
"enabled": true,
"firstName": "abc123",
"id": "abc123",
"jobTitle": "xyz789",
"lastLogin": Time,
"lastName": "abc123",
"mobile": "abc123",
"notificationConfiguration": UserNotificationConfiguration,
"phone": "abc123",
"roles": [UserRole],
"updatedAt": Time,
"userName": "xyz789"
}
}
}
userLogs
Example
Query
query userLogs($filter: UserLogsFilterInput!) {
userLogs(filter: $filter) {
date
description
ip
logID
type
userID
}
}
Variables
{"filter": UserLogsFilterInput}
Response
{
"data": {
"userLogs": [
{
"date": Time,
"description": "xyz789",
"ip": "xyz789",
"logID": "abc123",
"type": "xyz789",
"userID": "abc123"
}
]
}
}
Mutations
commitSAMLConnection
Example
Query
mutation commitSAMLConnection($input: SAMLInput!) {
commitSAMLConnection(input: $input) {
config {
...SSOConfigFragment
}
}
}
Variables
{"input": SAMLInput}
Response
{"data": {"commitSAMLConnection": {"config": SSOConfig}}}
createCertificate
Example
Query
mutation createCertificate($input: CreateCertificateInput!) {
createCertificate(input: $input) {
certificate {
...CertificateFragment
}
}
}
Variables
{"input": CreateCertificateInput}
Response
{
"data": {
"createCertificate": {"certificate": Certificate}
}
}
createCompanyNotificationConfiguration
CreateCompanyNotificationConfigurationOutput
| Name | Description |
|---|---|
input -
CreateCompanyNotificationConfigurationInput!
|
Example
Query
mutation createCompanyNotificationConfiguration($input: CreateCompanyNotificationConfigurationInput!) {
createCompanyNotificationConfiguration(input: $input) {
configuration {
...CompanyNotificationConfigurationFragment
}
}
}
Variables
{"input": CreateCompanyNotificationConfigurationInput}
Response
{
"data": {
"createCompanyNotificationConfiguration": {
"configuration": CompanyNotificationConfiguration
}
}
}
createDraftACL
Example
Query
mutation createDraftACL($input: CreateDraftACLInput!) {
createDraftACL(input: $input) {
companyDName
id
}
}
Variables
{"input": CreateDraftACLInput}
Response
{"data": {"createDraftACL": {"companyDName": "abc123", "id": "abc123"}}}
createOneTimeExecutiveReportConfiguration
CreateOneTimeExecutiveReportConfigurationOutput!
| Name | Description |
|---|---|
input -
CreateOneTimeExecutiveReportConfigurationInput
|
Example
Query
mutation createOneTimeExecutiveReportConfiguration($input: CreateOneTimeExecutiveReportConfigurationInput) {
createOneTimeExecutiveReportConfiguration(input: $input) {
configuration {
...OneTimeExecutiveReportConfigurationFragment
}
}
}
Variables
{"input": CreateOneTimeExecutiveReportConfigurationInput}
Response
{
"data": {
"createOneTimeExecutiveReportConfiguration": {
"configuration": OneTimeExecutiveReportConfiguration
}
}
}
createPolicy
Example
Query
mutation createPolicy($input: CreatePolicyInput!) {
createPolicy(input: $input) {
policy {
...PolicyFragment
}
}
}
Variables
{"input": CreatePolicyInput}
Response
{"data": {"createPolicy": {"policy": Policy}}}
createProxy
Example
Query
mutation createProxy($input: CreateProxyInput!) {
createProxy(input: $input) {
proxy {
...ProxyFragment
}
}
}
Variables
{"input": CreateProxyInput}
Response
{"data": {"createProxy": {"proxy": Proxy}}}
createRecurringExecutiveReportConfiguration
CreateRecurringExecutiveReportConfigurationOutput!
| Name | Description |
|---|---|
input -
CreateRecurringExecutiveReportConfigurationInput
|
Example
Query
mutation createRecurringExecutiveReportConfiguration($input: CreateRecurringExecutiveReportConfigurationInput) {
createRecurringExecutiveReportConfiguration(input: $input) {
configuration {
...RecurringExecutiveReportConfigurationFragment
}
}
}
Variables
{
"input": CreateRecurringExecutiveReportConfigurationInput
}
Response
{
"data": {
"createRecurringExecutiveReportConfiguration": {
"configuration": RecurringExecutiveReportConfiguration
}
}
}
createSAMLConnection
Example
Query
mutation createSAMLConnection($input: CreateSAMLInput!) {
createSAMLConnection(input: $input) {
config {
...SSOConfigFragment
}
}
}
Variables
{"input": CreateSAMLInput}
Response
{"data": {"createSAMLConnection": {"config": SSOConfig}}}
createUser
Example
Query
mutation createUser($input: CreateUserInput!) {
createUser(input: $input) {
user {
...UserFragment
}
}
}
Variables
{"input": CreateUserInput}
Response
{"data": {"createUser": {"user": User}}}
createUserNotificationConfiguration
CreateUserNotificationConfigurationOutput
| Name | Description |
|---|---|
input -
CreateUserNotificationConfigurationInput!
|
Example
Query
mutation createUserNotificationConfiguration($input: CreateUserNotificationConfigurationInput!) {
createUserNotificationConfiguration(input: $input) {
configuration {
...UserNotificationConfigurationFragment
}
}
}
Variables
{"input": CreateUserNotificationConfigurationInput}
Response
{
"data": {
"createUserNotificationConfiguration": {
"configuration": UserNotificationConfiguration
}
}
}
deleteCandidateACL
Example
Query
mutation deleteCandidateACL($input: DeleteCandidateACLInput!) {
deleteCandidateACL(input: $input) {
companyDName
}
}
Variables
{"input": DeleteCandidateACLInput}
Response
{"data": {"deleteCandidateACL": {"companyDName": "abc123"}}}
deleteCertificate
Example
Query
mutation deleteCertificate($input: DeleteCertificateInput!) {
deleteCertificate(input: $input) {
deletedCertificateID
}
}
Variables
{"input": DeleteCertificateInput}
Response
{"data": {"deleteCertificate": {"deletedCertificateID": "xyz789"}}}
deleteCompanyUsers
Example
Query
mutation deleteCompanyUsers($input: DeleteCompanyUsersInput!) {
deleteCompanyUsers(input: $input) {
deletedUsers {
...UserFragment
}
}
}
Variables
{"input": DeleteCompanyUsersInput}
Response
{"data": {"deleteCompanyUsers": {"deletedUsers": [User]}}}
deleteDraftACL
Example
Query
mutation deleteDraftACL($input: DeleteDraftACLInput!) {
deleteDraftACL(input: $input) {
companyDName
}
}
Variables
{"input": DeleteDraftACLInput}
Response
{"data": {"deleteDraftACL": {"companyDName": "xyz789"}}}
deleteExecutiveReport
Example
Query
mutation deleteExecutiveReport($input: DeleteExecutiveReportInput) {
deleteExecutiveReport(input: $input) {
deletedExecutiveReportID
}
}
Variables
{"input": DeleteExecutiveReportInput}
Response
{"data": {"deleteExecutiveReport": {"deletedExecutiveReportID": "abc123"}}}
deleteOneTimeExecutiveReportConfiguration
DeleteOneTimeExecutiveReportConfigurationOutput!
| Name | Description |
|---|---|
input -
DeleteOneTimeExecutiveReportConfigurationInput
|
Example
Query
mutation deleteOneTimeExecutiveReportConfiguration($input: DeleteOneTimeExecutiveReportConfigurationInput) {
deleteOneTimeExecutiveReportConfiguration(input: $input) {
deletedOneTimeExecutiveReportConfigurationID
}
}
Variables
{"input": DeleteOneTimeExecutiveReportConfigurationInput}
Response
{
"data": {
"deleteOneTimeExecutiveReportConfiguration": {
"deletedOneTimeExecutiveReportConfigurationID": "abc123"
}
}
}
deletePolicy
Example
Query
mutation deletePolicy($input: DeletePolicyInput!) {
deletePolicy(input: $input) {
deletedPolicyID
}
}
Variables
{"input": DeletePolicyInput}
Response
{"data": {"deletePolicy": {"deletedPolicyID": "xyz789"}}}
deleteProxy
Example
Query
mutation deleteProxy($input: DeleteProxyInput!) {
deleteProxy(input: $input) {
deletedProxyID
permanentlyDeleted
}
}
Variables
{"input": DeleteProxyInput}
Response
{
"data": {
"deleteProxy": {"deletedProxyID": "abc123", "permanentlyDeleted": true}
}
}
deleteRecurringExecutiveReportConfiguration
DeleteRecurringExecutiveReportConfigurationOutput!
| Name | Description |
|---|---|
input -
DeleteRecurringExecutiveReportConfigurationInput
|
Example
Query
mutation deleteRecurringExecutiveReportConfiguration($input: DeleteRecurringExecutiveReportConfigurationInput) {
deleteRecurringExecutiveReportConfiguration(input: $input) {
deletedRecurringExecutiveReportConfigurationID
}
}
Variables
{
"input": DeleteRecurringExecutiveReportConfigurationInput
}
Response
{
"data": {
"deleteRecurringExecutiveReportConfiguration": {
"deletedRecurringExecutiveReportConfigurationID": "abc123"
}
}
}
deleteRunningACL
Example
Query
mutation deleteRunningACL($input: DeleteRunningACLInput!) {
deleteRunningACL(input: $input) {
companyDName
}
}
Variables
{"input": DeleteRunningACLInput}
Response
{"data": {"deleteRunningACL": {"companyDName": "abc123"}}}
deleteSAMLConnection
Example
Query
mutation deleteSAMLConnection($input: SAMLInput!) {
deleteSAMLConnection(input: $input) {
config {
...SSOConfigFragment
}
}
}
Variables
{"input": SAMLInput}
Response
{"data": {"deleteSAMLConnection": {"config": SSOConfig}}}
deleteUser
Example
Query
mutation deleteUser($input: DeleteUserInput!) {
deleteUser(input: $input) {
deletedUserID
}
}
Variables
{"input": DeleteUserInput}
Response
{"data": {"deleteUser": {"deletedUserID": "abc123"}}}
lockConfigurationChanges
Example
Query
mutation lockConfigurationChanges {
lockConfigurationChanges {
createdAt
ended
id
lockedBy
started
unlockedBy
updatedAt
}
}
Response
{
"data": {
"lockConfigurationChanges": {
"createdAt": Time,
"ended": Time,
"id": "xyz789",
"lockedBy": "abc123",
"started": Time,
"unlockedBy": "abc123",
"updatedAt": Time
}
}
}
markAllUserNotificationRecordsRead
UpdateAllUserNotificationRecordsOutput
| Name | Description |
|---|---|
input -
UpdateAllUserNotificationRecordsInput!
|
Example
Query
mutation markAllUserNotificationRecordsRead($input: UpdateAllUserNotificationRecordsInput!) {
markAllUserNotificationRecordsRead(input: $input) {
userID
}
}
Variables
{"input": UpdateAllUserNotificationRecordsInput}
Response
{"data": {"markAllUserNotificationRecordsRead": {"userID": "abc123"}}}
sendACLChangeRequest
Example
Query
mutation sendACLChangeRequest($input: SendACLChangeRequestInput!) {
sendACLChangeRequest(input: $input) {
companyDName
id
}
}
Variables
{"input": SendACLChangeRequestInput}
Response
{"data": {"sendACLChangeRequest": {"companyDName": "abc123", "id": "xyz789"}}}
sendEmail
Example
Query
mutation sendEmail($input: SendEmailInput!) {
sendEmail(input: $input) {
statusCode
}
}
Variables
{"input": SendEmailInput}
Response
{"data": {"sendEmail": {"statusCode": "xyz789"}}}
sendTestNotification
Example
Query
mutation sendTestNotification($input: SendTestNotificationInput!) {
sendTestNotification(input: $input) {
statusCode
}
}
Variables
{"input": SendTestNotificationInput}
Response
{"data": {"sendTestNotification": {"statusCode": "abc123"}}}
sendUserActivationEmail
Example
Query
mutation sendUserActivationEmail($input: SendUserActivationEmailInput!) {
sendUserActivationEmail(input: $input) {
email
id
}
}
Variables
{"input": SendUserActivationEmailInput}
Response
{"data": {"sendUserActivationEmail": {"email": "abc123", "id": "abc123"}}}
sendUserPasswordResetEmail
SendUserPasswordResetEmailOutput
| Name | Description |
|---|---|
input -
SendUserPasswordResetEmailInput!
|
Example
Query
mutation sendUserPasswordResetEmail($input: SendUserPasswordResetEmailInput!) {
sendUserPasswordResetEmail(input: $input) {
email
id
}
}
Variables
{"input": SendUserPasswordResetEmailInput}
Response
{"data": {"sendUserPasswordResetEmail": {"email": "xyz789", "id": "abc123"}}}
unlockConfigurationChanges
Example
Query
mutation unlockConfigurationChanges {
unlockConfigurationChanges
}
Response
{"data": {"unlockConfigurationChanges": false}}
updateCompanyNotificationConfiguration
UpdateCompanyNotificationConfigurationOutput
| Name | Description |
|---|---|
input -
UpdateCompanyNotificationConfigurationInput!
|
Example
Query
mutation updateCompanyNotificationConfiguration($input: UpdateCompanyNotificationConfigurationInput!) {
updateCompanyNotificationConfiguration(input: $input) {
configuration {
...CompanyNotificationConfigurationFragment
}
}
}
Variables
{"input": UpdateCompanyNotificationConfigurationInput}
Response
{
"data": {
"updateCompanyNotificationConfiguration": {
"configuration": CompanyNotificationConfiguration
}
}
}
updateNotificationRecord
Example
Query
mutation updateNotificationRecord($input: UpdateNotificationRecordInput!) {
updateNotificationRecord(input: $input) {
records {
...NotificationRecordFragment
}
}
}
Variables
{"input": UpdateNotificationRecordInput}
Response
{
"data": {
"updateNotificationRecord": {
"records": [NotificationRecord]
}
}
}
updatePolicy
Example
Query
mutation updatePolicy($input: UpdatePolicyInput!) {
updatePolicy(input: $input) {
policy {
...PolicyFragment
}
}
}
Variables
{"input": UpdatePolicyInput}
Response
{"data": {"updatePolicy": {"policy": Policy}}}
updateProxy
Example
Query
mutation updateProxy($input: UpdateProxyInput!) {
updateProxy(input: $input) {
proxy {
...ProxyFragment
}
}
}
Variables
{"input": UpdateProxyInput}
Response
{"data": {"updateProxy": {"proxy": Proxy}}}
updateRecurringExecutiveReportConfiguration
UpdateRecurringExecutiveReportConfigurationOutput!
| Name | Description |
|---|---|
input -
UpdateRecurringExecutiveReportConfigurationInput
|
Example
Query
mutation updateRecurringExecutiveReportConfiguration($input: UpdateRecurringExecutiveReportConfigurationInput) {
updateRecurringExecutiveReportConfiguration(input: $input) {
configuration {
...RecurringExecutiveReportConfigurationFragment
}
}
}
Variables
{
"input": UpdateRecurringExecutiveReportConfigurationInput
}
Response
{
"data": {
"updateRecurringExecutiveReportConfiguration": {
"configuration": RecurringExecutiveReportConfiguration
}
}
}
updateSAMLConnection
Example
Query
mutation updateSAMLConnection($input: UpdateSAMLInput!) {
updateSAMLConnection(input: $input) {
config {
...SSOConfigFragment
}
}
}
Variables
{"input": UpdateSAMLInput}
Response
{"data": {"updateSAMLConnection": {"config": SSOConfig}}}
updateUser
Example
Query
mutation updateUser($input: UpdateUserInput!) {
updateUser(input: $input) {
user {
...UserFragment
}
}
}
Variables
{"input": UpdateUserInput}
Response
{"data": {"updateUser": {"user": User}}}
updateUserNotificationConfiguration
UpdateUserNotificationConfigurationOutput
| Name | Description |
|---|---|
input -
UpdateUserNotificationConfigurationInput!
|
Example
Query
mutation updateUserNotificationConfiguration($input: UpdateUserNotificationConfigurationInput!) {
updateUserNotificationConfiguration(input: $input) {
configuration {
...UserNotificationConfigurationFragment
}
}
}
Variables
{"input": UpdateUserNotificationConfigurationInput}
Response
{
"data": {
"updateUserNotificationConfiguration": {
"configuration": UserNotificationConfiguration
}
}
}
Types
ACLsData
The data describing a customer's ACLs
| Field Name | Description |
|---|---|
candidateACL -
CandidateACL
|
The Candidate ACL that is under review by SOC. |
draftACL -
DraftACL
|
The Draft ACL. |
runningACL -
RunningACL
|
The running ACL that has been approved by SOC. |
runningACLDeploymentStatus -
RunningACLDeploymentStatus!
|
The deployment status of the running ACL for all of the scrubbing centers. |
Example
{
"candidateACL": CandidateACL,
"draftACL": DraftACL,
"runningACL": RunningACL,
"runningACLDeploymentStatus": RunningACLDeploymentStatus
}
AIFHTTPURLRegexDDOSCountermeasure
| Field Name | Description |
|---|---|
blocking -
Boolean!
|
|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
level -
String!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"blocking": false,
"company": Company,
"id": "abc123",
"level": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
APIAccess
Specifies API Access configuration for company.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether API access is enabled for the Company. |
maxAPIClients -
UnsignedInt32!
|
Specifies the max number of API clients that can be configured for this company. |
openHybridEnabled -
Boolean!
|
Specifies if Open Hybrid access is enabled in portal for this company. |
Example
{
"enabled": true,
"maxAPIClients": UnsignedInt32,
"openHybridEnabled": false
}
APIClient
Per-Company API Access settings.
| Field Name | Description |
|---|---|
company -
Company!
|
Company Details. |
description -
String!
|
API Client Description. |
id -
String!
|
API Client ID. |
name -
String!
|
API Client Name. |
user -
User
|
User Details. |
Example
{
"company": Company,
"description": "abc123",
"id": "xyz789",
"name": "abc123",
"user": User
}
AccountInfo
Contract-related information for a customer.
| Field Name | Description |
|---|---|
accountExecutiveList -
[Person!]
|
List of Account Executives for customer. |
accountNumber -
String!
|
Account Number of customer. |
countryName -
String
|
Country customer is registered in. |
domain -
String!
|
Primary DNS name of customer. |
featureList -
[Feature!]
|
List of features purchased by customer. |
state -
String
|
State customer is registered in. |
Example
{
"accountExecutiveList": [Person],
"accountNumber": "abc123",
"countryName": "abc123",
"domain": "xyz789",
"featureList": [Feature],
"state": "xyz789"
}
ActivationStatus
The status of a contract negotiated with customer.
| Enum Value | Description |
|---|---|
|
|
Indicates that the specified feature is purchased and activated for the company. |
|
|
Indicates that the specified feature is under review but not purchased yet by the company. |
|
|
Indicates that the specified feature is pending signature by the company. |
|
|
Indicates that the specified feature is being reviewed post submission, for the company. |
Alert
An Alert is something that has been raised within SiteProtect to be dealt with.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
end -
Time
|
The end time of the alert. A non-zero value of end time means that the alert has ended or finished. |
id -
String!
|
The identifier of the alert. |
severity -
Severity!
|
An indication of how critical the Alert is. |
start -
Time!
|
The start time of the alert |
type -
AlertType!
|
A boolean value that indicates whether or not the alert is an Infrastructure alert |
Example
{
"company": Company,
"end": Time,
"id": "xyz789",
"severity": Severity,
"start": Time,
"type": AlertType
}
AlertCharacterization
| Field Name | Description |
|---|---|
destination_asns -
[String]
|
|
destination_prefixes -
[String]
|
|
destination_tcp_ports -
[String]
|
|
destination_udp_ports -
[String]
|
|
protocols -
[String]
|
|
source_asns -
[String]
|
|
source_countries -
[AlertCountry]
|
|
source_prefixes -
[String]
|
|
source_tcp_ports -
[String]
|
|
source_udp_ports -
[String]
|
|
tcp_flags -
[String]
|
Example
{
"destination_asns": ["xyz789"],
"destination_prefixes": ["xyz789"],
"destination_tcp_ports": ["abc123"],
"destination_udp_ports": ["abc123"],
"protocols": ["abc123"],
"source_asns": ["abc123"],
"source_countries": [AlertCountry],
"source_prefixes": ["abc123"],
"source_tcp_ports": ["abc123"],
"source_udp_ports": ["abc123"],
"tcp_flags": ["xyz789"]
}
AlertClassification
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
AlertDetailsTraffic
| Field Name | Description |
|---|---|
characterization -
AlertCharacterization
|
|
destination_asns -
[AlertDetailsTrafficSeries]
|
|
destination_prefixes -
[AlertDetailsTrafficSeries]
|
|
destination_tcp_ports -
[AlertDetailsTrafficSeries]
|
|
destination_udp_ports -
[AlertDetailsTrafficSeries]
|
|
icmp_types -
[AlertDetailsTrafficSeries]
|
|
interface_traffic -
[AlertInterfaceTraffic]
|
|
misuse_types -
[AlertDetailsTrafficSeries]
|
|
packet_sizes -
[AlertPacketSizeBin]
|
|
patterns -
[AlertTrafficPattern]
|
|
protocols -
[AlertDetailsTrafficSeries]
|
|
router_traffic -
[AlertDetailsTrafficSeries]
|
|
source_asns -
[AlertDetailsTrafficSeries]
|
|
source_countries -
[AlertDetailsTrafficSeries]
|
|
source_prefixes -
[AlertDetailsTrafficSeries]
|
|
source_tcp_ports -
[AlertDetailsTrafficSeries]
|
|
source_udp_ports -
[AlertDetailsTrafficSeries]
|
|
tcp_flags -
[AlertDetailsTrafficSeries]
|
Example
{
"characterization": AlertCharacterization,
"destination_asns": [AlertDetailsTrafficSeries],
"destination_prefixes": [AlertDetailsTrafficSeries],
"destination_tcp_ports": [AlertDetailsTrafficSeries],
"destination_udp_ports": [AlertDetailsTrafficSeries],
"icmp_types": [AlertDetailsTrafficSeries],
"interface_traffic": [AlertInterfaceTraffic],
"misuse_types": [AlertDetailsTrafficSeries],
"packet_sizes": [AlertPacketSizeBin],
"patterns": [AlertTrafficPattern],
"protocols": [AlertDetailsTrafficSeries],
"router_traffic": [AlertDetailsTrafficSeries],
"source_asns": [AlertDetailsTrafficSeries],
"source_countries": [AlertDetailsTrafficSeries],
"source_prefixes": [AlertDetailsTrafficSeries],
"source_tcp_ports": [AlertDetailsTrafficSeries],
"source_udp_ports": [AlertDetailsTrafficSeries],
"tcp_flags": [AlertDetailsTrafficSeries]
}
AlertDetailsTrafficSeries
| Field Name | Description |
|---|---|
name -
String
|
|
points -
[AlertTrafficTimeSeriesPoint]
|
|
severity -
String
|
|
unit -
String
|
|
view -
String
|
Example
{
"name": "xyz789",
"points": [AlertTrafficTimeSeriesPoint],
"severity": "xyz789",
"unit": "abc123",
"view": "xyz789"
}
AlertDimension
One of the sorted order fields.
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the END time. |
|
|
The ascending order based on the SEVERITY time. |
|
|
The ascending order based on the START time. |
AlertFilterInput
The filters that can be applied to scope the list of alerts.
| Input Field | Description |
|---|---|
active -
Boolean
|
Include active alerts when set to true or inactive when set to false. By default, all alerts are fetched regardless of whether they are active or not. |
id -
String
|
The identifier of the alert |
isInfrastructure -
Boolean
|
Whether the alert is an infrastructure alert type |
providerID -
String
|
The provider identifier of the alert |
severities -
[Severity!]
|
The severity levels to filter on |
types -
[AlertType!]
|
The alert types to filter on |
Example
{
"active": false,
"id": "xyz789",
"isInfrastructure": false,
"providerID": "abc123",
"severities": [Severity],
"types": [AlertType]
}
AlertInterfaceTraffic
| Field Name | Description |
|---|---|
avg_value -
UnsignedInt64
|
|
direction -
String
|
|
interface_asns -
[UnsignedInt64]
|
|
interface_boundary -
String
|
|
interface_name -
String
|
|
max_value -
UnsignedInt64
|
|
pct95_value -
UnsignedInt64
|
|
router -
String
|
|
router_severity -
String
|
|
snmp_description -
String
|
|
unit -
String
|
Example
{
"avg_value": UnsignedInt64,
"direction": "xyz789",
"interface_asns": [UnsignedInt64],
"interface_boundary": "abc123",
"interface_name": "xyz789",
"max_value": UnsignedInt64,
"pct95_value": UnsignedInt64,
"router": "xyz789",
"router_severity": "xyz789",
"snmp_description": "abc123",
"unit": "abc123"
}
AlertPacketSizeBin
| Field Name | Description |
|---|---|
avg_value -
UnsignedInt64
|
|
high -
UnsignedInt64
|
|
low -
UnsignedInt64
|
|
max_value -
UnsignedInt64
|
|
pct95_value -
UnsignedInt64
|
Example
{
"avg_value": UnsignedInt64,
"high": UnsignedInt64,
"low": UnsignedInt64,
"max_value": UnsignedInt64,
"pct95_value": UnsignedInt64
}
AlertSortBy
AlertSortBy sorting.
| Input Field | Description |
|---|---|
dimension -
AlertDimension! default = "START" |
The dimension to sort by. |
direction -
SortDirection! default = "DESCENDING" |
The direction to sort in. |
Example
{
"dimension": "START",
"direction": "DESCENDING"
}
AlertTrafficPattern
| Field Name | Description |
|---|---|
destination -
String
|
|
destination_ports -
PortRange
|
|
max_traffic -
Float
|
|
max_traffic_unit -
String
|
|
protocol -
String
|
|
router -
String
|
|
source -
String
|
|
source_ports -
PortRange
|
|
tcp_flags -
[String]
|
Example
{
"destination": "abc123",
"destination_ports": PortRange,
"max_traffic": 987.65,
"max_traffic_unit": "abc123",
"protocol": "abc123",
"router": "abc123",
"source": "abc123",
"source_ports": PortRange,
"tcp_flags": ["abc123"]
}
AlertType
| Enum Value | Description |
|---|---|
|
|
Comes from waf and bot. |
|
|
BGP customers specify IP prefixes to be protected. |
|
|
Communication is lost between the APS deployment and its Sightline manager. |
|
|
Customer’s APS deployment requests a mitigation be started. |
|
|
Detected from customer traffic data feed. |
|
|
Traffic data feed not received when performing detection observation. |
|
|
Detected DDoS attack. |
|
|
Users send API call. |
|
|
Traffic data feed not received when performing detection observation. |
|
|
Tunnel Alert data. |
AlertsWithPagination
Represents the list of alerts along with pagination details.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The pagination details. |
results -
[Alert!]!
|
The list of alerts. |
Example
{
"pageInfo": Pagination,
"results": [Alert]
}
Algorithm
Algorithm used for signature request.
| Enum Value | Description |
|---|---|
|
|
SHA1 Algorithm. |
|
|
SHA256 Algorithm. |
AppDataAggregateByField
Allowed list of values for results to be grouped by.
| Enum Value | Description |
|---|---|
|
|
|
|
|
AppDataAggregateByInput
Define how the results should be grouped.
| Input Field | Description |
|---|---|
field -
AppDataAggregateByField!
|
A value indicating how the results should be grouped. |
Example
{"field": AppDataAggregateByField}
AppDataAnalyticsResponse
Output application results.
| Field Name | Description |
|---|---|
aggregateBy -
AppDataAggregateByField!
|
|
field -
AppDataField!
|
|
values -
[AppDataValues!]
|
Example
{
"aggregateBy": AppDataAggregateByField,
"field": AppDataField,
"values": [AppDataValues]
}
AppDataField
Allowed list of request types for any given query.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
AppDataFilterInput
Input required if extra criteria is needed to constrain the queried results.
| Input Field | Description |
|---|---|
vips -
[IPAddressInput!]
|
If given, the queried results will only include those for the VIPs provided. |
Example
{"vips": [IPAddressInput]}
AppDataValues
Generic query type and result count.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
|
key -
String!
|
Example
{"count": UnsignedInt32, "key": "xyz789"}
AppSecAlert
An alert generated as defined by a Policy.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
destinationIP -
IPAddress!
|
The destination IP. |
details -
AppSecAlertDetails
|
The details of the alert. |
dimension -
String!
|
The dimension. |
end -
Time
|
The end time of the alert. A non-zero value of end time means that the alert has ended or finished. |
id -
String!
|
The identifier of the alert. |
key -
String!
|
The key. |
operator -
String!
|
The operator. |
policyID -
String!
|
The Policy ID that triggered this alert. |
severity -
Severity!
|
An indication of how critical the Alert is. |
start -
Time!
|
The start time of the alert |
type -
AlertType!
|
A boolean value that indicates whether or not the alert is an Infrastructure alert |
vip -
IPAddress!
|
The VIP. |
Example
{
"company": Company,
"destinationIP": IPAddress,
"details": AppSecAlertDetails,
"dimension": "xyz789",
"end": Time,
"id": "xyz789",
"key": "abc123",
"operator": "abc123",
"policyID": "abc123",
"severity": Severity,
"start": Time,
"type": AlertType,
"vip": IPAddress
}
AppSecAlertDetails
| Field Name | Description |
|---|---|
importance -
UnsignedInt32!
|
The importance. |
threshold -
UnsignedInt32!
|
The threshold. |
Example
{
"importance": UnsignedInt32,
"threshold": UnsignedInt32
}
AppSecThreshold
An Application Security (AppSec) Threshold.
| Field Name | Description |
|---|---|
bucketDurationSeconds -
UnsignedInt32!
|
Time period for max number of violations to occur before generating alerts. |
count -
UnsignedInt32!
|
Max number of violations allowed for this configuration before generating alerts. |
dimension -
AppSecThresholdDimension!
|
Dimension for this configuration from a valid list of dimensions. |
key -
String!
|
Key based on the Dimension. For instance, valid keys for REQUEST_BY_SOURCE_IP are , ||, /index.html||., /index.html||153.18.34.1. Valid keys for for RESPONSE_BY_STATUS are *, /index.html||200. |
Example
{
"bucketDurationSeconds": UnsignedInt32,
"count": UnsignedInt32,
"dimension": AppSecThresholdDimension,
"key": "xyz789"
}
AppSecThresholdDimension
Allowed values for a WAF Application Security (AppSec) Threshold Configuration Dimension.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
AppSecThresholdDimensionInput
Allowed values for a policy level Application Security (AppSec) Threshold Configuration Dimension Input.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
AppSecThresholdInput
Specify a policy-level Application Security (AppSec) Threshold.
| Input Field | Description |
|---|---|
bucketDurationSeconds -
UnsignedInt32! default = 60 |
Time period within which the minimum number of violations need to occur in order to generate alerts. (allowed values : 60). |
count -
UnsignedInt32! default = 100 |
Minimum number of violations for generating alerts.(allowed value range: 1-1000). |
dimension -
AppSecThresholdDimensionInput!
|
Dimension for this configuration from a valid list of dimensions. |
key -
String!
|
Key based on the Dimension. For instance, valid keys for REQUEST_BY_SOURCE_IP , ||, /index.html||., /index.html||153.18.34.1, for RESPONSE_BY_STATUS *, /index.html||200. |
Example
{
"bucketDurationSeconds": 60,
"count": 100,
"dimension": AppSecThresholdDimensionInput,
"key": "abc123"
}
AppViolationData
Represents the application violation data object.
| Field Name | Description |
|---|---|
metric -
AppViolationMetric!
|
The metric for the data. |
value -
Int!
|
The value for the data. |
Example
{"metric": AppViolationMetric, "value": 987}
AppViolationMetric
One of the application violation metrics.
| Enum Value | Description |
|---|---|
|
|
The count of application violations. |
ApplicationService
Application services that make up this virtual servers back end.
| Field Name | Description |
|---|---|
monitor -
Boolean!
|
Whether or not to monitor this origin. |
origin -
String!
|
The back-end IP for this virtual server's origin. |
port -
UnsignedInt16!
|
The back-end port for this virtual server's origin. |
protocol -
ProxyProtocol!
|
Protocol type used for this virtual server's front and back ends. |
Example
{
"monitor": true,
"origin": "xyz789",
"port": UnsignedInt16,
"protocol": ProxyProtocol
}
ApplicationServiceInput
Define a virtual server's back-end server.
| Input Field | Description |
|---|---|
monitor -
Boolean! default = true |
Whether or not to monitor this origin. |
origin -
String!
|
The back-end IP/hostname of this virtual server's origin. |
port -
UnsignedInt16!
|
The back-end port for this virtual server's origin. |
protocol -
ProxyProtocol!
|
Protocol type used for this virtual server's front and back ends. |
Example
{
"monitor": true,
"origin": "xyz789",
"port": UnsignedInt16,
"protocol": ProxyProtocol
}
Attribute
| Field Name | Description |
|---|---|
id -
String!
|
|
traffic -
[TrafficData!]!
|
Example
{"id": "xyz789", "traffic": [TrafficData]}
AuditLogAction
Allowed list of values indicating what type of action caused an audit log transaction to be written.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
AuditLogImage
The before and after image of an object that was altered.
| Field Name | Description |
|---|---|
newObj -
RawJSON!
|
A JSON string representing the image of an object before it was modified. |
oldObj -
RawJSON
|
A JSON string representing the image of an object after it was modified. |
Example
{
"newObj": RawJSON,
"oldObj": RawJSON
}
AuditLogOperation
A specific audit log operation. A given audit log transaction can contain many seperate operations.
| Field Name | Description |
|---|---|
action -
AuditLogAction!
|
A value indicating what type of action caused an audit log transaction to be written. |
callerID -
String
|
Used internally to help identify what system component made a request to record the audit log operation. |
callerType -
CallerType
|
A string indicating what type of caller is recording an audit log transaction. |
company -
Company!
|
The owning company of the object represented in this audit log operation. |
description -
String!
|
A description describing the cause of the audit log operation. |
id -
String!
|
The identifier of an audit log operation. |
image -
AuditLogImage
|
A before and after image of an object that was altered. |
messages -
[String!]
|
A list of messages indicating useful information about the action that caused the audit log operation to be captured. |
resourceID -
String!
|
An ID value for internal reference indicating the key/ID value of the object being altered. |
resourceType -
String!
|
A string value for internal reference indicating what type of object was altered. |
serviceID -
String!
|
A string representing the name of the service that caused the audit log operation to be captured. |
status -
AuditLogResultStatus!
|
The result of the action that caused an audit log transaction to be written. |
timestamp -
Time!
|
The time reported by the caller for when the action occurred causing the audit log operation to be captured. |
transaction -
AuditLogTransaction!
|
Audit log transaction details associated with the operation. |
Example
{
"action": AuditLogAction,
"callerID": "xyz789",
"callerType": CallerType,
"company": Company,
"description": "abc123",
"id": "abc123",
"image": AuditLogImage,
"messages": ["abc123"],
"resourceID": "abc123",
"resourceType": "xyz789",
"serviceID": "abc123",
"status": AuditLogResultStatus,
"timestamp": Time,
"transaction": AuditLogTransaction
}
AuditLogOperationDimension
Allowed list of values indicating what field and order the results are to be sorted.
| Enum Value | Description |
|---|---|
|
|
AuditLogOperationFilterInput
Input required if extra criteria is needed to constrain the queried results.
| Input Field | Description |
|---|---|
action -
AuditLogAction
|
A value indicating what type of action caused an audit log transaction to be written. |
resourceID -
String
|
An ID value for internal reference indicating the key/ID value of the object being altered. |
resourceType -
String
|
A string value for internal reference indicating what type of object was altered. |
serviceID -
String
|
A string representing the name of the service that caused the audit log operation to be captured. |
status -
AuditLogResultStatus
|
The result of the action that caused an audit log transaction to be written. |
Example
{
"action": AuditLogAction,
"resourceID": "xyz789",
"resourceType": "abc123",
"serviceID": "abc123",
"status": AuditLogResultStatus
}
AuditLogOperationSortBy
Audit Log Operations log sorting.
| Input Field | Description |
|---|---|
dimension -
AuditLogOperationDimension! default = "TIMESTAMP" |
The dimension to sort by. |
direction -
SortDirection! default = "DESCENDING" |
The direction to sort in. |
Example
{
"dimension": "TIMESTAMP",
"direction": "DESCENDING"
}
AuditLogResultStatus
Allowed list of values indicating the result of the action that caused an audit log transaction to be written.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
AuditLogTransaction
A specific audit log transaction. A transaction can consist of many individual audit log operations.
| Field Name | Description |
|---|---|
apiClient -
APIClient
|
API caller information. |
apiClientID -
String
|
Used internally to help identify what system user made a request to record the audit log operation. |
applicationID -
String!
|
Used internally to help identify what system component made a request to record the audit log operation. |
description -
String!
|
A description describing the cause of the audit log transaction. |
id -
String!
|
The identifier of an audit log transaction. |
messages -
[String!]
|
A list of messages indicating useful information about the action that caused the audit log operation to be captured. |
operations -
[AuditLogOperation!]
|
A list of audit log operations. A given audit log transaction may contain many individual operations. |
status -
AuditLogResultStatus!
|
The result of the action that caused an audit log transaction to be written. |
timestamp -
Time!
|
The time reported by the caller for when the action occurred causing the audit log operation to be captured. |
traceID -
String!
|
An identifier that ties this audit log operation with a transaction. |
user -
User
|
User details. |
userID -
String!
|
The ID of the user who caused an audit log transaction to be written. |
Example
{
"apiClient": APIClient,
"apiClientID": "xyz789",
"applicationID": "xyz789",
"description": "xyz789",
"id": "xyz789",
"messages": ["xyz789"],
"operations": [AuditLogOperation],
"status": AuditLogResultStatus,
"timestamp": Time,
"traceID": "abc123",
"user": User,
"userID": "abc123"
}
AuditLogTransactionFilterInput
Input required if extra criteria is needed to constrain the queried results.
| Input Field | Description |
|---|---|
action -
AuditLogAction
|
A value indicating what type of action caused an audit log transaction to be written. |
apiClientID -
String
|
Used internally to help identify what system user made a request to record the audit log operation. |
applicationID -
String
|
Used internally to help identify what system component made a request to record the audit log operation. |
resourceID -
String
|
An ID value for internal reference indicating the key/ID value of the object being altered. |
resourceType -
String
|
A string value for internal reference indicating what type of object was altered. |
transactionResultStatus -
AuditLogResultStatus
|
A status representing the result of the action that caused an audit log transaction to be written. |
userID -
String
|
The ID of the user who caused an audit log transaction to be written. |
Example
{
"action": AuditLogAction,
"apiClientID": "xyz789",
"applicationID": "xyz789",
"resourceID": "abc123",
"resourceType": "xyz789",
"transactionResultStatus": AuditLogResultStatus,
"userID": "abc123"
}
AuditLogTransactionSortBy
Audit Log Transactions log sorting.
| Input Field | Description |
|---|---|
dimension -
AuditLogTransactionDimension! default = "TIMESTAMP" |
The dimension to sort by. |
direction -
SortDirection! default = "DESCENDING" |
The direction to sort in. |
Example
{
"dimension": "TIMESTAMP",
"direction": "DESCENDING"
}
AuditLogTransactionsWithPagination
The list of audit log transactions along with pagination details.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The pagination details. |
results -
[AuditLogTransaction!]
|
The list of audit log transactions. |
Example
{
"pageInfo": Pagination,
"results": [AuditLogTransaction]
}
BGPCleanTrafficDeliveryMechanism
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
BGPMitigationTriggerMechanism
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
BGPPackage
Specifies BGP configuration for the company.
| Field Name | Description |
|---|---|
alertAuto -
Boolean!
|
Auto Mitigation Enabled. |
alwaysOn -
Boolean!
|
Indicates whether company has BGP Always On DDoS mitigation enabled. |
alwaysRouted -
Boolean!
|
Whether traffic is always routed here. |
cleanTrafficDeliveryMechanisms -
[BGPCleanTrafficDeliveryMechanism!]
|
Mechanism(s) used to send clean traffic to back end. |
cloudFirewallEnabled -
Boolean!
|
Indicates whether Cloud Firewall is enabled for the Company. |
companyDName -
String!
|
The identifier of the owning company. |
enabled -
Boolean!
|
Whether BGP is enabled for the Company. |
hybridCloudSignalling -
Boolean!
|
Cloud Signalling Auto Mitigation Enabled. |
managedObjects -
[ManagedObject!]
|
List of BGP Managed Objects. |
mitigationTriggerMechanisms -
[BGPMitigationTriggerMechanism!]
|
Mechanism(s) used to trigger mitigations. |
onDemand -
Boolean!
|
Indicates whether company has BGP On Demand DDoS mitigation enabled. |
routing -
BGPTrafficRouting
|
Indicates what type of BGP routing is being used. This can be one of BGP IP, Traffic Engineering, Direct Connect, Direct Connect Traffic Engineering, or Group Routing Encapsulation (GRE). |
serviceTypes -
[BGPServiceType!]
|
BGP Service types configured. |
Example
{
"alertAuto": false,
"alwaysOn": true,
"alwaysRouted": true,
"cleanTrafficDeliveryMechanisms": [
BGPCleanTrafficDeliveryMechanism
],
"cloudFirewallEnabled": false,
"companyDName": "xyz789",
"enabled": true,
"hybridCloudSignalling": true,
"managedObjects": [ManagedObject],
"mitigationTriggerMechanisms": [
BGPMitigationTriggerMechanism
],
"onDemand": false,
"routing": BGPTrafficRouting,
"serviceTypes": [BGPServiceType]
}
BGPPackageFilterInput
Ways of reducing output of Company queries.
| Input Field | Description |
|---|---|
cleanTrafficDeliveryMechanisms -
[BGPCleanTrafficDeliveryMechanism!]
|
Mechanism(s) used to send clean traffic to back end. |
mitigationTriggerMechanisms -
[BGPMitigationTriggerMechanism!]
|
Mechanism(s) used to trigger mitigations. |
serviceTypes -
[BGPServiceType!]
|
BGP Service types configured. |
Example
{
"cleanTrafficDeliveryMechanisms": [
BGPCleanTrafficDeliveryMechanism
],
"mitigationTriggerMechanisms": [
BGPMitigationTriggerMechanism
],
"serviceTypes": [BGPServiceType]
}
BGPTrafficRouting
Specifies the type of BGP traffic routing configured for the company.
| Enum Value | Description |
|---|---|
|
|
Specifies BGP IP routing. |
|
|
Specifies BGP Traffic Engineering routing. |
|
|
Specifies BGP Direct Connect routing. |
|
|
Specifies BGP Direct Connect Traffic Engineering routing. |
|
|
Specifies BGP Group Routing Encapsulation (GRE) routing. |
BaseBotSignature
A Bot Detection signature provided by the system. Can be configured to respond with a different action.
| Field Name | Description |
|---|---|
botType -
BotType!
|
The signature bot type. |
category -
String!
|
The signature category. |
defaultAction -
BotSignatureAction!
|
The signature action taken by default. |
defaultEnabled -
Boolean!
|
Whether bot signature is enabled. |
description -
String!
|
Description of the signature. |
id -
String!
|
The signature unique ID. |
version -
String!
|
The signature version. |
Example
{
"botType": BotType,
"category": "xyz789",
"defaultAction": BotSignatureAction,
"defaultEnabled": true,
"description": "xyz789",
"id": "xyz789",
"version": "abc123"
}
BaseWAFSignature
A WAF signature provided by the system. Can be configured to respond with a different action.
| Field Name | Description |
|---|---|
category -
String!
|
Category of the signature. |
createdAt -
Time
|
The time that this base signature was added into the system. |
defaultAction -
WAFAction!
|
Default action to be taken. |
description -
String!
|
Description of the signature. |
id -
String!
|
Unique ID of the signature. |
refs -
String
|
Reference ID to the corresponding vulnerability lists. For instance: cve, bugtraq, nessus |
Example
{
"category": "xyz789",
"createdAt": Time,
"defaultAction": WAFAction,
"description": "xyz789",
"id": "abc123",
"refs": "xyz789"
}
BaseWAFSignatureDimension
Allowed values for sorting the Signature list.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
BaseWAFSignatureSortBy
Signature sorting input.
| Input Field | Description |
|---|---|
dimension -
BaseWAFSignatureDimension!
|
The dimension to sort by. |
direction -
SortDirection!
|
The direction to sort in. |
Example
{
"dimension": BaseWAFSignatureDimension,
"direction": SortDirection
}
BaseWAFSignaturesResponse
A base signatures response object.
| Field Name | Description |
|---|---|
lastCheckedTime -
Time
|
Represents the timestamp when the job ran to check for latest signature updates |
signatures -
BaseWAFSignaturesWithPagination
|
A paginated list of base signatures |
Example
{
"lastCheckedTime": Time,
"signatures": BaseWAFSignaturesWithPagination
}
BaseWAFSignaturesWithPagination
A paginated list of base WAF signatures.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[BaseWAFSignature!]
|
A list of signatures |
Example
{
"pageInfo": Pagination,
"results": [BaseWAFSignature]
}
BlackWhiteListsDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
BlockedIPLog
A DDoS blocked IP event log.
The log is identified by the customer, mitigation and blocked IP fields, which is called a tuple.
| Field Name | Description |
|---|---|
asn -
UnsignedInt32
|
The ASN for the packet. |
blacklisted -
Boolean
|
Whether the packet was blacklisted. |
blockedIP -
IPAddress!
|
The blocked IP address. |
city -
String
|
The city where the packet originated. |
countermeasure -
String
|
The countermeasure for this event. |
country -
String
|
The country of origin of the packet. |
customer -
String!
|
The identifier of the owning company. |
destPort -
UnsignedInt16
|
The destination port of the packet. |
deviceName -
String
|
The device name where the event occurred. |
eventTimeStamp -
Time!
|
The timestamp of this event. |
firstEventTimeStamp -
Time!
|
The timestamp when the blocked IP event log was first recorded for the tuple in the repository for the customer, so long as the entry has not been aged out. |
internalMitigationName -
String!
|
The internal mitigation name. |
nodeName -
String
|
The node name where the event occurred. |
prefixList -
[String!]
|
The target prefix list. |
protocol -
String
|
The protocol of the packet. |
reason -
String
|
The reason for this event. |
rule -
String
|
The rule associated with this event. |
srcPort -
UnsignedInt16
|
The source port of the packet. |
Example
{
"asn": UnsignedInt32,
"blacklisted": false,
"blockedIP": IPAddress,
"city": "abc123",
"countermeasure": "xyz789",
"country": "xyz789",
"customer": "xyz789",
"destPort": UnsignedInt16,
"deviceName": "abc123",
"eventTimeStamp": Time,
"firstEventTimeStamp": Time,
"internalMitigationName": "xyz789",
"nodeName": "xyz789",
"prefixList": ["abc123"],
"protocol": "abc123",
"reason": "abc123",
"rule": "xyz789",
"srcPort": UnsignedInt16
}
BlockedIPLogDimension
A list of values for sorting the DDoS blocked IP log.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BlockedIPLogFilterInput
Filters queries for DDoS blocked IP logs.
| Input Field | Description |
|---|---|
asn -
UnsignedInt32
|
A number for matching ASN. |
blockedIPSubstring -
String
|
A substring for matching blocked IP that contains this substring. |
countermeasureSubstring -
String
|
A substring for matching countermeasure that contains this substring. |
countrySubstring -
String
|
A substring for matching country that contains this substring. |
customerSubstring -
String
|
A substring for matching customer that contains this substring. A value of empty string "" indicates any customer is a match. If this field is specified, the dName value in company filter CompanyFilterInput will not be used for searching for customer matching. |
eventTime -
BlockedIPLogTimeInput!
|
Criteria for selecting a timestamp range for eventTimeStamp. |
firstEventTime -
BlockedIPLogTimeInput
|
Criteria for selecting a timestamp range firstEventTimeStamp. |
Example
{
"asn": UnsignedInt32,
"blockedIPSubstring": "xyz789",
"countermeasureSubstring": "xyz789",
"countrySubstring": "abc123",
"customerSubstring": "abc123",
"eventTime": BlockedIPLogTimeInput,
"firstEventTime": BlockedIPLogTimeInput
}
BlockedIPLogSortBy
DDoS blocked IP log sorting.
| Input Field | Description |
|---|---|
dimension -
BlockedIPLogDimension!
|
The dimension to sort by. |
direction -
SortDirection! default = "DESCENDING" |
The order of the sort (ascending or descending). |
Example
{
"dimension": BlockedIPLogDimension,
"direction": "DESCENDING"
}
BlockedIPLogsWithPagination
A paginated list of DDoS blocked IP logs.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[BlockedIPLog!]
|
DDoS blocked IP log data. |
Example
{
"pageInfo": Pagination,
"results": [BlockedIPLog]
}
BotAnalyticsResponse
A Bot analytics response.
| Field Name | Description |
|---|---|
groups -
[ViolationLogGroup!]
|
The list of aggregated group results satisfying the group by criteria. |
logs -
BotViolationLogsWithPagination
|
A paginated list of violation logs satisfying the filter criteria. |
timeSeriesData -
[ViolationLogTimeSeries!]
|
The time series information of the violation logs occurrences. |
Example
{
"groups": [ViolationLogGroup],
"logs": BotViolationLogsWithPagination,
"timeSeriesData": [ViolationLogTimeSeries]
}
BotBlackList
A black list countermeasure.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the black list countermeasure is enabled. |
types -
BotBlackListTypesWithPagination
|
A paginated list of black list bindings. |
|
Arguments |
|
Example
{
"enabled": true,
"types": BotBlackListTypesWithPagination
}
BotBlackListBinding
A black list binding.
| Field Name | Description |
|---|---|
action -
BotBlackListAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
active -
Boolean!
|
Whether the binding is active. |
expressionMatch -
BotBlackWhiteListExpressionMatch
|
The binding expression value. Can only be set if type is EXPRESSION. |
response -
BotResponse!
|
The binding response. |
type -
BotBlackListType!
|
The binding type. |
value -
String
|
The binding value. Can only be set if type is IPV4 or SUBNET. |
Example
{
"action": BotBlackListAction,
"active": false,
"expressionMatch": BotBlackWhiteListExpressionMatch,
"response": BotResponse,
"type": BotBlackListType,
"value": "abc123"
}
BotBlackListBindingInput
A black list binding.
| Input Field | Description |
|---|---|
action -
BotBlackListAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
active -
Boolean!
|
Whether the binding is active. |
expressionMatch -
BotBlackWhiteListExpressionMatchInput
|
The binding expression value. Can only be set if type is EXPRESSION. |
response -
BotResponse!
|
The binding response. |
type -
BotBlackListType!
|
The binding type. |
value -
String
|
The binding value. Can only be set if type is IPV4 or SUBNET. |
Example
{
"action": BotBlackListAction,
"active": false,
"expressionMatch": BotBlackWhiteListExpressionMatchInput,
"response": BotResponse,
"type": BotBlackListType,
"value": "xyz789"
}
BotBlackListTypesWithPagination
A paginated list of black list bindings.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[BotBlackListBinding!]
|
List of black list bindings. |
Example
{
"pageInfo": Pagination,
"results": [BotBlackListBinding]
}
BotBlackWhiteListExpressionField
Allowed list of black and white list expression fields.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
BotBlackWhiteListExpressionMatch
A black and white list expression match.
| Field Name | Description |
|---|---|
field -
BotBlackWhiteListExpressionField!
|
The expression field. |
fieldValue -
String
|
The expression field value. Can only be set if field is HEADER. |
operand -
BotBlackWhiteListExpressionOperand!
|
The expression operand. |
operandValue -
String!
|
The expression operand value. |
Example
{
"field": BotBlackWhiteListExpressionField,
"fieldValue": "abc123",
"operand": BotBlackWhiteListExpressionOperand,
"operandValue": "xyz789"
}
BotBlackWhiteListExpressionMatchInput
A black and white list expression match.
| Input Field | Description |
|---|---|
field -
BotBlackWhiteListExpressionField!
|
The expression field. |
fieldValue -
String
|
The expression field value. Can only be set if field is HEADER. |
operand -
BotBlackWhiteListExpressionOperand!
|
The expression operand. |
operandValue -
String!
|
The expression operand value. |
Example
{
"field": BotBlackWhiteListExpressionField,
"fieldValue": "xyz789",
"operand": BotBlackWhiteListExpressionOperand,
"operandValue": "xyz789"
}
BotBlackWhiteListExpressionOperand
Allowed list of black and white list expression operands.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BotCAPTCHA
A CAPTCHA countermeasure.
| Field Name | Description |
|---|---|
resources -
BotCAPTCHAResourcesWithPagination
|
A paginated list of CAPTCHA bindings. |
|
Arguments |
|
Example
{"resources": BotCAPTCHAResourcesWithPagination}
BotCAPTCHABinding
A CAPTCHA binding.
| Field Name | Description |
|---|---|
action -
BotCAPTCHAAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
active -
Boolean!
|
Whether the binding is active. |
gracePeriod -
UnsignedInt32!
|
The binding grace period. |
mutePeriod -
UnsignedInt32!
|
The binding mute period. |
requestLengthLimit -
UnsignedInt32!
|
The binding request length limit. |
response -
BotResponse!
|
The binding response. |
retryAttempts -
UnsignedInt32!
|
The binding retry attempts. |
urlPath -
String!
|
The binding url. |
waitTime -
UnsignedInt32!
|
The binding wait time. |
Example
{
"action": BotCAPTCHAAction,
"active": true,
"gracePeriod": UnsignedInt32,
"mutePeriod": UnsignedInt32,
"requestLengthLimit": UnsignedInt32,
"response": BotResponse,
"retryAttempts": UnsignedInt32,
"urlPath": "xyz789",
"waitTime": UnsignedInt32
}
BotCAPTCHABindingInput
A CAPTCHA binding.
| Input Field | Description |
|---|---|
action -
BotCAPTCHAAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
active -
Boolean!
|
Whether the binding is active. |
gracePeriod -
UnsignedInt32!
|
The binding grace period. |
mutePeriod -
UnsignedInt32!
|
The binding mute period. |
requestLengthLimit -
UnsignedInt32!
|
The binding request length limit. |
response -
BotResponse!
|
The binding response. |
retryAttempts -
UnsignedInt32!
|
The binding retry attempts. |
urlPath -
String!
|
The binding url. |
waitTime -
UnsignedInt32!
|
The binding wait time. |
Example
{
"action": BotCAPTCHAAction,
"active": true,
"gracePeriod": UnsignedInt32,
"mutePeriod": UnsignedInt32,
"requestLengthLimit": UnsignedInt32,
"response": BotResponse,
"retryAttempts": UnsignedInt32,
"urlPath": "xyz789",
"waitTime": UnsignedInt32
}
BotCAPTCHAResourcesWithPagination
A paginated list of CAPTCHA bindings.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[BotCAPTCHABinding!]
|
List of CAPTCHA bindings. |
Example
{
"pageInfo": Pagination,
"results": [BotCAPTCHABinding]
}
BotDeviceFingerprint
A device fingerprint countermeasure.
| Field Name | Description |
|---|---|
action -
BotDeviceFingerprintAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
enabled -
Boolean!
|
Whether the device fingerprint countermeasure is enabled. |
response -
BotResponse!
|
Response to be taken. |
Example
{
"action": BotDeviceFingerprintAction,
"enabled": false,
"response": BotResponse
}
BotDeviceFingerprintAction
Allowed list of device fingerprint actions.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
BotIPReputation
An IP reputation countermeasure.
| Field Name | Description |
|---|---|
categories -
BotIPReputationCategoriesWithPagination
|
A paginated list of IP reputation bindings. |
|
Arguments |
|
enabled -
Boolean!
|
Whether the IP reputation countermeasure is enabled. |
Example
{
"categories": BotIPReputationCategoriesWithPagination,
"enabled": false
}
BotIPReputationAction
Allowed list of IP reputation actions.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
BotIPReputationBinding
An IP reputation binding.
| Field Name | Description |
|---|---|
action -
BotIPReputationAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
active -
Boolean!
|
Whether the binding is active. |
response -
BotResponse!
|
The binding response. |
type -
BotIPReputationType!
|
The binding type. |
Example
{
"action": BotIPReputationAction,
"active": true,
"response": BotResponse,
"type": BotIPReputationType
}
BotIPReputationBindingInput
An IP reputation binding.
| Input Field | Description |
|---|---|
action -
BotIPReputationAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
active -
Boolean!
|
Whether the binding is active. |
response -
BotResponse!
|
The binding response. |
type -
BotIPReputationType!
|
The binding type. |
Example
{
"action": BotIPReputationAction,
"active": true,
"response": BotResponse,
"type": BotIPReputationType
}
BotIPReputationCategoriesWithPagination
A paginated list of IP reputation bindings.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[BotIPReputationBinding!]
|
List of IP reputation bindings. |
Example
{
"pageInfo": Pagination,
"results": [BotIPReputationBinding]
}
BotIPReputationType
Allowed list of IP reputation types.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BotMitigation
Represents a BOT Mitigation.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
countermeasures -
[BotViolation!]
|
The countermeasures associated with the mitigation. |
destinationIP -
IPAddress!
|
The destination IP. |
destinationIPs -
[CIDR!]
|
The destination IPs.
Use destinationIP
|
end -
Time
|
The end time of the mitigation. A non-zero value of end time means that the mitigation has ended or finished. |
event -
Event
|
The event associated with this mitigation. |
id -
String!
|
The identifier of this mitigaiton. |
policy -
Policy
|
The Policy that triggered this mitigation.
Use policyKey to find policy separately, if needed
|
policyKey -
String!
|
The Policy Key that triggered this mitigation. |
start -
Time!
|
The start time of the mitigaiton |
Example
{
"company": Company,
"countermeasures": [BotViolation],
"destinationIP": IPAddress,
"destinationIPs": [CIDR],
"end": Time,
"event": Event,
"id": "xyz789",
"policy": Policy,
"policyKey": "xyz789",
"start": Time
}
BotProfile
A bot profile for a given policy.
| Field Name | Description |
|---|---|
blackList -
BotBlackList
|
The black list countermeasure settings. |
botTrap -
BotTrap
|
The bot trap countermeasure settings. |
captcha -
BotCAPTCHA
|
The CAPTCHA countermeasure settings. |
deviceFingerprint -
BotDeviceFingerprint
|
The device fingerprint countermeasure settings. |
enabled -
Boolean!
|
Whether the bot profile is enabled. |
ipReputation -
BotIPReputation
|
The IP reputation countermeasure settings. |
rateLimit -
BotRateLimit
|
The rate limit countermeasure settings. |
signatures -
BotSignatures
|
The bot signatures settings. |
tps -
BotTPS
|
The TPS countermeasure settings. |
whiteList -
BotWhiteList
|
The white list countermeasure settings. |
Example
{
"blackList": BotBlackList,
"botTrap": BotTrap,
"captcha": BotCAPTCHA,
"deviceFingerprint": BotDeviceFingerprint,
"enabled": true,
"ipReputation": BotIPReputation,
"rateLimit": BotRateLimit,
"signatures": BotSignatures,
"tps": BotTPS,
"whiteList": BotWhiteList
}
BotRateLimit
A rate limit countermeasure.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the rate limit countermeasure is enabled. |
resources -
BotRateLimitResourcesWithPagination
|
A paginated list of rate limit bindings. |
|
Arguments |
|
Example
{
"enabled": true,
"resources": BotRateLimitResourcesWithPagination
}
BotRateLimitBinding
A rate limit binding.
| Field Name | Description |
|---|---|
action -
BotRateLimitAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
active -
Boolean!
|
Whether the binding is active. |
cookieName -
String
|
The binding cookie name. Can only be set if type is SESSION. |
period -
UnsignedInt32!
|
The binding period. |
rate -
UnsignedInt32!
|
The binding rate. |
response -
BotResponse!
|
The binding response. |
type -
BotRateLimitType!
|
The binding type. |
urlPath -
String
|
The binding URL path. Can only be set if type is URL. |
Example
{
"action": BotRateLimitAction,
"active": true,
"cookieName": "abc123",
"period": UnsignedInt32,
"rate": UnsignedInt32,
"response": BotResponse,
"type": BotRateLimitType,
"urlPath": "abc123"
}
BotRateLimitBindingInput
A rate limit binding.
| Input Field | Description |
|---|---|
action -
BotRateLimitAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
active -
Boolean!
|
Whether the binding is active. |
cookieName -
String
|
The binding cookie name. Can only be set if type is SESSION. |
period -
UnsignedInt32!
|
The binding period. |
rate -
UnsignedInt32!
|
The binding rate. |
response -
BotResponse!
|
The binding response. |
type -
BotRateLimitType!
|
The binding type. |
urlPath -
String
|
The binding URL path. Can only be set if type is URL. |
Example
{
"action": BotRateLimitAction,
"active": false,
"cookieName": "xyz789",
"period": UnsignedInt32,
"rate": UnsignedInt32,
"response": BotResponse,
"type": BotRateLimitType,
"urlPath": "abc123"
}
BotRateLimitResourcesWithPagination
A paginated list of rate limit bindings.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[BotRateLimitBinding!]
|
List of rate limit bindings. |
Example
{
"pageInfo": Pagination,
"results": [BotRateLimitBinding]
}
BotResponse
Allowed list of countermeasure responses.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
BotSignatureAction
Allowed list of bot signature actions.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BotSignatureDimension
Allowed values for sorting the bot signature list.
| Enum Value | Description |
|---|---|
|
|
|
|
|
BotSignatureFilterInput
Filter a list of bot signatures.
| Input Field | Description |
|---|---|
category -
String
|
Category to filter the signatures by. |
name -
String
|
Name to filter the signatures by. |
search -
String
|
Substring to search in description and other text, etc. |
Example
{"category": "xyz789", "name": "abc123", "search": "xyz789"}
BotSignatureSortBy
Sort options for the bot signature list.
| Input Field | Description |
|---|---|
dimension -
BotSignatureDimension!
|
The dimension to sort by. |
direction -
SortDirection!
|
The direction to sort in. |
Example
{
"dimension": BotSignatureDimension,
"direction": SortDirection
}
BotSignatures
Bot signatures.
| Field Name | Description |
|---|---|
configuredBaseSignatures -
[ConfiguredBaseBotSignature!]
|
List of bot signatures. |
enabled -
Boolean!
|
Whether bot signatures are enabled. |
Example
{
"configuredBaseSignatures": [
ConfiguredBaseBotSignature
],
"enabled": true
}
BotSignaturesWithPagination
A paginated list of bot signatures.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[BaseBotSignature!]
|
List of bot signatures. |
version -
BotSignaturesVersion
|
The version of the default bot signatures file |
Example
{
"pageInfo": Pagination,
"results": [BaseBotSignature],
"version": BotSignaturesVersion
}
BotTPS
A TPS countermeasure.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the TPS countermeasure is enabled. |
resources -
BotTPSResourcesWithPagination
|
A paginated list of rate limit bindings. |
|
Arguments |
|
Example
{
"enabled": true,
"resources": BotTPSResourcesWithPagination
}
BotTPSBinding
A TPS binding.
| Field Name | Description |
|---|---|
action -
BotTPSAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
fixedThreshold -
UnsignedInt32
|
The binding fixed threshold. One or both of fixed and percentage threshold must be set. |
percentageThreshold -
UnsignedInt32
|
The binding percentage threshold. One or both of fixed and percentage threshold must be set. |
response -
BotResponse!
|
The binding response. |
type -
BotTPSType!
|
The binding type. |
Example
{
"action": BotTPSAction,
"fixedThreshold": UnsignedInt32,
"percentageThreshold": UnsignedInt32,
"response": BotResponse,
"type": BotTPSType
}
BotTPSBindingInput
A TPS binding.
| Input Field | Description |
|---|---|
action -
BotTPSAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
fixedThreshold -
UnsignedInt32
|
The binding fixed threshold. One or both of fixed and percentage threshold must be set. |
percentageThreshold -
UnsignedInt32
|
The binding percentage threshold. One or both of fixed and percentage threshold must be set. |
response -
BotResponse!
|
The binding response. |
type -
BotTPSType!
|
The binding type. |
Example
{
"action": BotTPSAction,
"fixedThreshold": UnsignedInt32,
"percentageThreshold": UnsignedInt32,
"response": BotResponse,
"type": BotTPSType
}
BotTPSResourcesWithPagination
A paginated list of TPS bindings.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[BotTPSBinding!]
|
List of TPS bindings. |
Example
{
"pageInfo": Pagination,
"results": [BotTPSBinding]
}
BotTrap
A bot trap countermeasure.
| Field Name | Description |
|---|---|
action -
BotTrapAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
enabled -
Boolean!
|
Whether the bot trap countermeasure is enabled. |
insertionURLs -
[BotTrapBinding!]
|
List of bot trap bindings. |
response -
BotResponse!
|
Response to be taken. |
Example
{
"action": BotTrapAction,
"enabled": false,
"insertionURLs": [BotTrapBinding],
"response": BotResponse
}
BotViolation
Represents Bot violation.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. removing support |
id -
String!
|
The id of a bot violation.
Use name
|
mitigation -
BotMitigation!
|
The bot mitigation for the violation. |
name -
String!
|
The name of the countermeasure. |
violationsDetails -
[AppViolationData!]
|
The details of the violations. |
|
Arguments
|
|
Example
{
"company": Company,
"id": "xyz789",
"mitigation": BotMitigation,
"name": "xyz789",
"violationsDetails": [AppViolationData]
}
BotViolationLog
A Bot violation log.
| Field Name | Description |
|---|---|
action -
String
|
The action that caused this violation log. |
cookies -
String
|
The cookies in the original request. |
customer -
String
|
The customer account dname. |
destinationIP -
IPAddress
|
The destination IP the request was intended for. |
domain -
String
|
The domain the request was intended for. |
host -
String
|
The hostname in the request. |
httptxID -
String
|
The HTTP transaction ID from the engine. |
logType -
BotViolationLogType
|
The type of the log message. |
node -
NetworkNode
|
The network node that detected the violation. |
profile -
String
|
The policy key generating this violation. |
protocol -
String
|
The protocol used. |
rawHeaders -
String
|
The raw headers in the original request. |
reason -
String
|
The reason for the violation to occur. |
signatureName -
String
|
The protection / signature name which triggered the violation. |
sourceASN -
UnsignedInt32
|
The source ASN (autonomous system number) of the request. |
sourceIP -
IPAddress
|
The source IP of the request. |
sourceLocation -
GeoLocation
|
The location where the request originated. |
timestamp -
LogTime
|
The timestamp of the violation log. |
timestampEvent -
LogTime
|
The log timestamp event. |
type -
String
|
The type of the violation. |
uri -
String
|
The uri which cause the violation. |
userAgent -
String
|
The user agent in the original request header. |
version -
String
|
The version. |
wafVersion -
String
|
The WAF version. |
Example
{
"action": "xyz789",
"cookies": "xyz789",
"customer": "xyz789",
"destinationIP": IPAddress,
"domain": "abc123",
"host": "xyz789",
"httptxID": "xyz789",
"logType": BotViolationLogType,
"node": NetworkNode,
"profile": "xyz789",
"protocol": "abc123",
"rawHeaders": "abc123",
"reason": "abc123",
"signatureName": "abc123",
"sourceASN": UnsignedInt32,
"sourceIP": IPAddress,
"sourceLocation": GeoLocation,
"timestamp": LogTime,
"timestampEvent": LogTime,
"type": "abc123",
"uri": "abc123",
"userAgent": "abc123",
"version": "xyz789",
"wafVersion": "abc123"
}
BotViolationLogDimension
Allowed list of Bot violation log sort fields.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BotViolationLogFilterInput
A Bot violation log filter input.
| Input Field | Description |
|---|---|
action -
String
|
The violation log action. |
all -
String
|
The All filters looks at all the filters mentioned above, with the exception of profile. |
destinationIP -
IPAddressInput
|
The destination IP of the request. |
domain -
String
|
The domain the request was intended for. |
host -
String
|
The host of the request. |
httptxID -
String
|
The HTTP transaction ID from the engine. |
logType -
BotViolationLogType
|
The type of the log message. |
nodeIATACode -
String
|
The IATA code for the processing node (site). |
profile -
String
|
The policy key generating this violation. |
reason -
String
|
The reason for the violation to occur. |
signatureName -
String
|
The signature name which triggered the violation. |
sourceCity -
String
|
The source city name. |
sourceCountryName -
String
|
The source country name. |
sourceIP -
IPAddressInput
|
The source IP of the request. |
timestamp -
String
|
The timestamp of the violation log. |
uri -
String
|
The uri which cause the violation. |
userAgent -
String
|
The user agent in the original request header. |
Example
{
"action": "xyz789",
"all": "abc123",
"destinationIP": IPAddressInput,
"domain": "abc123",
"host": "abc123",
"httptxID": "xyz789",
"logType": BotViolationLogType,
"nodeIATACode": "abc123",
"profile": "xyz789",
"reason": "xyz789",
"signatureName": "abc123",
"sourceCity": "abc123",
"sourceCountryName": "xyz789",
"sourceIP": IPAddressInput,
"timestamp": "xyz789",
"uri": "xyz789",
"userAgent": "abc123"
}
BotViolationLogGroupByField
Allowed list of Bot violation log group by fields.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
BotViolationLogGroupByInput
A Bot violation log group by input.
| Input Field | Description |
|---|---|
direction -
SortDirection
|
The order of the groups listed (ascending or descending). |
field -
BotViolationLogGroupByField!
|
The field that will be used to group the logs. |
timeInterval -
TimeInterval
|
The time interval when the group of logs occurred. |
Example
{
"direction": SortDirection,
"field": BotViolationLogGroupByField,
"timeInterval": TimeInterval
}
BotViolationLogSortBy
Bot violation log sorting.
| Input Field | Description |
|---|---|
dimension -
BotViolationLogDimension!
|
The dimension to sort by. |
direction -
SortDirection! default = "DESCENDING" |
The direction to sort in. |
Example
{
"dimension": BotViolationLogDimension,
"direction": "DESCENDING"
}
BotViolationLogType
Allowed list of Bot violation log types.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
BotViolationLogsWithPagination
A paginated list of Bot violation logs.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[BotViolationLog!]
|
Violation log entries. |
Example
{
"pageInfo": Pagination,
"results": [BotViolationLog]
}
BotWhiteList
A white list countermeasure.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the white list countermeasure is enabled. |
types -
BotWhiteListTypesWithPagination
|
A paginated list of white list bindings. |
|
Arguments |
|
Example
{
"enabled": true,
"types": BotWhiteListTypesWithPagination
}
BotWhiteListBinding
A white list binding.
| Field Name | Description |
|---|---|
active -
Boolean!
|
Whether the binding is active. |
expressionMatch -
BotBlackWhiteListExpressionMatch
|
The binding expression value. Can only be set if type is EXPRESSION. |
response -
BotWhiteListResponse!
|
The binding response. |
type -
BotWhiteListType!
|
The binding type. |
value -
String
|
The binding value. Can only be set if type is IPV4 or SUBNET. |
Example
{
"active": true,
"expressionMatch": BotBlackWhiteListExpressionMatch,
"response": BotWhiteListResponse,
"type": BotWhiteListType,
"value": "abc123"
}
BotWhiteListBindingInput
A white list binding.
| Input Field | Description |
|---|---|
active -
Boolean!
|
Whether the binding is active. |
expressionMatch -
BotBlackWhiteListExpressionMatchInput
|
The binding expression value. Can only be set if type is EXPRESSION. |
response -
BotWhiteListResponse!
|
The binding response. |
type -
BotWhiteListType!
|
The binding type. |
value -
String
|
The binding value. Can only be set if type is IPV4 or SUBNET. |
Example
{
"active": true,
"expressionMatch": BotBlackWhiteListExpressionMatchInput,
"response": BotWhiteListResponse,
"type": BotWhiteListType,
"value": "xyz789"
}
BotWhiteListTypesWithPagination
A paginated list of white list bindings.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[BotWhiteListBinding!]
|
List of white list bindings. |
Example
{
"pageInfo": Pagination,
"results": [BotWhiteListBinding]
}
BufferOverflow
Buffer overflow countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
maxCookieLength -
UnsignedInt16!
|
Maximum cookie length (in characters) in requests to the protected web sites. Requests with longer cookie lengths will be blocked. |
maxHeaderLength -
UnsignedInt16!
|
Maximum HTTP header length (in characters) in requests to the protected web sites. Requests with longer headers will be blocked. |
maxURLLength -
UnsignedInt16!
|
Maximum URL length allowed on the protected web sites. Requests with longer URLs will be blocked. |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for buffer overflow violations. |
Example
{
"action": WAFAction,
"maxCookieLength": UnsignedInt16,
"maxHeaderLength": UnsignedInt16,
"maxURLLength": UnsignedInt16,
"threshold": AppSecThreshold
}
CSRFRelaxationRuleInput
A CSRF relaxation rule. Form tagging must be enabled to use this feature.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the relaxation rule is enabled. |
formActionURL -
String!
|
The action URL for the web form. |
formOriginURL -
String!
|
The web form originating URL. |
Example
{"enabled": true, "formActionURL": "abc123", "formOriginURL": "abc123"}
CSRFRelaxationRulesWithPagination
A paginated list of CSRF relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[CSRFRelaxationRule!]
|
A list of CSRF relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [CSRFRelaxationRule]
}
CSRFSettings
A cross-site request forgery countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
learn -
Boolean!
|
A flag to enable or disable learning. |
relaxationRules -
CSRFRelaxationRulesWithPagination
|
A paginated list of CSRF relaxation rules. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for CSRF violations. |
Example
{
"action": WAFAction,
"learn": false,
"relaxationRules": CSRFRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
CSRFSettingsRuleCount
CSRF settings rule count.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
|
rule -
LearnedCSRFSettingsRule!
|
Example
{
"count": UnsignedInt32,
"rule": LearnedCSRFSettingsRule
}
CSRFSettingsRuleCountsWithPagination
CSRF settings learning rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
|
results -
[CSRFSettingsRuleCount!]
|
Example
{
"pageInfo": Pagination,
"results": [CSRFSettingsRuleCount]
}
CallerType
Allowed list of values indicating what type of caller is recording an audit log transaction.
| Enum Value | Description |
|---|---|
|
|
|
|
|
CandidateACL
The Candidate ACL.
| Field Name | Description |
|---|---|
comment -
String
|
A comment provided by SOC regarding the candidate ACL. |
configuration -
String!
|
The JSON configuration of the ACL. |
id -
String!
|
The identifier of the candidate ACL. |
state -
CandidateACLState!
|
The state of the candidate ACL |
Example
{
"comment": "xyz789",
"configuration": "abc123",
"id": "xyz789",
"state": CandidateACLState
}
CandidateACLState
The different states of a candidate ACL.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CategoryConfiguration
Configuration for a specific notification category.
| Field Name | Description |
|---|---|
category -
NotificationCategory!
|
Notification category name. |
description -
String!
|
Notification category description. |
email -
Boolean!
|
A flag indicating if email is enabled for this notification category. |
label -
String!
|
Notification category label. |
slack -
Boolean!
|
A flag indicating if Slack is enabled for this notification category. |
webhook -
Boolean!
|
A flag indicating if webhook is enabled for this notification category. |
Example
{
"category": NotificationCategory,
"description": "xyz789",
"email": false,
"label": "xyz789",
"slack": true,
"webhook": false
}
CategoryConfigurationInput
Input of Category Configuration.
| Input Field | Description |
|---|---|
category -
NotificationCategory!
|
Notification category name. |
email -
Boolean!
|
A flag indicating if email is enabled for this notification category. |
slack -
Boolean
|
A flag indicating if Slack is enabled for this notification category. This flag must always be set to false for the user configuration. |
webhook -
Boolean
|
A flag indicating if webhook is enabled for this notification category. This flag must always be set to false for the user configuration. |
Example
{
"category": NotificationCategory,
"email": false,
"slack": false,
"webhook": true
}
Certificate
An SSL certificate.
| Field Name | Description |
|---|---|
commonName -
String!
|
The common name of the certificate. |
company -
Company!
|
The name of the company. |
createdAt -
Time!
|
The time at which the certificate was created. |
expiration -
Time!
|
The time at which the certificate will expire. |
fingerprint -
String!
|
The hash of the certificate. |
id -
String!
|
The ID of the certificate. |
isIntermediate -
Boolean!
|
Whether or not the certificate is an intermediate. |
issued -
Time!
|
The time at which the certificate was issued. |
issuer -
String!
|
The issuer name of the certificate. |
linksTo -
String
|
The intermediate certificate that links to the SSL certificate. |
name -
String!
|
The name of the certificate. |
nod -
String!
|
The name of the certificate on the devices. |
root -
String!
|
The root certificate name. |
sanNames -
[String!]
|
SAN Names belonging to the certificate. |
updatedAt -
Time!
|
The time at which the certificate was updated. |
Example
{
"commonName": "abc123",
"company": Company,
"createdAt": Time,
"expiration": Time,
"fingerprint": "xyz789",
"id": "xyz789",
"isIntermediate": true,
"issued": Time,
"issuer": "xyz789",
"linksTo": "abc123",
"name": "xyz789",
"nod": "xyz789",
"root": "abc123",
"sanNames": ["xyz789"],
"updatedAt": Time
}
CertificateBinding
Certificate information for a back end.
| Field Name | Description |
|---|---|
certificateID -
String!
|
Common name used for SNI initiation. |
sni -
Boolean!
|
Forces back-end SNI support between the proxy and the origin, sending the specified common name to initiate SNI to the back end. |
Example
{"certificateID": "abc123", "sni": false}
CertificateBindingInput
Associate a certificate with a virtual server.
| Input Field | Description |
|---|---|
certificateID -
String!
|
Internal ID for a defined certficiate. |
Example
{"certificateID": "xyz789"}
ChannelConfiguration
Channel configuration used by the company notification configuration.
| Field Name | Description |
|---|---|
email -
EmailConfiguration!
|
Email channel configuration. |
slack -
SlackConfiguration!
|
Slack channel configuration. |
webhook -
WebhookConfiguration!
|
Webhook channel configuration. |
Example
{
"email": EmailConfiguration,
"slack": SlackConfiguration,
"webhook": WebhookConfiguration
}
ChannelConfigurationInput
Input of Channel configuration.
| Input Field | Description |
|---|---|
email -
EmailConfigurationInput
|
Email channel configuration input. |
slack -
SlackConfigurationInput
|
Slack channel configuration input. |
webhook -
WebhookConfigurationInput
|
Webhook channel configuration input. |
Example
{
"email": EmailConfigurationInput,
"slack": SlackConfigurationInput,
"webhook": WebhookConfigurationInput
}
CipherSelectionMode
Allowed list of TLS cipher user selection mode.
| Enum Value | Description |
|---|---|
|
|
|
|
|
CommandInjection
An Command injection countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
commandInjectionType -
CommandInjectionType!
|
A command injection type. |
relaxationRules -
CommandInjectionRelaxationRulesWithPagination
|
A paginated list of SQL Injection rules. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for command injection violations. |
Example
{
"action": WAFAction,
"commandInjectionType": CommandInjectionType,
"relaxationRules": CommandInjectionRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
CommandInjectionRelaxationRule
A Command injection relaxation rule.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean!
|
Whether the name is in regex format. |
isValueExpressionRegex -
Boolean
|
Whether the value expression is in regex format. |
location -
HTMLLocation
|
Location that should be examined by the rule. |
name -
String!
|
Name of the web form field, cookie, or HTTP header to relax. |
url -
String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
valueExpression -
String
|
The value expression. |
valueType -
CommandInjectionValueType
|
The value type. |
Example
{
"enabled": true,
"isNameRegex": false,
"isValueExpressionRegex": true,
"location": HTMLLocation,
"name": "xyz789",
"url": "xyz789",
"valueExpression": "xyz789",
"valueType": CommandInjectionValueType
}
CommandInjectionRelaxationRuleInput
A Command injection relaxation rule input.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean! default = false |
Whether the name is in regex format. |
isValueExpressionRegex -
Boolean default = false |
Whether the value expression is in regex format. |
location -
HTMLLocation
|
The location that should be examined by the rule. |
name -
String!
|
Name of the web form field, cookie, or HTTP header to relax. |
url -
String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
valueExpression -
String
|
The value expression. |
valueType -
CommandInjectionValueType
|
The value type. |
Example
{
"enabled": true,
"isNameRegex": false,
"isValueExpressionRegex": false,
"location": HTMLLocation,
"name": "xyz789",
"url": "abc123",
"valueExpression": "abc123",
"valueType": CommandInjectionValueType
}
CommandInjectionRelaxationRulesWithPagination
A paginated list of SQL injection relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[CommandInjectionRelaxationRule!]
|
A list of relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [CommandInjectionRelaxationRule]
}
CommandInjectionType
Allowed list of command injection types.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
CommandInjectionValueType
Allowed list of values for command injection value types.
| Enum Value | Description |
|---|---|
|
|
|
|
|
CommentExemption
Allowed list of types of comment which can be exmpted.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
CompaniesWithPagination
A paginated list of Companies.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[Company!]
|
Set of companies returned by query. |
Example
{
"pageInfo": Pagination,
"results": [Company]
}
Company
A Customer or Reseller
| Field Name | Description |
|---|---|
accountID -
String!
|
Unique account ID of Company. |
accountInfo -
AccountInfo
|
Account and Contract Details of Company. |
accountManagerEmail -
String!
|
Company Account Manager email. |
accountManagerName -
String!
|
Company Account Manager Name. |
acls -
ACLsOutput!
|
Fetch ACLs. |
alerts -
AlertsWithPagination!
|
All the alerts. |
|
Arguments
The page number to fetch results. It takes a non-zero number. If omitted, default value of 1 is applied.
The maximum number of results to show per page. If omitted, default value of 20 is applied.
The sortBy sorts the results based on the specific sort field order. If omitted, results are sorted based on the descending order of the start field. |
|
allCustomers -
CompaniesWithPagination!
|
Returns all companies that are customers of (resold by) this company and those resold by other reseller. |
|
Arguments |
|
apiPackage -
APIAccess
|
API access settings users belonging to this company. |
appDataAnalytics -
[AppDataAnalyticsResponse!]
|
Application-level traffic data. |
|
Arguments |
|
auditLogTransactions -
AuditLogTransactionsWithPagination!
|
A list of audit log transactions that occurred between UTC time (from) to UTC time (to). |
|
Arguments
The filters that can be applied to scope the specific list of audit log transactions.
Earliest time to show transactions from. If not given, will use earliest recorded transaction date.
The sortBy sorts the results based on the specific sort field selected and order. If omitted, results are sorted based on the descending order of the transaction timestamp.
Latest time to show transactions from. If not given, most recent transactions will be included. |
|
bgpPackage -
BGPPackage
|
BGP Configuration, if any. |
|
Arguments
|
|
botAnalytics -
BotAnalyticsResponse
|
Bot Violation Log details. |
|
Arguments |
|
certificates -
[Certificate!]
|
TLS Certificates configured for the Company. |
configurationChanges -
[ConfigurationChange!]
|
Recent changes to Policies and/or Proxies. |
|
Arguments
|
|
corporateDomain -
String!
|
Corporate Domain name of the company. |
corporateName -
String!
|
Corporate Name of the company. |
createdAt -
Time!
|
Timestamp the company entry was created at. |
customers -
[Company!]
|
Companies that are direct customers of this company. |
dName -
String!
|
The unique, primary identifier for the company. |
ddosBlockedIPLogs -
BlockedIPLogsWithPagination
|
DDoS blocked IP log details. |
|
Arguments |
|
deleted -
Boolean!
|
Indicates whether company is deleted. |
destinationIPs -
[CIDR!]
|
IP Addresses that could be getting traffic. |
details -
CompanyDetails!
|
Contains Company details like Name, Account Name and ID, DNS account, among others. |
detectionAndAlertingPackage -
DetectionAndAlertingPackage
|
Detection and Alerting Package. |
enabled -
Boolean!
|
Whether the Company and its users are able to access the system. |
event -
Event
|
Details of a specific event.
Use events providing ID in filter.
|
|
Arguments
|
|
events -
EventsWithPagination!
|
The list of events. |
|
Arguments
The page number to fetch results. It takes a non-zero number. If omitted, default value of 1 is applied.
The maximum number of results to show per page. If omitted, default value of 20 is applied.
The sortBy sorts the results based on the specific sort field order. If omitted, results are sorted based on the descending order of the start field. |
|
executiveReports -
ExecutiveReportsWithPagination!
|
Retrieves Executive Reports. |
|
Arguments |
|
filterLists -
FilterListsWithPagination!
|
List of Filter Lists. |
|
Arguments
The filters that can be applied to scope the specific list of filter lists.
The page number to fetch results. It takes a non-zero number. If omitted, default value of 1 is applied.
The maximum number of results to show per page. If omitted, default value of 50 is applied.
The sortBy sorts the results based on the specific sort field order. If omitted, results are sorted based on the descending order of the name field. |
|
formerlyKnownAs -
String!
|
Former Name of Company if applicable. |
id -
String!
|
Company ID. |
isReseller -
Boolean!
|
Indicates whether the company resells other companies. |
legacyProxies -
[LegacyProxy!]
|
List of legacy proxies based on filter options. |
|
Arguments
|
|
managedObjects -
[ManagedObject!]
|
List of Managed Objects. |
|
Arguments
|
|
managementDomain -
String!
|
Management Domain name of the company. |
mfaPackage -
MFAPackage
|
Specifies Multi Factor Authentication configuration and Enablement for this company's users. |
notificationConfigurations -
NotificationConfigurationsWithPagination
|
The list of notification configuration. |
|
Arguments
The filters that can be applied to scope the specific list of notification configurations.
The page number to fetch results. It takes a non-zero number. If omitted, default value of 1 is applied.
The maximum number of results to show per page. If omitted, default value of 50 is applied.
The sortBy sorts the results based on the specific sort field order. If omitted, results are sorted based on the descending order of the createdAt field. |
|
notificationRecords -
NotificationRecordsWithPagination
|
The list of notification records. |
|
Arguments
The filters that can be applied to scope the specific list of notification.
The page number to fetch results. It takes a non-zero number. If omitted, default value of 1 is applied.
The maximum number of results to show per page. If omitted, default value of 50 is applied.
The sortBy sorts the results based on the specific sort field order. If omitted, results are sorted based on the descending order of the start field. |
|
oneTimeExecutiveReportConfigurations -
OneTimeExecutiveReportConfigurationsWithPagination!
|
Retrieves One time Executive Report Configurations. |
|
Arguments |
|
policies -
[Policy!]
|
A list of policies based on filter options. |
|
Arguments
|
|
proxies -
[Proxy!]
|
A list of proxies based on filter options. |
|
Arguments
|
|
proxyPackage -
ProxyPackage
|
Proxy Related information for the company. |
recurringExecutiveReportConfigurations -
RecurringExecutiveReportConfigurationsWithPagination!
|
Retrieves Recurring Executive Report Configurations. |
|
Arguments |
|
resellBGP -
Boolean!
|
Indicates whether this company is a reseller of BGP related offerings. |
resellBot -
Boolean!
|
Indicates whether this company is a reseller of Bot related offerings. |
resellDetectionAndAlerting -
Boolean!
|
Indicates whether this company is a reseller of Detection and Alerting related offerings. |
resellProxy -
Boolean!
|
Indicates whether this company is a reseller of Proxy offerings. |
resellWAF -
Boolean!
|
Indicates whether this company is a reseller of Web Application Firewall related offerings. |
reseller -
Company
|
Details of company that is the reseller of this company. |
responderAnalytics -
ResponderAnalyticsResponse
|
WAF Responder Policy Log details. |
|
Arguments |
|
runBook -
RunBook
|
The escalation run book. |
serviceProvider -
String!
|
Service Provider for the company. |
shortname -
String!
|
Short name of Company. |
ssoPackage -
SSOPackage
|
SSO Related information for the company. |
status -
StatusOutput!
|
Fetch status data. |
|
Arguments |
|
technicalEmail -
String!
|
Company Technical contact Email. |
technicalFirstName -
String!
|
Company Technical contact First Name. |
technicalJobTitle -
String!
|
Company Technical contact Job Title. |
technicalLastName -
String!
|
Company Technical contact Last Name. |
technicalMobile -
String!
|
Company Technical contact Mobile number. |
technicalPhone -
String!
|
Company Technical contact phone number. |
traffic -
TrafficOutput!
|
Fetch clean traffic data. |
|
Arguments |
|
tunnels -
[Tunnel!]
|
Tunnels connecting to the customer origin. |
updatedAt -
Time!
|
Timestamp the company entry was last updated at. |
userPurgeList -
UserLoginIDWithPagination
|
Retreive the list of login id's of users that would be purged on enabling SSO for the company. |
|
Arguments |
|
users -
UsersWithPagination!
|
Returns all Users associated with this company. |
|
Arguments |
|
wafAnalytics -
WAFAnalyticsResponse
|
WAF Violation Log details. |
|
Arguments |
|
whiteLabel -
WhiteLabel
|
Contains whitelabel specifications for this company. |
Example
{
"accountID": "xyz789",
"accountInfo": AccountInfo,
"accountManagerEmail": "abc123",
"accountManagerName": "xyz789",
"acls": ACLsOutput,
"alerts": AlertsWithPagination,
"allCustomers": CompaniesWithPagination,
"apiPackage": APIAccess,
"appDataAnalytics": [AppDataAnalyticsResponse],
"auditLogTransactions": AuditLogTransactionsWithPagination,
"bgpPackage": BGPPackage,
"botAnalytics": BotAnalyticsResponse,
"certificates": [Certificate],
"configurationChanges": [ConfigurationChange],
"corporateDomain": "abc123",
"corporateName": "abc123",
"createdAt": Time,
"customers": [Company],
"dName": "xyz789",
"ddosBlockedIPLogs": BlockedIPLogsWithPagination,
"deleted": false,
"destinationIPs": [CIDR],
"details": CompanyDetails,
"detectionAndAlertingPackage": DetectionAndAlertingPackage,
"enabled": false,
"event": Event,
"events": EventsWithPagination,
"executiveReports": ExecutiveReportsWithPagination,
"filterLists": FilterListsWithPagination,
"formerlyKnownAs": "xyz789",
"id": "abc123",
"isReseller": false,
"legacyProxies": [LegacyProxy],
"managedObjects": [ManagedObject],
"managementDomain": "abc123",
"mfaPackage": MFAPackage,
"notificationConfigurations": NotificationConfigurationsWithPagination,
"notificationRecords": NotificationRecordsWithPagination,
"oneTimeExecutiveReportConfigurations": OneTimeExecutiveReportConfigurationsWithPagination,
"policies": [Policy],
"proxies": [Proxy],
"proxyPackage": ProxyPackage,
"recurringExecutiveReportConfigurations": RecurringExecutiveReportConfigurationsWithPagination,
"resellBGP": true,
"resellBot": false,
"resellDetectionAndAlerting": true,
"resellProxy": false,
"resellWAF": true,
"reseller": Company,
"responderAnalytics": ResponderAnalyticsResponse,
"runBook": RunBook,
"serviceProvider": "abc123",
"shortname": "abc123",
"ssoPackage": SSOPackage,
"status": StatusOutput,
"technicalEmail": "abc123",
"technicalFirstName": "abc123",
"technicalJobTitle": "xyz789",
"technicalLastName": "abc123",
"technicalMobile": "abc123",
"technicalPhone": "abc123",
"traffic": TrafficOutput,
"tunnels": [Tunnel],
"updatedAt": Time,
"userPurgeList": UserLoginIDWithPagination,
"users": UsersWithPagination,
"wafAnalytics": WAFAnalyticsResponse,
"whiteLabel": WhiteLabel
}
CompanyDetails
Company configuration details.
| Field Name | Description |
|---|---|
dName -
String!
|
The unique, primary identifier for the company. |
ipiID -
String
|
IP Intelligence ID for this company. |
recursiveAccountID -
String
|
Recursive DNS Account ID for this company. |
recursiveSponsorID -
String
|
Recursive DNS Sponsor server ID for this company. |
ultraDNSAccountName -
String
|
Ultra DNS Account name for this company. |
ultraSecurityAccountID -
String!
|
Company portal Account ID. |
wpmAPIKey -
String
|
Web Performance Management API key for this company. |
Example
{
"dName": "xyz789",
"ipiID": "xyz789",
"recursiveAccountID": "abc123",
"recursiveSponsorID": "xyz789",
"ultraDNSAccountName": "abc123",
"ultraSecurityAccountID": "xyz789",
"wpmAPIKey": "abc123"
}
CompanyFilterInput
Filters queries for companies.
| Input Field | Description |
|---|---|
dName -
String
|
A unique, primary identifier for a company. |
Example
{"dName": "abc123"}
CompanyNotificationConfiguration
Represents a Company wide notification configuration.
| Field Name | Description |
|---|---|
categories -
[CategoryConfiguration!]!
|
The list of global category notification configurations. |
channel -
ChannelConfiguration!
|
Global notification channels configurations. |
company -
Company!
|
The company object. |
createdAt -
Time!
|
The time that the notification configuration was created at. |
deletedAt -
Time
|
The time that the notification configuration was deleted at. |
id -
String!
|
The identifier of this notification configuration. |
updatedAt -
Time!
|
The time that the notification configuration was last updated at |
Example
{
"categories": [CategoryConfiguration],
"channel": ChannelConfiguration,
"company": Company,
"createdAt": Time,
"deletedAt": Time,
"id": "xyz789",
"updatedAt": Time
}
CompanyUsersFilterInput
Specify how to search Company users.
| Input Field | Description |
|---|---|
emailSubstring -
String
|
Filter users by a specified substring in their email IDs. |
includeDescendants -
Boolean default = false |
Indicates whether users from descendant companies should be included in query results. |
includeDisabled -
Boolean
|
Specifies whether disabled users belonging to company should be included in query results. |
userNameSubstring -
String
|
Filter users by a specified substring in their name (first and/or last name). |
Example
{
"emailSubstring": "abc123",
"includeDescendants": false,
"includeDisabled": true,
"userNameSubstring": "xyz789"
}
ConfigurationChange
A configuration change submitted to the controlling system(s).
| Field Name | Description |
|---|---|
company -
Company!
|
Company the change belongs to. |
createdAt -
Time!
|
Time at which the change was created. |
ended -
Time
|
Time at which the change finished provisioning to devices. |
id -
String!
|
ID of the change. |
started -
Time
|
Time at which the change began provisioning to devices. |
status -
ConfigurationChangeStatus!
|
Current status of the config change. |
statusText -
String!
|
Additional status infomation about the config change. |
updatedAt -
Time!
|
Time at which the change was last updated. |
Example
{
"company": Company,
"createdAt": Time,
"ended": Time,
"id": "abc123",
"started": Time,
"status": ConfigurationChangeStatus,
"statusText": "abc123",
"updatedAt": Time
}
ConfigurationChangeFilterInput
Input needed to get config changes.
| Input Field | Description |
|---|---|
latest -
Boolean
|
Whether to only return the latest config change. |
Example
{"latest": true}
ConfigurationChangeStatus
List of possible ConfigurationChange statuses.
| Enum Value | Description |
|---|---|
|
|
Completed, but failed. |
|
|
Completed successfully. |
|
|
In progress. |
|
|
Submitted, but not yet processing. |
|
|
Should never be encountered, used in manual adjustments only. |
ConfigurationChangesLock
The lock status of the configuration engine.
| Field Name | Description |
|---|---|
createdAt -
Time!
|
Time at which the lock was created. |
ended -
Time
|
Time at which the lock ended. |
id -
String!
|
ID of the lock. |
lockedBy -
String!
|
User that created this lock. |
started -
Time!
|
Time at which the lock started. |
unlockedBy -
String
|
User that unlocked this lock. |
updatedAt -
Time!
|
Time at which the lock was updated. |
Example
{
"createdAt": Time,
"ended": Time,
"id": "abc123",
"lockedBy": "xyz789",
"started": Time,
"unlockedBy": "abc123",
"updatedAt": Time
}
ConfigurationChangesLockResponse
The lock status of the configuration engine.
| Field Name | Description |
|---|---|
status -
ConfigurationChangesLockStatus!
|
User that unlocked this lock. |
timestamp -
Time!
|
Time at which the status last changed. |
Example
{
"status": ConfigurationChangesLockStatus,
"timestamp": Time
}
ConfigurationChangesLockStatus
List of possible ConfigurationChangesLockResponse statuses.
| Enum Value | Description |
|---|---|
|
|
Locked |
|
|
Should never be encountered, used in manual adjustments only. |
|
|
Unlocked |
ConfiguredBaseBotSignature
A base Bot Detection signature configured to respond with a different action.
| Field Name | Description |
|---|---|
action -
BotSignatureAction!
|
The signature action. |
enabled -
Boolean!
|
Whether the signature is enabled. |
signature -
BaseBotSignature!
|
The base signature being configured. |
Example
{
"action": BotSignatureAction,
"enabled": true,
"signature": BaseBotSignature
}
ConfiguredBaseBotSignatureInput
Configure an action for a base Bot signature.
| Input Field | Description |
|---|---|
action -
BotSignatureAction!
|
Action to be taken. |
enabled -
Boolean!
|
Whether the signature is enabled. |
id -
String!
|
ID of the signature. |
Example
{
"action": BotSignatureAction,
"enabled": true,
"id": "abc123"
}
ConfiguredBaseWAFSignature
A base WAF signature configured to respond with a different action.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
enabled -
Boolean!
|
Whether the signature is enabled. |
signature -
BaseWAFSignature!
|
The base signature being configured. |
Example
{
"action": WAFAction,
"enabled": false,
"signature": BaseWAFSignature
}
ConfiguredBaseWAFSignatureInput
Configure an action for a base WAF signature.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
id -
String!
|
ID of the signature. |
Example
{"action": WAFAction, "id": "abc123"}
ConfiguredBaseWAFSignaturesWithPagination
A paginated list of base WAF signatures with configured actions.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[ConfiguredBaseWAFSignature!]
|
A list of signatures |
Example
{
"pageInfo": Pagination,
"results": [ConfiguredBaseWAFSignature]
}
ContentType
A content type countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
learn -
Boolean!
|
A flag to enable or disable learning. |
relaxationRules -
ContentTypeRelaxationRulesWithPagination
|
A paginated list of content type relaxation rules. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for content type violations. |
Example
{
"action": WAFAction,
"learn": false,
"relaxationRules": ContentTypeRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
ContentTypeRelaxationRulesWithPagination
A paginated list for content type relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
Contains the current page information. |
results -
[ContentTypeRelaxationRule!]
|
A list of content type relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [ContentTypeRelaxationRule]
}
ContentTypeRuleCount
Content type rule count.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
|
rule -
LearnedContentTypeRule!
|
Example
{
"count": UnsignedInt32,
"rule": LearnedContentTypeRule
}
ContentTypeRuleCountsWithPagination
Content type learning rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
|
results -
[ContentTypeRuleCount!]
|
Example
{
"pageInfo": Pagination,
"results": [ContentTypeRuleCount]
}
CookieConsistency
Cookie consistency countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
learn -
Boolean!
|
A flag to enable or disable learning. |
relaxationRules -
CookieConsistencyRelaxationRulesWithPagination
|
A paginated list of relaxation rules. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for cookie consistency violations. |
Example
{
"action": WAFAction,
"learn": false,
"relaxationRules": CookieConsistencyRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
CookieConsistencyRelaxationRule
A cookie consistency relaxation rule.
| Field Name | Description |
|---|---|
cookieName -
String
|
The cookie name to be exempted. |
enabled -
Boolean!
|
Whether the relaxation rule is enabled. |
isRegex -
Boolean!
|
Whether the cookie name is in regex format. |
Example
{"cookieName": "xyz789", "enabled": false, "isRegex": false}
CookieConsistencyRelaxationRuleInput
A cookie consistency relaxation rule.
| Input Field | Description |
|---|---|
cookieName -
String
|
The cookie name to be exempted. |
enabled -
Boolean! default = true |
Whether the relaxation rule is enabled. |
isRegex -
Boolean! default = false |
Whether the cookie name is in regex format. |
Example
{"cookieName": "xyz789", "enabled": true, "isRegex": false}
CookieConsistencyRelaxationRulesWithPagination
A paginated list of cookie consistency relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[CookieConsistencyRelaxationRule!]
|
A paginated list of relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [CookieConsistencyRelaxationRule]
}
CookieConsistencyRuleCount
Cookie consistency rule count.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
|
rule -
LearnedCookieConsistencyRule!
|
Example
{
"count": UnsignedInt32,
"rule": LearnedCookieConsistencyRule
}
CookieConsistencyRuleCountsWithPagination
Cookie consistency learning rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
|
results -
[CookieConsistencyRuleCount!]
|
Example
{
"pageInfo": Pagination,
"results": [CookieConsistencyRuleCount]
}
CookieSignatureRule
A WAF custom signature cookie rule.
| Field Name | Description |
|---|---|
cookieName -
String
|
The cookie name used in this rule. |
cookieNameFormat -
SignatureRuleFormat!
|
A cookie name format from the allowed list of formats. |
Example
{
"cookieName": "xyz789",
"cookieNameFormat": SignatureRuleFormat
}
CookieSignatureRuleInput
Create a WAF custom signature cookie rule.
| Input Field | Description |
|---|---|
cookieName -
String
|
The cookie name used in this rule. |
cookieNameFormat -
SignatureRuleFormat! default = "ANY" |
A cookie name format from the allowed list of formats. |
Example
{
"cookieName": "xyz789",
"cookieNameFormat": "ANY"
}
CountermeasureName
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CountryCode
ISO 3166-1 alpha-2 country codes
| Enum Value | Description |
|---|---|
|
|
Andorra |
|
|
United Arab Emirates |
|
|
Afghanistan |
|
|
Antigua and Barbuda |
|
|
Anguilla |
|
|
Albania |
|
|
Armenia |
|
|
Angola |
|
|
Netherlands Antilles |
|
|
Antarctica |
|
|
Argentina |
|
|
American Samoa |
|
|
Austria |
|
|
Australia |
|
|
Aruba |
|
|
Åland Islands |
|
|
Azerbaijan |
|
|
Bosnia and Herzegovina |
|
|
Barbados |
|
|
Bangladesh |
|
|
Belgium |
|
|
Burkina Faso |
|
|
Bulgaria |
|
|
Bahrain |
|
|
Burundi |
|
|
Benin |
|
|
Saint Barthélemy |
|
|
Bermuda |
|
|
Brunei Darussalam |
|
|
Bolivia (Plurinational State of) |
|
|
Bonaire, Sint Eustatius and Saba |
|
|
Brazil |
|
|
Bahamas |
|
|
Bhutan |
|
|
Bouvet Island |
|
|
Botswana |
|
|
Belarus |
|
|
Belize |
|
|
Canada |
|
|
Cocos (Keeling) Islands |
|
|
Congo, Democratic Republic of the |
|
|
Central African Republic |
|
|
Congo |
|
|
Switzerland |
|
|
Côte d'Ivoire |
|
|
Cook Islands |
|
|
Chile |
|
|
Cameroon |
|
|
China |
|
|
Colombia |
|
|
Costa Rica |
|
|
Cuba |
|
|
Cabo Verde |
|
|
Curaçao |
|
|
Christmas Island |
|
|
Cyprus |
|
|
Czechia |
|
|
Germany |
|
|
Djibouti |
|
|
Denmark |
|
|
Dominica |
|
|
Dominican Republic |
|
|
Algeria |
|
|
Ecuador |
|
|
Estonia |
|
|
Egypt |
|
|
Western Sahara |
|
|
Eritrea |
|
|
Spain |
|
|
Ethiopia |
|
|
Finland |
|
|
Fiji |
|
|
Falkland Islands (Malvinas) |
|
|
Micronesia (Federated States of) |
|
|
Faroe Islands |
|
|
France |
|
|
Gabon |
|
|
France, Metropolitan |
|
|
United Kingdom of Great Britain and Northern Ireland |
|
|
Grenada |
|
|
Georgia |
|
|
French Guiana |
|
|
Guernsey |
|
|
Ghana |
|
|
Gibraltar |
|
|
Greenland |
|
|
Gambia |
|
|
Guinea |
|
|
Guadeloupe |
|
|
Equatorial Guinea |
|
|
Greece |
|
|
South Georgia and the South Sandwich Islands |
|
|
Guatemala |
|
|
Guam |
|
|
Guinea-Bissau |
|
|
Guyana |
|
|
Hong Kong |
|
|
Heard Island and McDonald Islands |
|
|
Honduras |
|
|
Croatia |
|
|
Haiti |
|
|
Hungary |
|
|
Indonesia |
|
|
Ireland |
|
|
Israel |
|
|
Isle of Man |
|
|
India |
|
|
British Indian Ocean Territory |
|
|
Iraq |
|
|
Iran (Islamic Republic of) |
|
|
Iceland |
|
|
Italy |
|
|
Jersey |
|
|
Jamaica |
|
|
Jordan |
|
|
Japan |
|
|
Kenya |
|
|
Kyrgyzstan |
|
|
Cambodia |
|
|
Kiribati |
|
|
Comoros |
|
|
Saint Kitts and Nevis |
|
|
Korea (Democratic People's Republic of) |
|
|
Korea, Republic of |
|
|
Kuwait |
|
|
Cayman Islands |
|
|
Kazakhstan |
|
|
Lao People's Democratic Republic |
|
|
Lebanon |
|
|
Saint Lucia |
|
|
Liechtenstein |
|
|
Sri Lanka |
|
|
Liberia |
|
|
Lesotho |
|
|
Lithuania |
|
|
Luxembourg |
|
|
Latvia |
|
|
Libya |
|
|
Morocco |
|
|
Monaco |
|
|
Moldova, Republic of |
|
|
Montenegro |
|
|
Saint Martin (French part) |
|
|
Madagascar |
|
|
Marshall Islands |
|
|
North Macedonia |
|
|
Mali |
|
|
Myanmar |
|
|
Mongolia |
|
|
Macao |
|
|
Northern Mariana Islands |
|
|
Martinique |
|
|
Mauritania |
|
|
Montserrat |
|
|
Malta |
|
|
Mauritius |
|
|
Maldives |
|
|
Malawi |
|
|
Mexico |
|
|
Malaysia |
|
|
Mozambique |
|
|
Namibia |
|
|
New Caledonia |
|
|
Niger |
|
|
Norfolk Island |
|
|
Nigeria |
|
|
Nicaragua |
|
|
Netherlands |
|
|
Norway |
|
|
Nepal |
|
|
Nauru |
|
|
Niue |
|
|
New Zealand |
|
|
Oman |
|
|
Panama |
|
|
Peru |
|
|
French Polynesia |
|
|
Papua New Guinea |
|
|
Philippines |
|
|
Pakistan |
|
|
Poland |
|
|
Saint Pierre and Miquelon |
|
|
Pitcairn |
|
|
Puerto Rico |
|
|
Palestine, State of |
|
|
Portugal |
|
|
Palau |
|
|
Paraguay |
|
|
Qatar |
|
|
Réunion |
|
|
Romania |
|
|
Serbia |
|
|
Russian Federation |
|
|
Rwanda |
|
|
Saudi Arabia |
|
|
Solomon Islands |
|
|
Seychelles |
|
|
Sudan |
|
|
Sweden |
|
|
Singapore |
|
|
Saint Helena, Ascension and Tristan da Cunha |
|
|
Slovenia |
|
|
Svalbard and Jan Mayen |
|
|
Slovakia |
|
|
Sierra Leone |
|
|
San Marino |
|
|
Senegal |
|
|
Somalia |
|
|
Suriname |
|
|
South Sudan |
|
|
Sao Tome and Principe |
|
|
El Salvador |
|
|
Sint Maarten (Dutch part) |
|
|
Syrian Arab Republic |
|
|
Eswatini |
|
|
Turks and Caicos Islands |
|
|
Chad |
|
|
French Southern Territories |
|
|
Togo |
|
|
Thailand |
|
|
Tajikistan |
|
|
Tokelau |
|
|
Timor-Leste |
|
|
Turkmenistan |
|
|
Tunisia |
|
|
Tonga |
|
|
Turkey |
|
|
East Timor |
|
|
Trinidad and Tobago |
|
|
Tuvalu |
|
|
Taiwan, Province of China |
|
|
Tanzania, United Republic of |
|
|
Ukraine |
|
|
Uganda |
|
|
United States Minor Outlying Islands |
|
|
United States of America |
|
|
Uruguay |
|
|
Uzbekistan |
|
|
Holy See |
|
|
Saint Vincent and the Grenadines |
|
|
Venezuela (Bolivarian Republic of) |
|
|
Virgin Islands (British) |
|
|
Virgin Islands (U.S.) |
|
|
Viet Nam |
|
|
Vanuatu |
|
|
Wallis and Futuna |
|
|
Samoa |
|
|
Kosovo |
|
|
Yemen |
|
|
Mayotte |
|
|
South Africa |
|
|
Zambia |
|
|
Zimbabwe |
CreateBotBlackListInput
Create a black list countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the black list countermeasure is enabled. |
types -
[BotBlackListBindingInput!]
|
List of black list bindings. |
Example
{"enabled": true, "types": [BotBlackListBindingInput]}
CreateBotCAPTCHAInput
Create a CAPTCHA countermeasure.
| Input Field | Description |
|---|---|
resources -
[BotCAPTCHABindingInput!]
|
List of CAPTCHA bindings. |
Example
{"resources": [BotCAPTCHABindingInput]}
CreateBotDeviceFingerprintInput
Create a device fingerprint countermeasure.
| Input Field | Description |
|---|---|
action -
BotDeviceFingerprintAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
enabled -
Boolean! default = true |
Whether the device fingerprint countermeasure is enabled. |
response -
BotResponse!
|
Response to be taken. |
Example
{
"action": BotDeviceFingerprintAction,
"enabled": true,
"response": BotResponse
}
CreateBotIPReputationInput
Create an IP reputation countermeasure.
| Input Field | Description |
|---|---|
categories -
[BotIPReputationBindingInput!]
|
List of IP reputation bindings. |
enabled -
Boolean! default = true |
Whether the IP reputation countermeasure is enabled. |
Example
{
"categories": [BotIPReputationBindingInput],
"enabled": true
}
CreateBotProfileInput
Create a new bot profile.
| Input Field | Description |
|---|---|
blackList -
CreateBotBlackListInput
|
The black list countermeasure settings. |
botTrap -
CreateBotTrapInput
|
The bot trap countermeasure settings. |
captcha -
CreateBotCAPTCHAInput
|
The CAPTCHA countermeasure settings. |
deviceFingerprint -
CreateBotDeviceFingerprintInput
|
The device fingerprint countermeasure settings. |
enabled -
Boolean! default = true |
Whether the bot profile is enabled. |
ipReputation -
CreateBotIPReputationInput
|
The IP reputation countermeasure settings. |
rateLimit -
CreateBotRateLimitInput
|
The rate limit countermeasure settings. |
signatures -
CreateBotSignaturesInput
|
The bot signatures settings. |
tps -
CreateBotTPSInput
|
The TPS countermeasure settings. |
whiteList -
CreateBotWhiteListInput
|
The white list countermeasure settings. |
Example
{
"blackList": CreateBotBlackListInput,
"botTrap": CreateBotTrapInput,
"captcha": CreateBotCAPTCHAInput,
"deviceFingerprint": CreateBotDeviceFingerprintInput,
"enabled": true,
"ipReputation": CreateBotIPReputationInput,
"rateLimit": CreateBotRateLimitInput,
"signatures": CreateBotSignaturesInput,
"tps": CreateBotTPSInput,
"whiteList": CreateBotWhiteListInput
}
CreateBotRateLimitInput
Create a rate limit countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the rate limit countermeasure is enabled. |
resources -
[BotRateLimitBindingInput!]
|
List of rate limit bindings. |
Example
{"enabled": true, "resources": [BotRateLimitBindingInput]}
CreateBotSignaturesInput
Create bot signatures.
| Input Field | Description |
|---|---|
configuredBaseSignatures -
[ConfiguredBaseBotSignatureInput!]
|
List of bot signatures. |
enabled -
Boolean! default = true |
Whether bot signatures are enabled. |
Example
{
"configuredBaseSignatures": [
ConfiguredBaseBotSignatureInput
],
"enabled": true
}
CreateBotTPSInput
Create a TPS countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the TPS countermeasure is enabled. |
resources -
[BotTPSBindingInput!]
|
List of TPS bindings. |
Example
{"enabled": true, "resources": [BotTPSBindingInput]}
CreateBotTrapInput
Create a bot trap countermeasure.
| Input Field | Description |
|---|---|
action -
BotTrapAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
enabled -
Boolean! default = true |
Whether the bot trap countermeasure is enabled. |
insertionURLs -
[BotTrapBindingInput!]
|
List of bot trap bindings. |
response -
BotResponse!
|
Response to be taken. |
Example
{
"action": BotTrapAction,
"enabled": true,
"insertionURLs": [BotTrapBindingInput],
"response": BotResponse
}
CreateBotWhiteListInput
Create a white list countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the white list countermeasure is enabled. |
types -
[BotWhiteListBindingInput!]
|
List of white list bindings. |
Example
{"enabled": true, "types": [BotWhiteListBindingInput]}
CreateBufferOverflowInput
Create a buffer overflow countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
maxCookieLength -
UnsignedInt16! default = 4096 |
Maximum cookie length (in character, allowed range 0-65535) in requests to the protected web sites. Requests with longer cookie lengths will be blocked. |
maxHeaderLength -
UnsignedInt16! default = 4096 |
Maximum HTTP header length (in characters, allowed range 0-65535) in requests to the protected web sites. Requests with longer headers will be blocked. |
maxURLLength -
UnsignedInt16! default = 1024 |
Maximum URL length (in characters, allowed range 0-65535) of the protected web sites. Requests with longer URLs will be blocked. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for buffer overflow violations. |
Example
{
"action": WAFAction,
"maxCookieLength": 4096,
"maxHeaderLength": 4096,
"maxURLLength": 1024,
"threshold": ThresholdInput
}
CreateCSRFSettingsInput
Create a cross-site request forgery countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
learn -
Boolean! default = false |
A flag to enable or disable learning. |
relaxationRules -
[CSRFRelaxationRuleInput!]
|
A list of CSRF relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for CSRF violations. |
Example
{
"action": WAFAction,
"learn": false,
"relaxationRules": [CSRFRelaxationRuleInput],
"threshold": ThresholdInput
}
CreateCertificateInput
Create a certificate.
| Input Field | Description |
|---|---|
certPEM -
String!
|
Public certificate, and any intermediate, together in PEM format. |
companyDName -
String
|
The identifier of the owning company. |
keyPEM -
String!
|
Private key, in PEM format. |
keyPass -
String
|
Password, only required if keyPEM is encrypted. |
name -
String!
|
Name of the certificate. |
Example
{
"certPEM": "xyz789",
"companyDName": "xyz789",
"keyPEM": "xyz789",
"keyPass": "xyz789",
"name": "xyz789"
}
CreateCertificateOutput
Output from creating a certificate.
| Field Name | Description |
|---|---|
certificate -
Certificate!
|
The created Certificate. |
Example
{"certificate": Certificate}
CreateCommandInjectionInput
Create a command injection countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
commandInjectionType -
CommandInjectionType!
|
A command injection type. |
relaxationRules -
[CommandInjectionRelaxationRuleInput!]
|
A list of command injection relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for command injection violations. |
Example
{
"action": WAFAction,
"commandInjectionType": CommandInjectionType,
"relaxationRules": [
CommandInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
CreateCompanyNotificationConfigurationInput
Create a Company notification configuration.
| Input Field | Description |
|---|---|
company -
String!
|
Company dname identifier. |
Example
{"company": "abc123"}
CreateCompanyNotificationConfigurationOutput
Output from creating a Company notification configuration.
| Field Name | Description |
|---|---|
configuration -
CompanyNotificationConfiguration!
|
Example
{"configuration": CompanyNotificationConfiguration}
CreateContentTypeInput
Create a content type countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
learn -
Boolean! default = false |
A flag to enable or disable learning. |
relaxationRules -
[ContentTypeRelaxationRuleInput!]
|
A list of content type relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for content type violations. |
Example
{
"action": WAFAction,
"learn": false,
"relaxationRules": [ContentTypeRelaxationRuleInput],
"threshold": ThresholdInput
}
CreateCookieConsistencyInput
Create a cookie consistency countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
learn -
Boolean! default = false |
A flag to enable or disable learning. |
relaxationRules -
[CookieConsistencyRelaxationRuleInput!]
|
A list of relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for cookie consistency violations. |
Example
{
"action": WAFAction,
"learn": false,
"relaxationRules": [
CookieConsistencyRelaxationRuleInput
],
"threshold": ThresholdInput
}
CreateDenyURLInput
Create a deny URL countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
regexRules -
[DenyURLRuleInput!]
|
A list of deny URL regex rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for deny URL violations. |
Example
{
"action": WAFAction,
"regexRules": [DenyURLRuleInput],
"threshold": ThresholdInput
}
CreateFieldFormatInput
Create a field format countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
enforcementRules -
[FieldFormatEnforcementRuleInput!]
|
A list of enforcement rules. These are tightening rules, in order to relax some rules you need to remove them from this list. |
learn -
Boolean! default = false |
A flag to enable or disable learning. |
maxLength -
UnsignedInt16! default = 65535 |
Maximum length of the field (in characters, allowed range 0-65535). Please note that distinguishing an integer from an alpha character requires at least one character. |
minLength -
UnsignedInt16! default = 0 |
Minimum length of the field (in characters, allowed range 0-65535). Please note that distinguishing an integer from an alpha character requires at least one character. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for field format violations. |
type -
FieldFormatType!
|
Allowed types for this field. |
Example
{
"action": WAFAction,
"enforcementRules": [FieldFormatEnforcementRuleInput],
"learn": false,
"maxLength": 65535,
"minLength": 0,
"threshold": ThresholdInput,
"type": FieldFormatType
}
CreateFormFieldConsistencyInput
Create a form field consistency countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
fieldConsistencyExemptions -
[FormFieldConsistencyRuleInput!]
|
A list of exemption rules. |
learn -
Boolean! default = false |
A flag to enable or disable learning. |
sessionlessFieldConsistency -
SessionlessFieldConsistency!
|
When turned on, it checks only the web form structure. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for form field consistency violations. |
Example
{
"action": WAFAction,
"fieldConsistencyExemptions": [
FormFieldConsistencyRuleInput
],
"learn": false,
"sessionlessFieldConsistency": SessionlessFieldConsistency,
"threshold": ThresholdInput
}
CreateHTMLSQLInjectionInput
Create an HTML SQL injection countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
checkSQLWildChars -
Boolean!
|
Whether to check for form fields that contain SQL wild chars. |
exemptCommentsWith -
CommentExemption!
|
Exempts all comments of the given type. |
learn -
Boolean! default = false |
A flag to enable or disable learning. |
relaxationRules -
[HTMLSQLInjectionRelaxationRuleInput!]
|
A list of XML SQL injection relaxation rules. |
sqlInjectionType -
SQLInjectionType!
|
A SQL injection type. |
sqliGrammar -
Boolean!
|
Enable SQL Injection grammar |
threshold -
ThresholdInput
|
Appsec Threshold configuration for HTML SQL injection violations. |
Example
{
"action": WAFAction,
"checkSQLWildChars": false,
"exemptCommentsWith": CommentExemption,
"learn": false,
"relaxationRules": [
HTMLSQLInjectionRelaxationRuleInput
],
"sqlInjectionType": SQLInjectionType,
"sqliGrammar": true,
"threshold": ThresholdInput
}
CreateHTMLXSSInput
Create an HTML cross-site scripting countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
checkCompleteURLs -
Boolean! default = false |
A flag to enforce checks for complete URLs for cross-site scripts, instead of just the query portions of URLs. |
learn -
Boolean! default = false |
A flag to enable or disable learning. |
relaxationRules -
[HTMLXSSRelaxationRuleInput!]
|
A list of HTML cross-site scripting relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for HTML cross-site scripting violations. |
Example
{
"action": WAFAction,
"checkCompleteURLs": false,
"learn": false,
"relaxationRules": [HTMLXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
CreateHTTPRFCProfileInput
Create an HTTP RFC Profile countermeasure.
| Input Field | Description |
|---|---|
action -
HTTPRFCProfileAction! default = "BLOCK" |
Action to be taken when there is a non-compliant request. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for HTTP RFC violations. |
Example
{
"action": "BLOCK",
"threshold": ThresholdInput
}
CreateJSONCommandInjectionSettingsInput
Create a JSON command injection Settings Input.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
commandInjectionType -
CommandInjectionType!
|
A Command injection type. |
relaxationRules -
[JSONCommandInjectionRelaxationRuleInput!]
|
A list of command injection rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for json command injection violations. |
Example
{
"action": WAFAction,
"commandInjectionType": CommandInjectionType,
"relaxationRules": [
JSONCommandInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
CreateJSONCrossSiteScriptingSettingsInput
Create a JSON cross-site scripting settings input to protect applications from XSS Attacks through JSON requests
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
relaxationRules -
[JSONXSSRelaxationRuleInput!]
|
A list of JSON XSS rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for JSON XSS violations. |
Example
{
"action": WAFAction,
"relaxationRules": [JSONXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
CreateJSONDenialOfServiceSettingsInput
Create a JSON Denial of Service Settings input to protect applications from Denial of Service Attacks through JSON requests
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
enforcementRule -
JSONDoSEnforcementRuleInput
|
A paginated list of SQL Injection rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for JSON DOS violations. |
Example
{
"action": WAFAction,
"enforcementRule": JSONDoSEnforcementRuleInput,
"threshold": ThresholdInput
}
CreateJSONSQLInjectionSettingsInput
Create a JSON SQL Injection Settings input to protect applications from SQL Injection attacks through JSON requests
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
relaxationRules -
[JSONSQLInjectionRelaxationRuleInput!]
|
A paginated list of SQL Injection rules. |
sqlInjectionType -
SQLInjectionType!
|
A SQL injection type. |
sqliGrammar -
Boolean!
|
Enable SQL Injection grammar. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for JSON SQL injection violations. |
Example
{
"action": WAFAction,
"relaxationRules": [
JSONSQLInjectionRelaxationRuleInput
],
"sqlInjectionType": SQLInjectionType,
"sqliGrammar": true,
"threshold": ThresholdInput
}
CreateJSONSettingsInput
Create a JSON Security Settings input to protect JSON Applications
| Input Field | Description |
|---|---|
jsonCommandInjectionSettings -
CreateJSONCommandInjectionSettingsInput
|
JSON Command Injection Settings. |
jsonCrossSiteScriptingSettings -
CreateJSONCrossSiteScriptingSettingsInput
|
JSON Cross Site Scripting Settings. |
jsonDenialOfServiceSettings -
CreateJSONDenialOfServiceSettingsInput
|
JSON Denial Of Service Settings. |
jsonSQLInjectionSettings -
CreateJSONSQLInjectionSettingsInput
|
JSON SQL Injection Settings. |
Example
{
"jsonCommandInjectionSettings": CreateJSONCommandInjectionSettingsInput,
"jsonCrossSiteScriptingSettings": CreateJSONCrossSiteScriptingSettingsInput,
"jsonDenialOfServiceSettings": CreateJSONDenialOfServiceSettingsInput,
"jsonSQLInjectionSettings": CreateJSONSQLInjectionSettingsInput
}
CreateNetworkControlsInput
Create network controls.
| Input Field | Description |
|---|---|
blockedCountries -
[CountryCode!]
|
A list of blocked countries. |
ipFilterList -
[IPFilterInput!]
|
A list of ip filters. |
Example
{
"blockedCountries": [CountryCode],
"ipFilterList": [IPFilterInput]
}
CreateOneTimeExecutiveReportConfigurationInput
Input Configuration to create a one time reporting job.
| Input Field | Description |
|---|---|
dName -
String!
|
The unique, primary identifier for the company. |
description -
String
|
Description of Report Configuration. |
enabled -
Boolean default = true |
Specifies whether this configuration should generate reports or not. |
from -
Time!
|
Specifies the start of time range from when to pull metrics data for the requested features. |
includeBot -
Boolean
|
Specifies whether to include Bot detection/mitigation metrics in generated report. |
includeDDOS -
Boolean
|
Specifies whether to include DDOS mitigation metrics in generated report. |
includeWAF -
Boolean
|
Specifies whether to include WAF violation metrics in generated report. |
name -
String!
|
Name of Report Configuration. |
notification -
ExecutiveReportNotificationDetailsInput
|
Contains email addresses of recipients of generated report. |
to -
Time!
|
Specifies the end of time range until when to pull metrics data for the requested features. |
Example
{
"dName": "xyz789",
"description": "abc123",
"enabled": true,
"from": Time,
"includeBot": false,
"includeDDOS": false,
"includeWAF": false,
"name": "abc123",
"notification": ExecutiveReportNotificationDetailsInput,
"to": Time
}
CreateOneTimeExecutiveReportConfigurationOutput
Output of creation of a one time report configuration.
| Field Name | Description |
|---|---|
configuration -
OneTimeExecutiveReportConfiguration!
|
One time reporting configuration |
Example
{"configuration": OneTimeExecutiveReportConfiguration}
CreatePOSTBodyInput
Create a POST BODY limit countermeasure.
| Input Field | Description |
|---|---|
limit -
UnsignedInt32! default = 4294967295 |
A post body size limit value. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for post body limit violations. |
Example
{"limit": 4294967295, "threshold": ThresholdInput}
CreatePolicyInput
Create a Policy.
| Input Field | Description |
|---|---|
appSecThresholds -
[AppSecThresholdInput!]
|
The appsec thresholds associated to this policy. |
botProfile -
CreateBotProfileInput
|
The bot profile associated to this policy. |
companyDName -
String
|
The identifier of the owning company. |
name -
String!
|
The name of the policy. |
networkControls -
CreateNetworkControlsInput
|
The network controls associated to this policy. |
responderPolicies -
[ResponderPolicyInput!]
|
The responder polices associated to this policy. |
trustedSources -
[TrustedSourceInput!]
|
The trusted IP sources associated to this policy. Traffic at these sources are used by the learning feature to generate recommendations. |
wafProfile -
CreateWAFProfileInput
|
The WAF profile associated to this policy. |
Example
{
"appSecThresholds": [AppSecThresholdInput],
"botProfile": CreateBotProfileInput,
"companyDName": "abc123",
"name": "abc123",
"networkControls": CreateNetworkControlsInput,
"responderPolicies": [ResponderPolicyInput],
"trustedSources": [TrustedSourceInput],
"wafProfile": CreateWAFProfileInput
}
CreatePolicyOutput
Returned when creating a policy.
| Field Name | Description |
|---|---|
policy -
Policy!
|
The created policy. |
Example
{"policy": Policy}
CreateProxyInput
Create a proxy.
| Input Field | Description |
|---|---|
companyDName -
String
|
Company the proxy configuration belongs to. |
ipVersion -
IPVersion!
|
The IP version of this host. |
name -
String!
|
Friendly name of the proxy configuration. Typically set to the hostname being proxied to the service. |
policyIDs -
[String!]
|
A list of policies associated with this proxy. |
vServers -
[VServerInput!]
|
The back-end origin servers, ports and protocols that bind it to the front-end port. |
Example
{
"companyDName": "abc123",
"ipVersion": IPVersion,
"name": "xyz789",
"policyIDs": ["xyz789"],
"vServers": [VServerInput]
}
CreateProxyOutput
Output from creating a proxy.
| Field Name | Description |
|---|---|
proxy -
Proxy!
|
The created proxy. |
Example
{"proxy": Proxy}
CreateRecurringExecutiveReportConfigurationInput
Input for a create recurring report configuration operation.
| Input Field | Description |
|---|---|
dName -
String!
|
The unique, primary identifier for the company. |
description -
String
|
Description of Report Configuration. |
enabled -
Boolean default = true |
Specifies whether this configuration should generate reports or not. |
from -
Time
|
Specifies the time when the first report should be generated. |
includeBot -
Boolean
|
Specifies whether to include Bot detection/mitigation metrics in generated report. |
includeDDOS -
Boolean
|
Specifies whether to include DDOS mitigation metrics in generated report. |
includeWAF -
Boolean
|
Specifies whether to include WAF violation metrics in generated report. |
name -
String!
|
Name of Report Configuration. |
notification -
ExecutiveReportNotificationDetailsInput
|
Contains email addresses of recipients of generated report. |
period -
ExecutiveReportPeriodInput!
|
Specifies the time period for which metrics need to be looked up for the requested features. |
to -
Time
|
Specifies the time when the last report in this series should be generated. The configuration expires after this time. |
Example
{
"dName": "abc123",
"description": "xyz789",
"enabled": true,
"from": Time,
"includeBot": false,
"includeDDOS": false,
"includeWAF": true,
"name": "abc123",
"notification": ExecutiveReportNotificationDetailsInput,
"period": ExecutiveReportPeriodInput,
"to": Time
}
CreateRecurringExecutiveReportConfigurationOutput
Represents output of a create recurring executive report configuration operation.
| Field Name | Description |
|---|---|
configuration -
RecurringExecutiveReportConfiguration!
|
Configuration of recurring report job. |
Example
{"configuration": RecurringExecutiveReportConfiguration}
CreateSAMLInput
Input needed to create a SAML connection in Auth0.
| Input Field | Description |
|---|---|
dName -
String!
|
Company DName. |
domain -
[String!]
|
List of Domain Names. |
protocolBinding -
Protocol
|
Protocol Binding. |
requestTemplate -
String
|
Request template in XML format. |
signInURL -
String!
|
Login URL for redirect. |
signatureAlgorithm -
Algorithm
|
Algorithm used in signature. |
signatureDigestAlgorithm -
Algorithm
|
DigestAlgorithm used in signature. |
signatureRequest -
Boolean
|
Signature requested from IDP. |
sslCertificate -
String!
|
SSL Certificate of the IDP. |
userIDAttributes -
String
|
User Attributes. |
Example
{
"dName": "abc123",
"domain": ["abc123"],
"protocolBinding": Protocol,
"requestTemplate": "abc123",
"signInURL": "xyz789",
"signatureAlgorithm": Algorithm,
"signatureDigestAlgorithm": Algorithm,
"signatureRequest": false,
"sslCertificate": "abc123",
"userIDAttributes": "xyz789"
}
CreateSemicolonFieldSeparatorInput
Create a Semicolon field separator countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = false |
Whether the countermeasure is enabled. |
Example
{"enabled": false}
CreateUserInput
Create a User.
| Input Field | Description |
|---|---|
company -
String!
|
Company. |
email -
String!
|
User email. |
firstName -
String!
|
First name. |
jobTitle -
String
|
Job title. |
lastName -
String!
|
Last name. |
mobile -
String
|
Mobile number. |
phone -
String
|
Phone number. |
roles -
[UserRole!]!
|
Roles. |
Example
{
"company": "xyz789",
"email": "abc123",
"firstName": "xyz789",
"jobTitle": "abc123",
"lastName": "abc123",
"mobile": "abc123",
"phone": "xyz789",
"roles": [UserRole]
}
CreateUserNotificationConfigurationOutput
Output from Creating a User notification configuration.
| Field Name | Description |
|---|---|
configuration -
UserNotificationConfiguration!
|
Example
{"configuration": UserNotificationConfiguration}
CreateUserOutput
Returned when creating a user.
| Field Name | Description |
|---|---|
user -
User!
|
The created user. |
Example
{"user": User}
CreateWAFProfileInput
Create a WAF profile.
| Input Field | Description |
|---|---|
bufferOverflow -
CreateBufferOverflowInput
|
The buffer overflow countermeasure settings. |
commandInjection -
CreateCommandInjectionInput
|
The Command Injection countermeasure settings. |
contentType -
CreateContentTypeInput
|
The content type countermeasure settings. |
cookieConsistency -
CreateCookieConsistencyInput
|
The cookie consistency countermeasure settings. |
crossSiteScripting -
CreateHTMLXSSInput
|
The HTML cross-site scripting countermeasure settings. |
csrfSettings -
CreateCSRFSettingsInput
|
The CSRF countermeasure settings. |
denyURL -
CreateDenyURLInput
|
The deny URL countermeasure settings. |
enabled -
Boolean! default = true |
Whether the WAF profile is enabled. |
fieldConsistency -
CreateFormFieldConsistencyInput
|
The form field consistency countermeasure settings. |
fieldFormat -
CreateFieldFormatInput
|
The field format countermeasure settings. |
htmlSQLInjection -
CreateHTMLSQLInjectionInput
|
The HTML SQL Injection countermeasure settings. |
httpRFCProfile -
CreateHTTPRFCProfileInput
|
Check requests for HTTP RFC non compliance. |
jsonSettings -
CreateJSONSettingsInput
|
The JSON related countermeasure settings. |
postBody -
CreatePOSTBodyInput
|
Limits the request payload size. |
semicolonFieldSeparator -
CreateSemicolonFieldSeparatorInput
|
Allow or disallow semicolon field separator between request fields. |
signatures -
CreateWAFSignaturesInput
|
The WAF signatures settings. |
wsiSettings -
CreateWSISettingsInput
|
The web service interoperability countermeasure settings. |
xmlCrossSiteScripting -
CreateXMLXSSInput
|
The XML cross-site scripting countermeasure settings. |
xmlFormat -
CreateXMLFormatInput
|
The XML format countermeasure settings. |
xmlSOAPFault -
CreateXMLSOAPFaultInput
|
The XML SOAP fault countermeasure settings. |
xmlSQLInjection -
CreateXMLSQLInjectionInput
|
The XML SQL Injection countermeasure settings. |
Example
{
"bufferOverflow": CreateBufferOverflowInput,
"commandInjection": CreateCommandInjectionInput,
"contentType": CreateContentTypeInput,
"cookieConsistency": CreateCookieConsistencyInput,
"crossSiteScripting": CreateHTMLXSSInput,
"csrfSettings": CreateCSRFSettingsInput,
"denyURL": CreateDenyURLInput,
"enabled": true,
"fieldConsistency": CreateFormFieldConsistencyInput,
"fieldFormat": CreateFieldFormatInput,
"htmlSQLInjection": CreateHTMLSQLInjectionInput,
"httpRFCProfile": CreateHTTPRFCProfileInput,
"jsonSettings": CreateJSONSettingsInput,
"postBody": CreatePOSTBodyInput,
"semicolonFieldSeparator": CreateSemicolonFieldSeparatorInput,
"signatures": CreateWAFSignaturesInput,
"wsiSettings": CreateWSISettingsInput,
"xmlCrossSiteScripting": CreateXMLXSSInput,
"xmlFormat": CreateXMLFormatInput,
"xmlSOAPFault": CreateXMLSOAPFaultInput,
"xmlSQLInjection": CreateXMLSQLInjectionInput
}
CreateWAFSignaturesInput
Create WAF signatures for a Policy.
| Input Field | Description |
|---|---|
configuredBaseSignatures -
[ConfiguredBaseWAFSignatureInput!]
|
A list of signatures for a policy configured from a list of available base signatures. |
customSignatures -
[CustomWAFSignatureInput!]
|
A list of custom signatures created for a policy. |
Example
{
"configuredBaseSignatures": [
ConfiguredBaseWAFSignatureInput
],
"customSignatures": [CustomWAFSignatureInput]
}
CreateWSISettingsInput
Create a web services interoperability countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
learn -
Boolean! default = false |
A flag to enable or disable learning. |
standards -
[WSIStandardInput!]
|
A list of WSI standards. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for WSI violations. |
Example
{
"action": WAFAction,
"learn": false,
"standards": [WSIStandardInput],
"threshold": ThresholdInput
}
CreateXMLFormatInput
Create an XML format countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for XML format violations. |
Example
{
"action": WAFAction,
"threshold": ThresholdInput
}
CreateXMLSOAPFaultInput
Create an XML SOAP fault countermeasure.
| Input Field | Description |
|---|---|
action -
XMLSOAPFaultAction!
|
Action to be taken. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for XML format violations. |
Example
{
"action": XMLSOAPFaultAction,
"threshold": ThresholdInput
}
CreateXMLSQLInjectionInput
Create an HTML SQL injection countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
checkSQLWildChars -
Boolean!
|
Whether to check for form fields that contain SQL wild chars. |
exemptCommentsWith -
CommentExemption!
|
Exempts all comments of the given type. |
relaxationRules -
[XMLSQLInjectionRelaxationRuleInput!]
|
A list of XML SQL injection relaxation rules. |
sqlInjectionType -
SQLInjectionType!
|
An XML SQL injection type. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for XML SQL injection violations. |
Example
{
"action": WAFAction,
"checkSQLWildChars": true,
"exemptCommentsWith": CommentExemption,
"relaxationRules": [XMLSQLInjectionRelaxationRuleInput],
"sqlInjectionType": SQLInjectionType,
"threshold": ThresholdInput
}
CreateXMLXSSInput
Create an XML cross-site scripting countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
relaxationRules -
[XMLXSSRelaxationRuleInput!]
|
A list of XML cross-site scripting relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for XML cross-site scripting violations. |
Example
{
"action": WAFAction,
"relaxationRules": [XMLXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
CustomWAFSignature
A WAF custom signature.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
category -
String!
|
Category of the signature. |
description -
String!
|
Description of the signature. |
requestRules -
[SignatureRequestRule!]
|
List of request rules. |
responseRules -
[SignatureResponseRule!]
|
List of response rules. |
Example
{
"action": WAFAction,
"category": "xyz789",
"description": "abc123",
"requestRules": [SignatureRequestRule],
"responseRules": [SignatureResponseRule]
}
CustomWAFSignatureInput
Specify a WAF custom signature.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
category -
String!
|
Category of the signature. |
description -
String!
|
Description of the signature. |
requestRules -
[SignatureRequestRuleInput!]
|
List of request rules. |
responseRules -
[SignatureResponseRuleInput!]
|
List of response rules. |
Example
{
"action": WAFAction,
"category": "xyz789",
"description": "abc123",
"requestRules": [SignatureRequestRuleInput],
"responseRules": [SignatureResponseRuleInput]
}
CustomWAFSignaturesWithPagination
A list of WAF custom signatures with pagination.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[CustomWAFSignature!]
|
A list of custom signatures. |
Example
{
"pageInfo": Pagination,
"results": [CustomWAFSignature]
}
CustomerFilterInput
Filters queries for customers.
| Input Field | Description |
|---|---|
activationState -
FeatureActivationState
|
Filter to specify whether the requested feature on which search is carried out is purchased and/or enabled in the portal. |
bgpAlwaysOn -
FeatureActivationState
|
Filter to include companies that have the BGP Always On offering purchased and/or enabled in the portal. |
bgpOnDemand -
FeatureActivationState
|
Filter to include companies that have the BGP On Demand offering purchased and/or enabled in the portal. |
corporateNameSubstring -
String
|
Search for companies with the same substring in their corporateName. |
dNamePrefix -
String
|
Prefix to search for companies with the same substring prefix in their dNames. |
detectionAndAlertingActivation -
FeatureActivationState
|
Filter to include companies that have the Detection and Alerting offering purchased and/or enabled in the portal. |
includeDeleted -
Boolean! default = false |
Specifies whether deleted companies should be included in the query results. |
includeDisabled -
Boolean! default = false |
Specifies whether companies disabled in the portal should be included in the query results. |
maxDepth -
Int! default = 0 |
Specifies how many levels of resellers or companies of resellers should be retrieved. A value of zero will retrieve all levels. |
proxyActivation -
FeatureActivationState
|
Filter to include companies that have the L7 Proxy offering purchased and/or enabled in the portal. |
wafActivation -
FeatureActivationState
|
Filter to include companies that have the Web Application Firewall offering purchased and/or enabled in the portal. |
Example
{
"activationState": FeatureActivationState,
"bgpAlwaysOn": FeatureActivationState,
"bgpOnDemand": FeatureActivationState,
"corporateNameSubstring": "abc123",
"dNamePrefix": "xyz789",
"detectionAndAlertingActivation": FeatureActivationState,
"includeDeleted": false,
"includeDisabled": false,
"maxDepth": 0,
"proxyActivation": FeatureActivationState,
"wafActivation": FeatureActivationState
}
DDOSAlert
An alert sent in response to an DDoS attack, system error, configuration issue, etc.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
detailsTraffic -
AlertDetailsTraffic
|
The traffic details of the alert. |
end -
Time
|
The end time of the alert. A non-zero value of end time means that the alert has ended or finished. |
id -
String!
|
The identifier of the alert. |
providerAlertID -
String!
|
The Arbor Created ID. |
severity -
Severity!
|
An indication of how critical the Alert is. |
start -
Time!
|
The start time of the alert |
type -
AlertType!
|
A boolean value that indicates whether or not the alert is an Infrastructure alert |
Example
{
"company": Company,
"detailsTraffic": AlertDetailsTraffic,
"end": Time,
"id": "abc123",
"providerAlertID": "xyz789",
"severity": Severity,
"start": Time,
"type": AlertType
}
DDOSBGPDownAlertDetails
| Field Name | Description |
|---|---|
sessionName -
String
|
Example
{"sessionName": "xyz789"}
DDOSCloudSignalFaultAlertDetails
| Field Name | Description |
|---|---|
description -
String
|
Example
{"description": "xyz789"}
DDOSCloudSignalMitigationRequestAlertDetails
| Field Name | Description |
|---|---|
annotations -
[Annotation!]
|
|
appliances -
[String!]!
|
|
prefixes -
[String!]
|
Example
{
"annotations": [Annotation],
"appliances": ["abc123"],
"prefixes": ["xyz789"]
}
DDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
DDOSDNAAlertDetails
| Field Name | Description |
|---|---|
alertClassification -
AlertClassification!
|
|
annotations -
[Annotation!]
|
|
countries -
[CountryCode]!
|
|
deviceGID -
String!
|
|
elements -
[Element!]!
|
|
hostAddress -
String!
|
|
impactBPS -
Float!
|
|
impactBoundary -
String!
|
|
impactPPS -
Float!
|
|
ipVersion -
IPVersion!
|
|
managedObjectName -
String!
|
|
misuseTypes -
[String!]!
|
|
misuseTypesRates -
[MisuseType!]!
|
|
mitigationIDs -
[String!]!
|
|
routerStatistics -
[RouterStatistics!]!
|
|
severityPercent -
Float!
|
|
severityThreshold -
Float!
|
|
severityUnit -
TrafficRateUnit!
|
|
siteCode -
String!
|
|
siteCountry -
String!
|
|
siteName -
String!
|
|
subType -
DNAAlertSubType!
|
Example
{
"alertClassification": AlertClassification,
"annotations": [Annotation],
"countries": [CountryCode],
"deviceGID": "xyz789",
"elements": [Element],
"hostAddress": "xyz789",
"impactBPS": 123.45,
"impactBoundary": "abc123",
"impactPPS": 123.45,
"ipVersion": IPVersion,
"managedObjectName": "abc123",
"misuseTypes": ["xyz789"],
"misuseTypesRates": [MisuseType],
"mitigationIDs": ["abc123"],
"routerStatistics": [RouterStatistics],
"severityPercent": 987.65,
"severityThreshold": 123.45,
"severityUnit": TrafficRateUnit,
"siteCode": "abc123",
"siteCountry": "abc123",
"siteName": "xyz789",
"subType": DNAAlertSubType
}
DDOSFilterList
DDOS Filter Lists as defined by the user or inline within a template.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
description -
String
|
The description of the filter list. |
entries -
[String!]!
|
Array of filter list entries based on the value of the listType attribute:" BLACK_WHITE_IPV4: IPv4 FCAP expressions BLACK_WHITE_IPV6: IPv6 FCAP expressions ADDRESS_IPV4: IPv4 CIDRs or addresses ADDRESS_IPV6: IPv6 CIDRs or addresses IP_LOCATION: Two-letter ISO 3166 country codes |
filterType -
FilterType!
|
Indicates whether this filter list is user defined or an inline filter. |
id -
String!
|
Identifier of the filter list, either the filter ID or the template ID. |
listType -
FilterListType!
|
Type of data contained in this Filter List. |
listTypeLabel -
String!
|
Display label for the type of data contained in this Filter List. |
name -
String!
|
Name of the filter list. |
usedInAutoMitigation -
Boolean!
|
Indicates if this Filter List is used in an Auto Mitigation. |
usedInTemplate -
Boolean!
|
Indicates if this Filter List is used in a Template. |
Example
{
"company": Company,
"description": "abc123",
"entries": ["abc123"],
"filterType": FilterType,
"id": "abc123",
"listType": FilterListType,
"listTypeLabel": "abc123",
"name": "abc123",
"usedInAutoMitigation": false,
"usedInTemplate": false
}
DDOSFlowDownAlertDetails
| Field Name | Description |
|---|---|
description -
String
|
Example
{"description": "xyz789"}
DDOSMitigation
Represents a DDOS Mitigation.
| Field Name | Description |
|---|---|
activeDestinationIPs -
[CIDR!]
|
Use activePrefixes.
|
activePrefixes -
[CIDR!]
|
|
alerts -
[DDOSAlert]
|
|
annotations -
[Annotation]
|
|
company -
Company!
|
The company object. |
countermeasures -
[DDOSCountermeasure!]!
|
|
end -
Time
|
The end time of the mitigation. A non-zero value of end time means that the mitigation has ended or finished. |
event -
Event
|
The event associated with this mitigation. |
historicalDestinationIPs -
[CIDR!]
|
Use historicalPrefixes.
|
historicalPrefixes -
[CIDR!]
|
|
id -
String!
|
The identifier of this mitigaiton. |
ipVersion -
IPVersion!
|
|
managedObject -
ManagedObject
|
|
mitigationTemplate -
MitigationTemplate
|
|
name -
String!
|
|
providerMitigationID -
String!
|
|
start -
Time!
|
The start time of the mitigaiton |
traffic -
[TrafficData!]
|
Example
{
"activeDestinationIPs": [CIDR],
"activePrefixes": [CIDR],
"alerts": [DDOSAlert],
"annotations": [Annotation],
"company": Company,
"countermeasures": [DDOSCountermeasure],
"end": Time,
"event": Event,
"historicalDestinationIPs": [CIDR],
"historicalPrefixes": [CIDR],
"id": "abc123",
"ipVersion": IPVersion,
"managedObject": ManagedObject,
"mitigationTemplate": MitigationTemplate,
"name": "xyz789",
"providerMitigationID": "abc123",
"start": Time,
"traffic": [TrafficData]
}
DDOSOnNetworkAlertDetails
| Field Name | Description |
|---|---|
alertClassification -
AlertClassification!
|
|
annotations -
[Annotation!]
|
|
countries -
[CountryCode]!
|
|
deviceGID -
String!
|
|
elements -
[Element!]!
|
|
hostAddress -
String!
|
|
impactBPS -
Float!
|
|
impactBoundary -
String!
|
|
impactPPS -
Float!
|
|
ipVersion -
IPVersion!
|
|
managedObjectName -
String!
|
|
misuseTypes -
[String!]!
|
|
misuseTypesRates -
[MisuseType!]!
|
|
mitigationIDs -
[String!]!
|
|
routerStatistics -
[RouterStatistics!]!
|
|
severityPercent -
Float!
|
|
severityThreshold -
Float!
|
|
severityUnit -
TrafficRateUnit!
|
|
siteCode -
String!
|
|
siteCountry -
String!
|
|
siteName -
String!
|
|
subType -
OnNetworkAlertSubType!
|
Example
{
"alertClassification": AlertClassification,
"annotations": [Annotation],
"countries": [CountryCode],
"deviceGID": "xyz789",
"elements": [Element],
"hostAddress": "abc123",
"impactBPS": 123.45,
"impactBoundary": "xyz789",
"impactPPS": 123.45,
"ipVersion": IPVersion,
"managedObjectName": "xyz789",
"misuseTypes": ["xyz789"],
"misuseTypesRates": [MisuseType],
"mitigationIDs": ["xyz789"],
"routerStatistics": [RouterStatistics],
"severityPercent": 987.65,
"severityThreshold": 987.65,
"severityUnit": TrafficRateUnit,
"siteCode": "abc123",
"siteCountry": "abc123",
"siteName": "abc123",
"subType": OnNetworkAlertSubType
}
DDOSSNMPDownAlertDetails
| Field Name | Description |
|---|---|
description -
String
|
Example
{"description": "xyz789"}
DDOSTunnelAlertDetails
| Field Name | Description |
|---|---|
ifAlias -
String
|
|
meta -
GREInterface
|
|
nodeName -
String
|
|
status -
String
|
Example
{
"ifAlias": "xyz789",
"meta": GREInterface,
"nodeName": "xyz789",
"status": "xyz789"
}
DNAAlertSubType
Detected DNA attack.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
DNSAuthDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
mode -
String!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"mode": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
DNSMalformedDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
DNSNxRateLimitingDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
DNSObjectRateLimitingDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
limit -
Int!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"limit": 987,
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
DNSRateLimitingDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
limit -
Int!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"limit": 987,
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
DNSRegexDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
matchDirection -
String!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"matchDirection": "abc123",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
DNSScopingDDOSCountermeasure
| Field Name | Description |
|---|---|
applyOnMatch -
Boolean!
|
|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"applyOnMatch": false,
"company": Company,
"id": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
DeleteCandidateACLOutput
Returned when deleting a Candidate ACL.
| Field Name | Description |
|---|---|
companyDName -
String!
|
The identifier of the Candidate ACL that will be deleted. |
Example
{"companyDName": "xyz789"}
DeleteCertificateInput
Input for deleting a certificate.
| Input Field | Description |
|---|---|
id -
String!
|
ID of the certificate to delete. |
Example
{"id": "abc123"}
DeleteCertificateOutput
Output from deleting a certificate.
| Field Name | Description |
|---|---|
deletedCertificateID -
String!
|
ID of the deleted certificate. |
Example
{"deletedCertificateID": "xyz789"}
DeleteCompanyUsersInput
Delete users for a company.
| Input Field | Description |
|---|---|
dName -
String!
|
The DName of the company. |
Example
{"dName": "abc123"}
DeleteCompanyUsersOutput
A deleted company users response.
| Field Name | Description |
|---|---|
deletedUsers -
[User!]
|
The deleted users. |
Example
{"deletedUsers": [User]}
DeleteDraftACLInput
Delete a Draft ACL.
| Input Field | Description |
|---|---|
companyDName -
String!
|
The identifier of the owning company. |
Example
{"companyDName": "abc123"}
DeleteDraftACLOutput
Returned when deleting a Draft ACL.
| Field Name | Description |
|---|---|
companyDName -
String!
|
The identifier of the Draft ACL that will be deleted. |
Example
{"companyDName": "xyz789"}
DeleteExecutiveReportInput
Input required to delete a generated executive report.
| Input Field | Description |
|---|---|
id -
String!
|
ID of the generated executive report to be deleted. |
Example
{"id": "abc123"}
DeleteExecutiveReportOutput
Represents a deleted executive report.
| Field Name | Description |
|---|---|
deletedExecutiveReportID -
String!
|
ID of the generated executive report that was deleted. |
Example
{"deletedExecutiveReportID": "xyz789"}
DeleteOneTimeExecutiveReportConfigurationInput
Input required to delete a one time executive report configuration.
| Input Field | Description |
|---|---|
id -
String!
|
ID of the executive report configuration to be deleted. |
Example
{"id": "xyz789"}
DeleteOneTimeExecutiveReportConfigurationOutput
One time executive report configuration that was deleted.
| Field Name | Description |
|---|---|
deletedOneTimeExecutiveReportConfigurationID -
String!
|
ID of the deleted one time executive report configuration. |
Example
{"deletedOneTimeExecutiveReportConfigurationID": "abc123"}
DeletePolicyInput
Delete a policy.
| Input Field | Description |
|---|---|
id -
String!
|
ID of the policy to be deleted. |
Example
{"id": "abc123"}
DeletePolicyOutput
A deleted policy response.
| Field Name | Description |
|---|---|
deletedPolicyID -
String!
|
ID of the policy deleted. |
Example
{"deletedPolicyID": "xyz789"}
DeleteRecurringExecutiveReportConfigurationInput
Input required to delete a recurring executive report configuration.
| Input Field | Description |
|---|---|
id -
String!
|
ID of the one time executive report configuration to be deleted. |
Example
{"id": "abc123"}
DeleteRecurringExecutiveReportConfigurationOutput
Represents a deleted recurring executive report configuration.
| Field Name | Description |
|---|---|
deletedRecurringExecutiveReportConfigurationID -
String!
|
ID of the deleted recurring executive report configuration. |
Example
{"deletedRecurringExecutiveReportConfigurationID": "xyz789"}
DeleteRunningACLOutput
Returned when deleting a Running ACL.
| Field Name | Description |
|---|---|
companyDName -
String!
|
The identifier of the Running ACL that will be deleted. |
Example
{"companyDName": "abc123"}
DeleteUserInput
Delete a user.
| Input Field | Description |
|---|---|
id -
String!
|
ID of the user to be deleted. |
Example
{"id": "abc123"}
DeleteUserOutput
A deleted user response.
| Field Name | Description |
|---|---|
deletedUserID -
String!
|
ID of the user deleted. |
Example
{"deletedUserID": "xyz789"}
DenyURL
A deny URL countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
regexRules -
DenyURLRulesWithPagination
|
A paginated list of deny URL regex rules. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for deny URL violations. |
Example
{
"action": WAFAction,
"regexRules": DenyURLRulesWithPagination,
"threshold": AppSecThreshold
}
DenyURLRule
A Deny URL Regex Rule.
| Field Name | Description |
|---|---|
denyURL -
String
|
The Deny URL text value. Value will be empty in case of ALL Deny URL Type. |
enabled -
Boolean!
|
Whether the rule is enabled. |
type -
DenyURLType!
|
Type of the Deny URL. |
Example
{
"denyURL": "abc123",
"enabled": false,
"type": DenyURLType
}
DenyURLRuleInput
Create a Deny URL Regex Rule.
| Input Field | Description |
|---|---|
denyURL -
String
|
The Deny URL text value. Value will be null in case of ALL Deny URL Type. |
enabled -
Boolean! default = true |
Whether the rule is enabled. |
type -
DenyURLType!
|
Type of the Deny URL. |
Example
{
"denyURL": "xyz789",
"enabled": true,
"type": DenyURLType
}
DenyURLRulesWithPagination
A paginated list for deny URL rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[DenyURLRule!]
|
A list of deny URL rules. |
Example
{
"pageInfo": Pagination,
"results": [DenyURLRule]
}
DenyURLType
Allowed list of values for the Deny URL Regex Rule Type.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
DetectionAndAlertingPackage
Specifies Detection and Alerting configuration for company.
| Field Name | Description |
|---|---|
companyDName -
String!
|
The identifier of the owning company. |
enabled -
Boolean!
|
Whether D&A is enabled for the Company. |
escalationNotes -
String
|
Useful notes about this configuration. |
managedObjects -
[ManagedObject!]
|
List of managed objects configured for detection and alerting. |
routers -
[Router!]
|
List of routers configured for detection and alerting. |
Example
{
"companyDName": "xyz789",
"enabled": true,
"escalationNotes": "abc123",
"managedObjects": [ManagedObject],
"routers": [Router]
}
EMail
Email elements
| Field Name | Description |
|---|---|
fromAddr -
String!
|
From Address to display for company. |
resetIntroText -
String!
|
Reset Intro text for company. |
resetOutroText -
String!
|
Reset Outro text for company. |
resetSignatureText -
String!
|
Reset Signature to display for company. |
welcomeIntroText -
String!
|
Welcome Intro text for company that marks the beginnig of page content. |
welcomeOutroText -
String!
|
Welcome Outro text for company that marks the end of page content. |
welcomeSignatureText -
String!
|
Welcome signature text to display for company. |
Example
{
"fromAddr": "xyz789",
"resetIntroText": "xyz789",
"resetOutroText": "abc123",
"resetSignatureText": "xyz789",
"welcomeIntroText": "abc123",
"welcomeOutroText": "xyz789",
"welcomeSignatureText": "abc123"
}
Element
| Field Name | Description |
|---|---|
attributes -
[Attribute!]!
|
|
type -
String!
|
Example
{"attributes": [Attribute], "type": "abc123"}
EmailConfiguration
Represents the Email channel-specific configuration.
| Field Name | Description |
|---|---|
emailAddresses -
[String!]
|
The email addresses that we send email notifications to. |
Example
{"emailAddresses": ["abc123"]}
EmailConfigurationInput
Represents the Email channel-specific configuration input.
| Input Field | Description |
|---|---|
emailAddresses -
[String!]
|
The email addresses that we send email notifications to. |
Example
{"emailAddresses": ["abc123"]}
Event
Represents the event object.
| Field Name | Description |
|---|---|
activePrefixes -
[CIDR!]!
|
The list of active prefixes. |
company -
Company!
|
The company object. |
destinationIPs -
[CIDR!]
|
Use activePrefixes and historicalPrefixes.
|
end -
Time
|
The end time of the event. A non-zero value of end time means that the event has ended or finished. |
historicalPrefixes -
[CIDR!]!
|
The list of historical prefixes. |
id -
String!
|
The identifier of the event. |
mitigation -
Mitigation
|
Details of a specific mitigation.
Use mitigations providing ID in filter.
|
|
Arguments
|
|
mitigations -
MitigationsWithPagination!
|
The list of mitigations associated with an event. |
|
Arguments
The filters that can be applied to scope the specific list of mitigations.
The page number to fetch results. It takes a non-zero number. If omitted, default value of 1 is applied.
The maximum number of results to show per page. If omitted, default value of 50 is applied.
The sortBy sorts the results based on the specific sort field order. If omitted, results are sorted based on the descending order of the start field. |
|
start -
Time!
|
The start time of the event |
Example
{
"activePrefixes": [CIDR],
"company": Company,
"destinationIPs": [CIDR],
"end": Time,
"historicalPrefixes": [CIDR],
"id": "xyz789",
"mitigation": Mitigation,
"mitigations": MitigationsWithPagination,
"start": Time
}
EventDimension
One of the sorted order fields.
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the END time. |
|
|
The ascending order based on the START time. |
EventFilterInput
The filters that can be applied to scope the list of events.
| Input Field | Description |
|---|---|
active -
Boolean
|
The filter to fetch active or finished events. By default all events are retrieved. When active is set to true, only active events are fetched. When active is set to false, only finished events are fetched. |
alertid -
String
|
The identifier for an alert associated with an event. |
id -
String
|
The identifier of an event. |
prefixes -
[CIDR!]
|
The prefix(es) that you would like to filter events. |
providers -
[MitigationType!]
|
A provider(s) that you would like to filter events on. |
Example
{
"active": false,
"alertid": "abc123",
"id": "xyz789",
"prefixes": [CIDR],
"providers": [MitigationType]
}
EventSortBy
EventsSortBy sorting.
| Input Field | Description |
|---|---|
dimension -
EventDimension! default = "START" |
The dimension to sort by. |
direction -
SortDirection! default = "DESCENDING" |
The direction to sort in. |
Example
{
"dimension": "START",
"direction": "DESCENDING"
}
EventsWithPagination
Represents the list of events along with pagination details.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The pagination details. |
results -
[Event!]
|
The list of events. |
Example
{
"pageInfo": Pagination,
"results": [Event]
}
ExecutiveReport
Defines a Report.
| Field Name | Description |
|---|---|
generatedTimestamp -
Time
|
Timestamp when report was generated successfully or was marked as failed. |
id -
String!
|
ID of the generated report. |
reportBody -
String!
|
Generated report. |
status -
ExecutiveReportStatus!
|
Status of report generation. |
statusDetails -
[String!]
|
Additional information if any on report generation status, like notification errors etc. |
Example
{
"generatedTimestamp": Time,
"id": "xyz789",
"reportBody": "xyz789",
"status": ExecutiveReportStatus,
"statusDetails": ["abc123"]
}
ExecutiveReportConfiguration
Union type combining one time and recurring report configurations.
| Union Types |
|---|
ExecutiveReportConfigurationFilterInput
Report configuration filter input for report configuration queries.
| Input Field | Description |
|---|---|
excludeBot -
Boolean default = false |
If true, will exclude configurations generating a Bot mitigation summary in their reports. |
excludeDDoS -
Boolean default = false |
If true, will exclude configurations generating a DDoS mitigation summary in their reports. |
excludeWAF -
Boolean default = false |
If true, will exclude configurations generating a WAF violation summary in their reports. |
from -
Time
|
Will include report configurations created from and after this timestamp. |
id -
String
|
Report config ID to search on. |
includeDisabled -
Boolean default = false |
If true, will include disabled report configurations in the result set. |
includeExpired -
Boolean default = false |
If true, will include expired report configurations in the result set. |
name -
String
|
Substring search of name |
reportType -
ExecutiveReportType
|
Type of report generated by requested configuration. |
to -
Time
|
Will include report configuration created until this timestamp. |
Example
{
"excludeBot": false,
"excludeDDoS": false,
"excludeWAF": false,
"from": Time,
"id": "xyz789",
"includeDisabled": false,
"includeExpired": false,
"name": "abc123",
"reportType": ExecutiveReportType,
"to": Time
}
ExecutiveReportFilterInput
Input filter for Report queries.
| Input Field | Description |
|---|---|
endDate -
Time
|
Query for reports by date range end timestamp. |
id -
String
|
Report ID to search on. |
reportConfigurationName -
String
|
Query by the report configuration name. |
reportType -
ExecutiveReportType
|
Query by report type (one-time/recurring). |
startDate -
Time
|
Query for reports by date range start timestamp. |
Example
{
"endDate": Time,
"id": "abc123",
"reportConfigurationName": "abc123",
"reportType": ExecutiveReportType,
"startDate": Time
}
ExecutiveReportNotificationDetails
Notification configuration for report recipients.
| Field Name | Description |
|---|---|
emailList -
[String!]
|
List of email recipients |
Example
{"emailList": ["abc123"]}
ExecutiveReportNotificationDetailsInput
Input notification configuration for report receipients.
| Input Field | Description |
|---|---|
emailList -
[String!]
|
List of email recipients |
Example
{"emailList": ["abc123"]}
ExecutiveReportPeriod
Periodicity of report generation.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ExecutiveReportPeriodInput
Periodicity of report generation supplied as input.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ExecutiveReportStatus
Status of report generation.
| Enum Value | Description |
|---|---|
|
|
Indicates report generation is in progress. |
|
|
Indicates successful report generation but failed notification. |
|
|
Indicates failed report generation. |
|
|
Indicates successful report generation and notification. |
ExecutiveReportType
Type of report.
| Enum Value | Description |
|---|---|
|
|
One time report. |
|
|
Recurring report. |
ExecutiveReportsWithPagination
Paginated reports.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
Pagination settings. |
results -
[ExecutiveReport!]
|
List of report configurations. |
Example
{
"pageInfo": Pagination,
"results": [ExecutiveReport]
}
Feature
Feature type along with its negotiation status.
| Field Name | Description |
|---|---|
activationStatus -
ActivationStatus!
|
Specifies a combination of whether the offering is purchased and/or enabled in the portal. |
name -
FeatureType!
|
Specifies a feature/offering (DDOS/BGP On Demand/etc) to filter search results on. |
Example
{
"activationStatus": ActivationStatus,
"name": FeatureType
}
FeatureActivationState
Filter for a feature's enabled and contract statuses.
| Input Field | Description |
|---|---|
enabled -
Boolean
|
When set to true, it means customer has this feature enabled. |
entitled -
Boolean
|
When set to true, it means customer has an activated contract for this feature. |
Example
{"enabled": false, "entitled": false}
FeatureType
A feature purchased by a customer.
| Enum Value | Description |
|---|---|
|
|
Represents Additional Router for BGP routes for customer. |
|
|
Additional Router for BGP routes for customer. |
|
|
Assures one free mitigation contract for customer. |
|
|
Assures three free mitigation contracts for customer. |
|
|
Represents that BGP mitigation is always on for customer. |
|
|
Represents that BGP mitigation is available upon demand for customer. |
|
|
Represents Web Application Firewall feature for customer. |
|
|
Represents Hybrid Appliance for DDoS mitigation for customer. |
|
|
Represents Web proxy (Virtual IPs) feature for customer. |
|
|
Assures unlimited mitigations for customer. |
FieldConsistencyRuleCountsWithPagination
Field consistency learning rule counts.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
|
results -
[FormFieldConsistencyRuleCount!]
|
Example
{
"pageInfo": Pagination,
"results": [FormFieldConsistencyRuleCount]
}
FieldConsistencyRulesWithPagination
A paginated list of Form Field consistency exemption rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[FormFieldConsistencyRule!]
|
A list of exemption rules. |
Example
{
"pageInfo": Pagination,
"results": [FormFieldConsistencyRule]
}
FieldFormat
A field format countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
enforcementRules -
FieldFormatEnforcementRulesWithPagination
|
A paginated list of enforcement rules. These are tightening rules, in order to relax some rules you need to remove them from this list. |
|
Arguments |
|
learn -
Boolean!
|
A flag to enable or disable learning. |
maxLength -
UnsignedInt16
|
Maximum length of the field (in characters). |
minLength -
UnsignedInt16
|
Minimum length of the field (in characters). |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for field format violations. |
type -
FieldFormatType!
|
Allowed types for this field. |
Example
{
"action": WAFAction,
"enforcementRules": FieldFormatEnforcementRulesWithPagination,
"learn": true,
"maxLength": UnsignedInt16,
"minLength": UnsignedInt16,
"threshold": AppSecThreshold,
"type": FieldFormatType
}
FieldFormatEnforcementRule
A field format enforcement rule.
| Field Name | Description |
|---|---|
actionURL -
String!
|
The action URL of the web form. |
enabled -
Boolean!
|
Whether the field format is enabled. |
fieldType -
FieldFormatType!
|
The field type from the allowed list. |
formFieldName -
String!
|
The form field name. |
isFormFieldRegex -
Boolean!
|
Whether a form field name is in regex format. |
maxLength -
UnsignedInt16
|
Maximum length of the field (in characters). This field is set ONLY when field type is present. |
minLength -
UnsignedInt16
|
Minimum length of the field (in characters). This field is set ONLY when field type is present. |
Example
{
"actionURL": "abc123",
"enabled": false,
"fieldType": FieldFormatType,
"formFieldName": "abc123",
"isFormFieldRegex": true,
"maxLength": UnsignedInt16,
"minLength": UnsignedInt16
}
FieldFormatEnforcementRuleInput
Create a field format enforcement rule.
| Input Field | Description |
|---|---|
actionURL -
String!
|
The action URL of the web form. |
enabled -
Boolean! default = true |
Whether the field format is enabled. |
fieldType -
FieldFormatType!
|
The field type from the allowed list. |
formFieldName -
String!
|
The form field name. |
isFormFieldRegex -
Boolean! default = false |
Whether the form field name is in regex format |
maxLength -
UnsignedInt16! default = 65535 |
Maximum length of the field (in characters). |
minLength -
UnsignedInt16! default = 0 |
Minimum length of the field (in characters). |
Example
{
"actionURL": "xyz789",
"enabled": true,
"fieldType": FieldFormatType,
"formFieldName": "xyz789",
"isFormFieldRegex": false,
"maxLength": 65535,
"minLength": 0
}
FieldFormatEnforcementRulesWithPagination
A paginated list of field format enforcement rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[FieldFormatEnforcementRule!]
|
List of field format rules. |
Example
{
"pageInfo": Pagination,
"results": [FieldFormatEnforcementRule]
}
FieldFormatRuleCount
Field format rule count.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
|
rule -
LearnedFieldFormatRule!
|
Example
{
"count": UnsignedInt32,
"rule": LearnedFieldFormatRule
}
FieldFormatRuleCountsWithPagination
Field format learning rule counts.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
|
results -
[FieldFormatRuleCount!]
|
Example
{
"pageInfo": Pagination,
"results": [FieldFormatRuleCount]
}
FieldFormatType
Allowed list of field format types.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
FilterListDimension
One of the sorted order fields.
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the DESCRIPTION. |
|
|
The ascending order based on the LIST_TYPE. |
|
|
The ascending order based on the NAME. |
|
|
The ascending order based on the USED_IN_AUTOMITIGATION. |
|
|
The ascending order based on the USED_IN_TEMPLATE. |
FilterListSortBy
FilterListSortBy sorting.
| Input Field | Description |
|---|---|
dimension -
FilterListDimension! default = "NAME" |
The dimension to sort by. |
direction -
SortDirection! default = "DESCENDING" |
The direction to sort in. |
Example
{
"dimension": "NAME",
"direction": "DESCENDING"
}
FilterListType
Types of Filter Lists.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
FilterListsWithPagination
Represents the list of filter lists along with pagination details.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The pagination details. |
results -
[DDOSFilterList!]
|
The list of filter lists. |
Example
{
"pageInfo": Pagination,
"results": [DDOSFilterList]
}
FilterTemplate
| Field Name | Description |
|---|---|
id -
String!
|
The ID of the Template as defined in Arbor. |
managedObjects -
[FilterManagedObject]
|
Set of managed objects referenced by the template object. |
name -
String!
|
Name of the template. |
Example
{
"id": "abc123",
"managedObjects": [FilterManagedObject],
"name": "xyz789"
}
FilterType
Identifies the Filter List as Inline or User defined.
| Enum Value | Description |
|---|---|
|
|
Filter is defined inline inside an Arbor Template. |
|
|
Filter is defined as an Arbor Filter List. |
Float
The Float scalar type represents signed double-precision fractional values as specified by
IEEE 754.
Example
123.45
FlowConfig
Flow Configuration
| Field Name | Description |
|---|---|
alertEnabled -
Boolean!
|
Flow up/down notification. |
alertTimeout -
String!
|
Configured flow alert timeout. |
exportIP -
IPAddress!
|
Flow export IP address. |
Example
{
"alertEnabled": true,
"alertTimeout": "abc123",
"exportIP": IPAddress
}
FormFieldConsistency
Represents Form field consistency countermeasure. It verifies that the web forms were not modified inappropriately by the client.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
fieldConsistencyExemptions -
FieldConsistencyRulesWithPagination
|
A paginated list of exemption rules. |
|
Arguments |
|
learn -
Boolean!
|
A flag to enable or disable learning. |
sessionlessFieldConsistency -
SessionlessFieldConsistency!
|
When turned on, it checks only the web form structure. |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for form field consistency violations. |
Example
{
"action": WAFAction,
"fieldConsistencyExemptions": FieldConsistencyRulesWithPagination,
"learn": true,
"sessionlessFieldConsistency": SessionlessFieldConsistency,
"threshold": AppSecThreshold
}
FormFieldConsistencyRule
A form field consistency exemption rule.
| Field Name | Description |
|---|---|
actionURL -
String!
|
The action URL of the web form. |
enabled -
Boolean!
|
Whether the field consistency exemption is enabled. |
formFieldName -
String!
|
The form field name. |
isFormFieldRegex -
Boolean!
|
Whether the form field name is in regex format. |
Example
{
"actionURL": "xyz789",
"enabled": true,
"formFieldName": "abc123",
"isFormFieldRegex": true
}
FormFieldConsistencyRuleCount
Field consistency rule count.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
|
rule -
LearnedFormFieldConsistencyRule!
|
Example
{
"count": UnsignedInt32,
"rule": LearnedFormFieldConsistencyRule
}
FormFieldConsistencyRuleInput
A form field consistency exemption rule.
| Input Field | Description |
|---|---|
actionURL -
String!
|
The action URL of the web form. |
enabled -
Boolean! default = true |
Whether the field consistency exemption is enabled. |
formFieldName -
String!
|
The form field name. |
isFormFieldRegex -
Boolean! default = false |
Whether the form field name is in regex format. |
Example
{
"actionURL": "xyz789",
"enabled": true,
"formFieldName": "abc123",
"isFormFieldRegex": false
}
FormFieldSignatureRule
A WAF custom signature form field rule.
| Field Name | Description |
|---|---|
fieldName -
String
|
The field name used in this rule. |
fieldNameFormat -
SignatureRuleFormat!
|
A form field name format from the allowed list of formats. |
url -
String
|
The url used in this rule. |
urlFormat -
SignatureRuleFormat!
|
A url format from the allowed list of formats. |
Example
{
"fieldName": "abc123",
"fieldNameFormat": SignatureRuleFormat,
"url": "abc123",
"urlFormat": SignatureRuleFormat
}
FormFieldSignatureRuleInput
Create a WAF custom signature form field rule.
| Input Field | Description |
|---|---|
fieldName -
String
|
The field name used in this rule. |
fieldNameFormat -
SignatureRuleFormat! default = "ANY" |
A form field name format from the allowed list of formats. |
url -
String
|
The url used in this rule. |
urlFormat -
SignatureRuleFormat! default = "ANY" |
A url format from the allowed list of formats. |
Example
{
"fieldName": "xyz789",
"fieldNameFormat": "ANY",
"url": "xyz789",
"urlFormat": "ANY"
}
GeoLocation
Represents a geographic location.
| Field Name | Description |
|---|---|
areaCode -
String
|
The area code of the location. |
city -
String
|
The city of the location. |
continent -
String
|
The continent of the location. |
countryCode -
CountryCode
|
The country code of the location. |
countryName -
String
|
The country name of the location. |
latitude -
Float
|
The latitude of the location. |
longitude -
Float
|
The longitude of the location. |
postal -
String
|
The postal code of the location. |
region -
String
|
The region of the location. |
state -
String
|
The state of the location. |
stateCode -
String
|
The state code of the location. |
timezone -
String
|
The timezone of the location. |
Example
{
"areaCode": "xyz789",
"city": "abc123",
"continent": "abc123",
"countryCode": CountryCode,
"countryName": "xyz789",
"latitude": 987.65,
"longitude": 123.45,
"postal": "xyz789",
"region": "xyz789",
"state": "xyz789",
"stateCode": "xyz789",
"timezone": "abc123"
}
HTMLLocation
Allowed list of values for an HTML location.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
HTMLSQLInjection
An HTML SQL injection countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
checkSQLWildChars -
Boolean!
|
Whether to check for form fields that contain SQL wild chars. |
exemptCommentsWith -
CommentExemption!
|
Exempt all comments of the given type. |
learn -
Boolean!
|
A flag to enable or disable learning. |
relaxationRules -
HTMLSQLInjectionRelaxationRulesWithPagination
|
A paginated list of SQL Injection rules. |
|
Arguments |
|
sqlInjectionType -
SQLInjectionType!
|
A SQL injection type. |
sqliGrammar -
Boolean!
|
Enable SQL Injection grammar |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for HTML SQL injection violations. |
Example
{
"action": WAFAction,
"checkSQLWildChars": false,
"exemptCommentsWith": CommentExemption,
"learn": true,
"relaxationRules": HTMLSQLInjectionRelaxationRulesWithPagination,
"sqlInjectionType": SQLInjectionType,
"sqliGrammar": true,
"threshold": AppSecThreshold
}
HTMLSQLInjectionRelaxationRule
An HTML SQL injection relaxation rule.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean!
|
Whether the name is in regex format. |
isValueExpressionRegex -
Boolean
|
Whether the value expression is in regex format. |
location -
HTMLLocation
|
Location that should be examined by the rule. |
name -
String!
|
Name of the web form field, cookie, or HTTP header to relax. |
url -
String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
valueExpression -
String
|
The value expression. |
valueType -
ValueType
|
The HTML value type. |
Example
{
"enabled": false,
"isNameRegex": false,
"isValueExpressionRegex": true,
"location": HTMLLocation,
"name": "xyz789",
"url": "abc123",
"valueExpression": "abc123",
"valueType": ValueType
}
HTMLSQLInjectionRelaxationRuleInput
An HTML SQL injection relaxation rule.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean! default = false |
Whether the name is in regex format. |
isValueExpressionRegex -
Boolean default = false |
Whether the value expression is in regex format. |
location -
HTMLLocation
|
The location that should be examined by the rule. |
name -
String!
|
Name of the web form field, cookie, or HTTP header to relax. |
url -
String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
valueExpression -
String
|
The value expression. |
valueType -
ValueType
|
The HTML value type. |
Example
{
"enabled": true,
"isNameRegex": false,
"isValueExpressionRegex": false,
"location": HTMLLocation,
"name": "abc123",
"url": "abc123",
"valueExpression": "xyz789",
"valueType": ValueType
}
HTMLSQLInjectionRelaxationRulesWithPagination
A paginated list of SQL injection relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[HTMLSQLInjectionRelaxationRule!]
|
A list of relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [HTMLSQLInjectionRelaxationRule]
}
HTMLSQLInjectionRuleCount
HTML SQL injection rule count.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
|
rule -
LearnedHTMLSQLInjectionRule!
|
Example
{
"count": UnsignedInt32,
"rule": LearnedHTMLSQLInjectionRule
}
HTMLSQLInjectionRuleCountsWithPagination
Counts of learned HTML SQL injection relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
|
results -
[HTMLSQLInjectionRuleCount!]
|
Example
{
"pageInfo": Pagination,
"results": [HTMLSQLInjectionRuleCount]
}
HTMLXSS
An HTML cross-site scripting countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
checkCompleteURLs -
Boolean
|
A flag to enforce checks for complete URLs for cross-site scripts, instead of just the query portions of URLs. |
learn -
Boolean!
|
A flag to enable or disable learning. |
relaxationRules -
HTMLXSSRelaxationRulesWithPagination
|
A paginated list of HTML XSS relaxation rules. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for HTML cross-site scripting violations. |
Example
{
"action": WAFAction,
"checkCompleteURLs": true,
"learn": true,
"relaxationRules": HTMLXSSRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
HTMLXSSLocation
Allowed list of values for an HTML location in case of HTML XSS.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
HTMLXSSRelaxationRule
An HTML XSS relaxation rule.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean!
|
Whether the name is in regex format. |
isValueExpressionRegex -
Boolean
|
Whether the value expression is in regex format. |
location -
HTMLXSSLocation
|
The location that should be examined by the rule. |
name -
String!
|
Name of the web form field, cookie, or HTTP header to relax. |
url -
String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
valueExpression -
String
|
The value expression. |
valueType -
XSSValueType
|
The XSS value type. |
Example
{
"enabled": true,
"isNameRegex": true,
"isValueExpressionRegex": true,
"location": HTMLXSSLocation,
"name": "xyz789",
"url": "abc123",
"valueExpression": "abc123",
"valueType": XSSValueType
}
HTMLXSSRelaxationRuleInput
An HTML XSS relaxation rule.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean! default = false |
Whether the name is in regex format. |
isValueExpressionRegex -
Boolean default = false |
Whether the value expression is in regex format. |
location -
HTMLXSSLocation
|
The location that should be examined by the rule. |
name -
String!
|
Name of the web form field, cookie, or HTTP header to relax. |
url -
String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
valueExpression -
String
|
The value expression. |
valueType -
XSSValueType
|
The HTML value type. |
Example
{
"enabled": true,
"isNameRegex": false,
"isValueExpressionRegex": false,
"location": HTMLXSSLocation,
"name": "abc123",
"url": "abc123",
"valueExpression": "xyz789",
"valueType": XSSValueType
}
HTMLXSSRelaxationRulesWithPagination
A paginated list of HTML cross-site scripting relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[HTMLXSSRelaxationRule!]
|
A list of HTML XSS relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [HTMLXSSRelaxationRule]
}
HTMLXSSRuleCount
HTML XSS rule count.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
|
rule -
LearnedHTMLXSSRule!
|
Example
{
"count": UnsignedInt32,
"rule": LearnedHTMLXSSRule
}
HTMLXSSRuleCountsWithPagination
HTML XSS learning rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
|
results -
[HTMLXSSRuleCount!]
|
Example
{
"pageInfo": Pagination,
"results": [HTMLXSSRuleCount]
}
HTTPMalformedDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
enabled -
Boolean!
|
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
level -
String!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"enabled": true,
"id": "xyz789",
"level": "xyz789",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
HTTPObjectDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
enabled -
Boolean!
|
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
limit -
Int!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"enabled": true,
"id": "xyz789",
"limit": 987,
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
HTTPRFCProfile
A HTTP RFC Profile countermeasure. This setting is used when certain scenarios might need to bypass or block non RFC compliant request.
| Field Name | Description |
|---|---|
action -
HTTPRFCProfileAction!
|
Action to be taken when there is a non compliant request. |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for HTTP RFC violations. |
Example
{
"action": HTTPRFCProfileAction,
"threshold": AppSecThreshold
}
HTTPRFCProfileAction
Allowed list of values for HTTP RFC Profile action.
| Enum Value | Description |
|---|---|
|
|
|
|
|
HTTPRequestDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
HTTPScopingDDOSCountermeasure
| Field Name | Description |
|---|---|
applyOnMatch -
Boolean!
|
|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"applyOnMatch": true,
"company": Company,
"id": "abc123",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
HeaderSignatureRule
A WAF custom signature header rule.
| Field Name | Description |
|---|---|
headerName -
String
|
The header name used in this rule. |
headerNameFormat -
SignatureRuleFormat!
|
A header name format from the allowed list of formats. |
Example
{
"headerName": "xyz789",
"headerNameFormat": SignatureRuleFormat
}
HeaderSignatureRuleInput
Create a WAF custom signature header rule.
| Input Field | Description |
|---|---|
headerName -
String
|
The header name used in this rule. |
headerNameFormat -
SignatureRuleFormat! default = "ANY" |
A header name format from the allowed list of formats. |
Example
{
"headerName": "abc123",
"headerNameFormat": "ANY"
}
HostDetectionSetting
Host Detection Setting.
| Field Name | Description |
|---|---|
enabled -
String!
|
A flag indicating if the misuse type is enabled. |
highSeverityRate -
String!
|
The misuse type traffic rate use to differentiate between low, medium and high severity alert. |
misuseType -
MisuseTypeSetting!
|
The misuse type. |
name -
String!
|
The name of the misuse type |
triggerRate -
String!
|
The trigger rate for the misuse type that must be exceeded before generating an alert. |
Example
{
"enabled": "abc123",
"highSeverityRate": "xyz789",
"misuseType": MisuseTypeSetting,
"name": "xyz789",
"triggerRate": "xyz789"
}
ID
The ID scalar type represents a unique identifier, often used to refetch an object or as key for a cache. The ID type appears in a JSON response as a String; however, it is not intended to be human-readable. When expected as an input type, any string (such as "4") or integer (such as 4) input value will be accepted as an ID.
Example
object
IPAddress
IPAddress represents a generic IP address
| Field Name | Description |
|---|---|
strictVersion -
IPVersion!
|
The reduced IP version of the address. V4 addresses encoded in v6 format will report IPV4 |
string -
String!
|
A string representation of the IP address. |
version -
IPVersion!
|
The nominal IP version of the address. Note that v4 addresses encoded in v6 format will report IPV6 |
Example
{
"strictVersion": IPVersion,
"string": "abc123",
"version": IPVersion
}
IPAddressFilterListDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
IPAddressInput
IPAddressInput is used to specify a generic IP address. One and only one field can be specified.
| Input Field | Description |
|---|---|
ipv4Address -
IPv4Address
|
for an IPV4 version address |
ipv6Address -
IPv6Address
|
for an IPV6 version address |
Example
{
"ipv4Address": IPv4Address,
"ipv6Address": IPv6Address
}
IPFilterFilterInput
Represents properties we can filter the IP filter list by.
| Input Field | Description |
|---|---|
cidr -
CIDR
|
CIDR which is blacklisted or whitelisted. |
isBlocked -
Boolean
|
Flag which shows if the CIDR is blacklisted (true) or whitelisted (false). |
version -
IPVersion
|
IP Version of the CIDR. |
Example
{
"cidr": CIDR,
"isBlocked": true,
"version": IPVersion
}
IPFiltersWithPagination
Contains the paginated list of IP filters.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The results paging information. |
results -
[IPFilter!]
|
List of IP filters. |
Example
{
"pageInfo": Pagination,
"results": [IPFilter]
}
IPInfo
Represents IP Intelligence information for a given IP address.
| Field Name | Description |
|---|---|
address -
IPAddress
|
The IP address of interest. |
location -
GeoLocation
|
The IP location metadata. |
network -
IPNetwork
|
The IP network. |
reputation -
IPReputation
|
The IP reputation. |
Example
{
"address": IPAddress,
"location": GeoLocation,
"network": IPNetwork,
"reputation": IPReputation
}
IPLocationFilterListDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
dropMatchedOrUnmatched -
String!
|
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"dropMatchedOrUnmatched": "abc123",
"id": "abc123",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
IPLocationPolicingDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
IPNetwork
IP Network information.
| Field Name | Description |
|---|---|
asn -
UnsignedInt32
|
The ASN number. |
carrier -
String
|
The carrier of the network. |
organization -
String
|
The organization of the network. |
Example
{
"asn": UnsignedInt32,
"carrier": "xyz789",
"organization": "abc123"
}
IPReputation
IP Reputation score.
| Field Name | Description |
|---|---|
classification -
[String!]
|
IP classifications are a list of strings which indicate additional analytical information about the IP . |
realScore -
Float
|
IP reputation real score. |
riskScore -
Float
|
IP reputation risk score. |
Example
{"classification": ["abc123"], "realScore": 987.65, "riskScore": 123.45}
IPVersion
IP version
| Enum Value | Description |
|---|---|
|
|
IP v4 (32 bits, Four dot-separated octets) |
|
|
IP v6 (128 bits, Eight colon-separated hextets, with shorthand for expressing IPv4 addresses) |
InlineFilter
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
description -
String
|
The description of the filter list. |
entries -
[String!]!
|
Array of filter list entries based on the value of the listType attribute:" BLACK_WHITE_IPV4: IPv4 FCAP expressions BLACK_WHITE_IPV6: IPv6 FCAP expressions ADDRESS_IPV4: IPv4 CIDRs or addresses ADDRESS_IPV6: IPv6 CIDRs or addresses IP_LOCATION: Two-letter ISO 3166 country codes |
filterType -
FilterType!
|
Indicates whether this filter list is user defined or an inline filter. |
id -
String!
|
Since this is an Inline Filter, the ID is the ID of the Template where it is defined. |
listType -
FilterListType!
|
Type of data contained in this Filter List. |
listTypeLabel -
String!
|
Display label for the type of data contained in this Filter List. |
managedObjects -
[FilterManagedObject]!
|
A set of Managed Objects referenced by this Filter |
name -
String!
|
Name of the filter list. |
usedInAutoMitigation -
Boolean!
|
Indicates if this Filter List is used in an Auto Mitigation. |
usedInTemplate -
Boolean!
|
Indicates if this Filter List is used in a Template. |
Example
{
"company": Company,
"description": "xyz789",
"entries": ["abc123"],
"filterType": FilterType,
"id": "abc123",
"listType": FilterListType,
"listTypeLabel": "abc123",
"managedObjects": [FilterManagedObject],
"name": "xyz789",
"usedInAutoMitigation": false,
"usedInTemplate": false
}
Int
The Int scalar type represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1.
Example
123
Interface
| Field Name | Description |
|---|---|
name -
String!
|
|
traffic -
[TrafficData!]!
|
Example
{"name": "abc123", "traffic": [TrafficData]}
InvalidPacketsDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
JSONCommandInjectionRelaxationRulesWithPagination
A paginated list of JSON command injection relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[JSONCommandInjectionRelaxationRule!]
|
A list of relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [JSONCommandInjectionRelaxationRule]
}
JSONCommandInjectionSettings
JSON command injection Settings
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
commandInjectionType -
CommandInjectionType!
|
A Command injection type. |
relaxationRules -
JSONCommandInjectionRelaxationRulesWithPagination
|
A paginated list of command injection rules. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for JSON command injection violations. |
Example
{
"action": WAFAction,
"commandInjectionType": CommandInjectionType,
"relaxationRules": JSONCommandInjectionRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
JSONCrossSiteScriptingSettings
JSON cross-site scripting settings to protect applications from XSS Attacks through JSON requests
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
relaxationRules -
JSONXSSRelaxationRulesWithPagination
|
A paginated list of SQL Injection rules. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for JSON XSS violations. |
Example
{
"action": WAFAction,
"relaxationRules": JSONXSSRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
JSONDenialOfServiceSettings
JSON Denial of Service Settings to protect applications from Denial of Service Attacks through JSON requests
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
enforcementRule -
JSONDoSEnforcementRule
|
A DOS Enforcement rules. |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for JSON DOS violations. |
Example
{
"action": WAFAction,
"enforcementRule": JSONDoSEnforcementRule,
"threshold": AppSecThreshold
}
JSONDoSEnforcementRule
A JSON Denial of Service enforcement rule.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the relaxation rule is enabled. |
jsonMaxArrayLength -
UnsignedInt32
|
JSON maximum array length in bytes. |
jsonMaxContainerDepth -
UnsignedInt32
|
JSON maximum container depth in bytes. |
jsonMaxDocumentLength -
UnsignedInt32
|
JSON maximum document length in bytes. |
jsonMaxObjectKeyCount -
UnsignedInt32
|
JSON maximum object key count in bytes. |
jsonMaxObjectKeyLength -
UnsignedInt32
|
JSON maximum object key length in bytes. |
jsonMaxStringLength -
UnsignedInt32
|
JSON maximum object string length in bytes. |
Example
{
"enabled": true,
"jsonMaxArrayLength": UnsignedInt32,
"jsonMaxContainerDepth": UnsignedInt32,
"jsonMaxDocumentLength": UnsignedInt32,
"jsonMaxObjectKeyCount": UnsignedInt32,
"jsonMaxObjectKeyLength": UnsignedInt32,
"jsonMaxStringLength": UnsignedInt32
}
JSONDoSEnforcementRuleInput
A JSON Denial of Service enforcement rule input.
| Input Field | Description |
|---|---|
enabled -
Boolean!
|
Whether the relaxation rule is enabled. |
jsonMaxArrayLength -
UnsignedInt32
|
JSON maximum array length in bytes. |
jsonMaxContainerDepth -
UnsignedInt32
|
JSON maximum container depth in bytes. |
jsonMaxDocumentLength -
UnsignedInt32
|
JSON maximum document length in bytes. |
jsonMaxObjectKeyCount -
UnsignedInt32
|
JSON maximum object key count in bytes. |
jsonMaxObjectKeyLength -
UnsignedInt32
|
JSON maximum object key length in bytes. |
jsonMaxStringLength -
UnsignedInt32
|
JSON maximum object string length in bytes. |
Example
{
"enabled": false,
"jsonMaxArrayLength": UnsignedInt32,
"jsonMaxContainerDepth": UnsignedInt32,
"jsonMaxDocumentLength": UnsignedInt32,
"jsonMaxObjectKeyCount": UnsignedInt32,
"jsonMaxObjectKeyLength": UnsignedInt32,
"jsonMaxStringLength": UnsignedInt32
}
JSONSQLInjectionRelaxationRulesWithPagination
A paginated list of JSON SQL injection relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[JSONSQLInjectionRelaxationRule!]
|
A list of relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [JSONSQLInjectionRelaxationRule]
}
JSONSQLInjectionSettings
JSON SQL Injection Settings to protect applications from SQL Injection attacks through JSON requests
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
relaxationRules -
JSONSQLInjectionRelaxationRulesWithPagination
|
A paginated list of SQL Injection rules. |
|
Arguments |
|
sqlInjectionType -
SQLInjectionType!
|
A SQL injection type. |
sqliGrammar -
Boolean!
|
Enable SQL Injection grammar |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for JSON SQL injection violations. |
Example
{
"action": WAFAction,
"relaxationRules": JSONSQLInjectionRelaxationRulesWithPagination,
"sqlInjectionType": SQLInjectionType,
"sqliGrammar": true,
"threshold": AppSecThreshold
}
JSONSettings
JSON Security Settings to protect JSON Applications
| Field Name | Description |
|---|---|
jsonCommandInjectionSettings -
JSONCommandInjectionSettings
|
JSON Command Injection Settings. |
jsonCrossSiteScriptingSettings -
JSONCrossSiteScriptingSettings
|
JSON Cross Site Scripting Settings. |
jsonDenialOfServiceSettings -
JSONDenialOfServiceSettings
|
JSON Denial of Service Settings. |
jsonSQLInjectionSettings -
JSONSQLInjectionSettings
|
JSON SQL Injection Settings. |
Example
{
"jsonCommandInjectionSettings": JSONCommandInjectionSettings,
"jsonCrossSiteScriptingSettings": JSONCrossSiteScriptingSettings,
"jsonDenialOfServiceSettings": JSONDenialOfServiceSettings,
"jsonSQLInjectionSettings": JSONSQLInjectionSettings
}
JSONXSSRelaxationRulesWithPagination
A paginated list of JSON XSS relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[JSONXSSRelaxationRule!]
|
A list of relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [JSONXSSRelaxationRule]
}
LearnedFieldFormatRule
A learned field format rule.
| Field Name | Description |
|---|---|
actionURL -
String!
|
Action URL. |
enabled -
Boolean!
|
Whether the rule is enabled. |
fieldType -
String!
|
Type of field. |
formFieldName -
String!
|
Name of the form field. |
maxLength -
UnsignedInt32!
|
Maximum length. |
minLength -
UnsignedInt32!
|
Minimum length. |
Example
{
"actionURL": "xyz789",
"enabled": true,
"fieldType": "xyz789",
"formFieldName": "abc123",
"maxLength": UnsignedInt32,
"minLength": UnsignedInt32
}
LearnedHTMLSQLInjectionRule
A learned HTML SQL injection rule.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the rule is enabled. |
location -
String!
|
Location. |
name -
String!
|
Name of the rule. |
url -
String!
|
URL. |
valueExpression -
String!
|
Value expression. |
valueType -
String!
|
Value type. |
Example
{
"enabled": true,
"location": "abc123",
"name": "abc123",
"url": "xyz789",
"valueExpression": "xyz789",
"valueType": "xyz789"
}
LearnedHTMLXSSRule
A learned HTML XSS rule.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the rule is enabled. |
location -
String!
|
Location. |
name -
String!
|
Name of the rule. |
url -
String!
|
URL. |
valueExpression -
String!
|
Value expression. |
valueType -
String!
|
Value type. |
Example
{
"enabled": false,
"location": "abc123",
"name": "xyz789",
"url": "abc123",
"valueExpression": "abc123",
"valueType": "abc123"
}
LearningRules
Rules that are being learned, from items that were set to 'Learn' mode.
| Field Name | Description |
|---|---|
contentTypeRules -
ContentTypeRuleCountsWithPagination
|
|
|
Arguments |
|
cookieConsistencyRules -
CookieConsistencyRuleCountsWithPagination
|
|
|
Arguments |
|
crossSiteScriptingRules -
HTMLXSSRuleCountsWithPagination
|
|
|
Arguments |
|
csrfSettingsRules -
CSRFSettingsRuleCountsWithPagination
|
|
|
Arguments |
|
fieldConsistencyRules -
FieldConsistencyRuleCountsWithPagination
|
|
|
Arguments |
|
fieldFormatRules -
FieldFormatRuleCountsWithPagination
|
|
|
Arguments |
|
htmlSQLInjectionRules -
HTMLSQLInjectionRuleCountsWithPagination
|
|
|
Arguments |
|
wsiSettingsRules -
WSISettingsRuleCountsWithPagination
|
|
|
Arguments |
|
Example
{
"contentTypeRules": ContentTypeRuleCountsWithPagination,
"cookieConsistencyRules": CookieConsistencyRuleCountsWithPagination,
"crossSiteScriptingRules": HTMLXSSRuleCountsWithPagination,
"csrfSettingsRules": CSRFSettingsRuleCountsWithPagination,
"fieldConsistencyRules": FieldConsistencyRuleCountsWithPagination,
"fieldFormatRules": FieldFormatRuleCountsWithPagination,
"htmlSQLInjectionRules": HTMLSQLInjectionRuleCountsWithPagination,
"wsiSettingsRules": WSISettingsRuleCountsWithPagination
}
LegacyApplicationService
Application services that make up the back end of the virtual server.
| Field Name | Description |
|---|---|
origin -
String!
|
The IP address for the application service. |
port -
UnsignedInt16!
|
The port number for the application service. |
protocol -
ProxyProtocol!
|
The protocol type used for this virtual server's front and back ends. |
Example
{
"origin": "xyz789",
"port": UnsignedInt16,
"protocol": ProxyProtocol
}
LegacyCertificateBinding
Certificate information for a back end.
| Field Name | Description |
|---|---|
certificateID -
String!
|
Common name used for SNI initiation. |
sni -
Boolean!
|
Forces back-end SNI support between the proxy and the origin, sending the specified common name to initiate SNI to the back end. |
Example
{"certificateID": "xyz789", "sni": true}
LegacyProxy
A proxy configured on hardware appliances.
| Field Name | Description |
|---|---|
company -
Company!
|
Company for which this proxy is configured. |
createdAt -
Time!
|
Time when this proxy was created. |
deletedAt -
Time
|
Time when this proxy was deleted. |
id -
String!
|
ID of this proxy. |
ip -
IPAddress!
|
IP or hostname. |
ipVersion -
IPVersion!
|
The IP version of this host. |
name -
String!
|
Friendly name of the proxy configuration. Typically set to the hostname being proxied to the services. |
provisioningStatus -
ProxyProvisioningStatus
|
The provisioning status of this proxy. |
readOnly -
Boolean!
|
Indicates whether the configuration of this proxy can be updated by the customer. |
updatedAt -
Time!
|
Time when this proxy was last updated. |
vServers -
[LegacyVServer!]
|
List of virtual servers configured for this proxy for delivering services. |
Example
{
"company": Company,
"createdAt": Time,
"deletedAt": Time,
"id": "xyz789",
"ip": IPAddress,
"ipVersion": IPVersion,
"name": "abc123",
"provisioningStatus": ProxyProvisioningStatus,
"readOnly": true,
"updatedAt": Time,
"vServers": [LegacyVServer]
}
LegacyTLSOptions
TLS settings for the virtual server that is using TLS/SSL.
| Field Name | Description |
|---|---|
commonName -
String
|
Common name to be sent with request to back-end origin(s). |
forceBackendSNI -
Boolean!
|
Forces back-end SNI support between the proxy and the origin, sending the specified common name to initiate SNI to the back end. |
hstsEnabled -
Boolean!
|
Flag indicating whether or not to follow HTTP Strict Transport Security. |
hstsIncludeSubdomains -
Boolean!
|
Flag indicating whether to include subdomains parameter in HSTS. |
hstsMaxAge -
UnsignedInt32!
|
MaxAge parameter for HSTS. |
hstsPreload -
Boolean!
|
Flag indicating whether to include preload parameter in HSTS. |
minTLSVersion -
MinTLSVersion!
|
Minimum TLS versions to support. |
Example
{
"commonName": "xyz789",
"forceBackendSNI": true,
"hstsEnabled": false,
"hstsIncludeSubdomains": false,
"hstsMaxAge": UnsignedInt32,
"hstsPreload": false,
"minTLSVersion": MinTLSVersion
}
LegacyVServer
A virtual server, part of a legacy hardward proxy configuration.
| Field Name | Description |
|---|---|
applicationServices -
[LegacyApplicationService!]
|
Application services that make up this virtual server's back end. |
certificateBindings -
[LegacyCertificateBinding!]
|
Certficate(s) for this virtual server. |
company -
Company!
|
Company the proxy configuration belongs to. |
loadBalanceMethod -
ProxyLoadBalanceMethod!
|
Method used to load-balance connections to application services. |
persistenceType -
ProxyLoadBalancePersistenceType!
|
A session persistence type to apply to requests. |
port -
UnsignedInt16!
|
The virtual server's front-end port. |
protocol -
ProxyProtocol!
|
Protocol type used for the front and back ends. |
sp -
Boolean!
|
Ensure connections to the server occur at a rate that the server can handle. |
tcpb -
Boolean!
|
Use TCP Buffering for the service. |
tlsOptions -
LegacyTLSOptions
|
TLS/SSL protocol options. |
xffHeader -
String!
|
The name of the 'forwarded-for' header. |
Example
{
"applicationServices": [LegacyApplicationService],
"certificateBindings": [LegacyCertificateBinding],
"company": Company,
"loadBalanceMethod": ProxyLoadBalanceMethod,
"persistenceType": ProxyLoadBalancePersistenceType,
"port": UnsignedInt16,
"protocol": ProxyProtocol,
"sp": false,
"tcpb": false,
"tlsOptions": LegacyTLSOptions,
"xffHeader": "xyz789"
}
LogTime
The Date/Time format used for Violation logs time fields is UTC time with trailing zeroes for subfraction millseconds value.
Example
object
MFAPackage
Specifies Multi Factor Authentication configuration for company.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether multi-factor authentication (MFA) is enabled for the Company. |
Example
{"enabled": false}
ManagedObject
Managed Objects
| Field Name | Description |
|---|---|
company -
Company!
|
|
elementType -
ManagedObjectElementType
|
The type of traffic association criteria for the elements. |
id -
String!
|
Identifier of the managed object. |
mitigationTemplates -
[MitigationTemplate!]
|
List of mitigation templates associated |
name -
String!
|
|
sharedHostDetectionSettings -
SharedHostDetectionSettings
|
Shared host detection settings. |
types -
[ManagedObjectType!]
|
List of managed object type. |
Example
{
"company": Company,
"elementType": ManagedObjectElementType,
"id": "abc123",
"mitigationTemplates": [MitigationTemplate],
"name": "xyz789",
"sharedHostDetectionSettings": SharedHostDetectionSettings,
"types": [ManagedObjectType]
}
ManagedObjectElement
The type of the element for associating traffic with the managed object.
| Union Types |
|---|
ManagedObjectElementSimple
The type of the element that contains only a single value.
| Field Name | Description |
|---|---|
value -
String!
|
The single value of the element. |
Example
{"value": "abc123"}
ManagedObjectElementType
The type of traffic association criteria for an element.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ManagedObjectFilterInput
| Input Field | Description |
|---|---|
types -
[ManagedObjectType!]
|
Example
{"types": [ManagedObjectType]}
MinTLSVersion
List of supported values for Minimum TLS versions.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MisuseType
Misuse type.
| Field Name | Description |
|---|---|
actualRate -
[String!]!
|
|
highSeverityRate -
[String!]!
|
|
misuseTypeName -
String!
|
|
misuseTypeTriggerRate -
[String!]!
|
Example
{
"actualRate": ["xyz789"],
"highSeverityRate": ["xyz789"],
"misuseTypeName": "xyz789",
"misuseTypeTriggerRate": ["xyz789"]
}
MisuseTypeSetting
Misuse type setting.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Mitigation
Represents a Mitigation.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
end -
Time
|
The end time of the mitigation. A non-zero value of end time means that the mitigation has ended or finished. |
event -
Event
|
The event associated with this mitigation. |
id -
String!
|
The identifier of this mitigaiton. |
start -
Time!
|
The start time of the mitigaiton |
Example
{
"company": Company,
"end": Time,
"event": Event,
"id": "abc123",
"start": Time
}
MitigationDimension
One of the sorted order fields.
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the END time. |
|
|
The ascending order based on the START time. |
MitigationFilterInput
The filters that can be applied to scope the list of mitigations.
| Input Field | Description |
|---|---|
active -
Boolean
|
Include active mitigations when set to true or inactive when set to false. By default, all mitigations are fetched regardless of whether they are active or not. |
id -
String
|
The identifier of the mitigation |
providers -
[MitigationType!]
|
A provider(s) that you would like to filter events on. |
Example
{
"active": true,
"id": "xyz789",
"providers": [MitigationType]
}
MitigationSortBy
EventsSortBy sorting.
| Input Field | Description |
|---|---|
dimension -
MitigationDimension! default = "START" |
The dimension to sort by. |
direction -
SortDirection! default = "DESCENDING" |
The direction to sort in. |
Example
{
"dimension": "START",
"direction": "DESCENDING"
}
MitigationTemplate
Mitigation Templates
| Field Name | Description |
|---|---|
company -
Company!
|
|
deviceGroup -
DeviceGroup
|
Device group |
filterList -
[DDOSFilter!]
|
List of filters configured for this template |
id -
String!
|
Identifier for this Mitigation Template. |
ipVersion -
IPVersion
|
Example
{
"company": Company,
"deviceGroup": DeviceGroup,
"filterList": [DDOSFilter],
"id": "xyz789",
"ipVersion": IPVersion
}
MitigationType
Allowed mitigation type values. These types are also sometimes called providers
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
MitigationsWithPagination
Represents the list of mitigations along with pagination details.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The pagination details. |
results -
[Mitigation!]
|
The list of mitigations. |
Example
{
"pageInfo": Pagination,
"results": [Mitigation]
}
NetworkControls
Network controls for a given policy.
| Field Name | Description |
|---|---|
blockedCountries -
[CountryCode!]
|
A list of blocked countries. |
ipFilterList -
IPFiltersWithPagination
|
A paginated list of ip filters. |
|
Arguments |
|
Example
{
"blockedCountries": [CountryCode],
"ipFilterList": IPFiltersWithPagination
}
NetworkNode
A collection of devices and services located together in one physical location.
| Field Name | Description |
|---|---|
description -
String!
|
A user-friendly description. |
iataCode -
String!
|
An identifier for the node. Based on IATA code for the nearest (major) airport. |
Example
{"description": "abc123", "iataCode": "xyz789"}
NotificationCategory
NotificationCategory field values that can be included.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
NotificationConfiguration
Represents a Notification Configuration.
| Field Name | Description |
|---|---|
categories -
[CategoryConfiguration!]!
|
The list of global category notification configurations. |
company -
Company!
|
The company object. |
createdAt -
Time!
|
The time that the notification configuration was created at. |
id -
String!
|
The identifier of this notification configuration. |
updatedAt -
Time!
|
The time that the notification configuration was last updated at |
Example
{
"categories": [CategoryConfiguration],
"company": Company,
"createdAt": Time,
"id": "xyz789",
"updatedAt": Time
}
NotificationConfigurationFilterInput
A filter input to constrain the queried results of notification configurations.
| Input Field | Description |
|---|---|
companyConfiguration -
Boolean default = true |
By default, the company configuration is returned as a part of the results. This flag indicates whether to return the company notification configuration in the results. |
id -
String
|
The identifier of the notification configuration. |
userConfigurations -
Boolean default = false |
By default, the user notification configurations are not returned as a part of the results. This flag must be set to true to indicate whether the user notification configurations belonging to the company should be returned. |
userIDs -
[String!]
|
Retrieve notification configurations for specific user service IDs. |
Example
{
"companyConfiguration": true,
"id": "abc123",
"userConfigurations": false,
"userIDs": ["abc123"]
}
NotificationConfigurationsWithPagination
Represents the list of notification configurations along with pagination details.
| Field Name | Description |
|---|---|
pageInfo -
Pagination
|
The pagination details. |
results -
[NotificationConfiguration!]!
|
The list of notification configurations. |
Example
{
"pageInfo": Pagination,
"results": [NotificationConfiguration]
}
NotificationDimension
NotificationDimension the order that we can order notification configurations by.
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the createdAt time. |
|
|
The ascending order based on the updatedAt time. |
NotificationRecord
NotificationRecord collection.
| Field Name | Description |
|---|---|
category -
NotificationCategory!
|
Notification category that the record is a part of. |
company -
Company!
|
Company the notification record belongs to. |
content -
String!
|
Content text of the notification record. |
createdAt -
Time!
|
Time when the notification record was created. |
id -
String!
|
ID of the notification record. |
reads -
[String!]
|
List of users who read this notification. |
subject -
String!
|
Subject line of the notification record. |
updatedAt -
Time!
|
Time when the notification record was updated. |
Example
{
"category": NotificationCategory,
"company": Company,
"content": "xyz789",
"createdAt": Time,
"id": "xyz789",
"reads": ["abc123"],
"subject": "abc123",
"updatedAt": Time
}
NotificationRecordFilterInput
A filter input to constrain the queried results of notification records.
| Input Field | Description |
|---|---|
categories -
[NotificationCategory!]
|
List of categories to retrieve notification records for. |
id -
String
|
The identifier of the notification record. |
unread -
Boolean
|
A flag indicating to return read or unread notification records. |
Example
{
"categories": [NotificationCategory],
"id": "xyz789",
"unread": true
}
NotificationRecordsWithPagination
NotificationRecordsWithPagination represents the list of notification records along with pagination details.
| Field Name | Description |
|---|---|
pageInfo -
Pagination
|
The pagination details. |
results -
[NotificationRecord!]!
|
The list of notification records. |
Example
{
"pageInfo": Pagination,
"results": [NotificationRecord]
}
NotificationSortBy
NotificationSortBy of notification configurations.
| Input Field | Description |
|---|---|
dimension -
NotificationDimension! default = "CREATED_AT" |
The dimension to sort by. |
direction -
SortDirection! default = "DESCENDING" |
The direction to sort in. |
Example
{
"dimension": "CREATED_AT",
"direction": "DESCENDING"
}
NotificationsWhiteLabel
Whitelabel and domain elements for notifications.
| Field Name | Description |
|---|---|
managementDomain -
String!
|
Management domain name for this company's notifications. |
whiteLabel -
WhiteLabel!
|
Contains whitelabel specifications for this company's notifications. |
Example
{"managementDomain": "abc123", "whiteLabel": WhiteLabel}
OneTimeExecutiveReportConfiguration
One time report configuration.
| Field Name | Description |
|---|---|
createdAt -
Time
|
Timestamp when report is created. |
description -
String
|
Description of Report Configuration. |
enabled -
Boolean
|
If enabled, this configuration will generate a report. |
from -
Time
|
Starting timestamp for metrics to be pulled from. |
id -
String!
|
ID of one time report configuration. |
includeBot -
Boolean
|
If true, includes Bot mitigation summary in report. |
includeDDOS -
Boolean
|
If true, includes DDOS mitigation summary in report. |
includeWAF -
Boolean
|
If true, includes WAF violation summary in report. |
name -
String!
|
Name of one time report configuration. |
notification -
ExecutiveReportNotificationDetails
|
Email recepient list to send reports to. |
reportType -
ExecutiveReportType!
|
Type of report. |
to -
Time
|
Ending timestamp for metrics to be pulled from. |
Example
{
"createdAt": Time,
"description": "xyz789",
"enabled": false,
"from": Time,
"id": "xyz789",
"includeBot": false,
"includeDDOS": false,
"includeWAF": false,
"name": "xyz789",
"notification": ExecutiveReportNotificationDetails,
"reportType": ExecutiveReportType,
"to": Time
}
OneTimeExecutiveReportConfigurationsWithPagination
Paginated One time report configurations.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
Pagination settings. |
results -
[OneTimeExecutiveReportConfiguration!]
|
List of one time report configurations. |
Example
{
"pageInfo": Pagination,
"results": [OneTimeExecutiveReportConfiguration]
}
OpenHybridAlert
An alert that can be sent via an API call.totalItems
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
end -
Time
|
The end time of the alert. A non-zero value of end time means that the alert has ended or finished. |
id -
String!
|
The identifier of the alert. |
severity -
Severity!
|
An indication of how critical the Alert is. |
start -
Time!
|
The start time of the alert |
type -
AlertType!
|
A boolean value that indicates whether or not the alert is an Infrastructure alert |
Example
{
"company": Company,
"end": Time,
"id": "abc123",
"severity": Severity,
"start": Time,
"type": AlertType
}
POSTBody
A POST BODY limit countermeasure.
| Field Name | Description |
|---|---|
limit -
UnsignedInt32!
|
A post body size limit value. |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for post body limit violations. |
Example
{
"limit": UnsignedInt32,
"threshold": AppSecThreshold
}
PacketHeaderFilterDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
Pagination
Pagination representation.
| Field Name | Description |
|---|---|
itemsPerPage -
UnsignedInt32!
|
Number of items per page. |
pageNumber -
UnsignedInt32!
|
Current page number. |
totalItems -
UnsignedInt64!
|
The number of items that would have been returned if pagination hadn't been applied. |
Example
{
"itemsPerPage": UnsignedInt32,
"pageNumber": UnsignedInt32,
"totalItems": UnsignedInt64
}
PayloadDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
PerConnectionFloodProtectionDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
enabled -
Boolean!
|
|
enforcement -
String!
|
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
maximumBPS -
Int!
|
|
maximumPPS -
Int!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"enabled": false,
"enforcement": "xyz789",
"id": "abc123",
"maximumBPS": 987,
"maximumPPS": 987,
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
Policy
A configurable set of options that can be employed to secure Company assets.
| Field Name | Description |
|---|---|
appSecThresholds -
[AppSecThreshold!]
|
The appsec thresholds associated to this policy. |
botProfile -
BotProfile
|
The bot profile associated to this policy. |
company -
Company!
|
The name of the company. |
createdAt -
Time!
|
The time at which the policy was created. |
deletedAt -
Time
|
The time at which the policy was deleted. |
id -
String!
|
ID of the policy. |
key -
String!
|
A unique string representing a policy. |
learningRules -
LearningRules
|
Learning rules associated with the Policy. |
name -
String!
|
The name of the policy. |
networkControls -
NetworkControls
|
The network controls associated to this policy. |
proxies -
[Proxy!]
|
A list of proxies using this policy. |
|
Arguments
|
|
responderPolicies -
[ResponderPolicy!]
|
The responder polices associated to this policy. |
trustedSources -
TrustedSourcesWithPagination
|
The trusted IP sources associated to this policy. Traffic at these sources are used by the learning feature to generate recommendations. |
|
Arguments |
|
updatedAt -
Time!
|
The time at which the policy was updated. |
wafProfile -
WAFProfile
|
The WAF profile associated to this policy. |
Example
{
"appSecThresholds": [AppSecThreshold],
"botProfile": BotProfile,
"company": Company,
"createdAt": Time,
"deletedAt": Time,
"id": "abc123",
"key": "xyz789",
"learningRules": LearningRules,
"name": "xyz789",
"networkControls": NetworkControls,
"proxies": [Proxy],
"responderPolicies": [ResponderPolicy],
"trustedSources": TrustedSourcesWithPagination,
"updatedAt": Time,
"wafProfile": WAFProfile
}
PolicyFilterInput
Filter a list of policies.
| Input Field | Description |
|---|---|
id -
String
|
ID of the policy. |
includeDeleted -
Boolean! default = false |
Flag to indicate if we need to include the deleted policies as part of this search. |
key -
String
|
A unique string representing a policy. |
Example
{"id": "abc123", "includeDeleted": false, "key": "abc123"}
PortRange
| Field Name | Description |
|---|---|
high -
UnsignedInt64
|
|
low -
UnsignedInt64
|
Example
{
"high": UnsignedInt64,
"low": UnsignedInt64
}
Protocol
Protocol Binding used.
| Enum Value | Description |
|---|---|
|
|
Post used. |
|
|
Redirect used. |
ProtocolBaselineDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
Proxy
A proxy configuration.
| Field Name | Description |
|---|---|
company -
Company!
|
Company the proxy configuration belongs to. |
createdAt -
Time!
|
Time proxy was created. |
deletedAt -
Time
|
Time proxy was deleted. |
id -
String!
|
ID of this proxy. |
ip -
IPAddress!
|
IP or hostname. |
ipVersion -
IPVersion!
|
The IP version of this host. |
name -
String!
|
Friendly name of the proxy configuration. Typically set to the hostname being proxied to the service. |
policies -
[Policy!]
|
A list of policies associated with this proxy. |
updatedAt -
Time!
|
Time proxy was updated. |
vServerStatus -
[VServerStatus!]
|
Status values for the vServers. |
vServers -
[VServer!]
|
The back-end origin servers, ports and protocols that bind it to the front-end port. |
Example
{
"company": Company,
"createdAt": Time,
"deletedAt": Time,
"id": "abc123",
"ip": IPAddress,
"ipVersion": IPVersion,
"name": "xyz789",
"policies": [Policy],
"updatedAt": Time,
"vServerStatus": [VServerStatus],
"vServers": [VServer]
}
ProxyFilterInput
Input required if extra criteria are needed to constrain the queried results.
| Input Field | Description |
|---|---|
id -
String
|
If provided, ID of proxy to be queried. |
includeDeleted -
Boolean! default = false |
If true is provided, proxies returned will include deleted Proxies. |
Example
{"id": "abc123", "includeDeleted": false}
ProxyLoadBalanceMethod
Load-balancing options.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ProxyLoadBalancePersistenceType
Type of session persistence to apply to requests.
| Enum Value | Description |
|---|---|
|
|
|
|
|
ProxyPackage
Per-Company Proxy settings.
| Field Name | Description |
|---|---|
apiEnabled -
Boolean!
|
Specifies whether the Ultra API offering is enabled for this company's VIPs. |
basicWAFEnabled -
Boolean!
|
Specifies whether the basic Web Application Firewall offering is enabled for this company's VIPs. |
botEnabled -
Boolean!
|
Specifies whether the Bot Management offering is enabled for this company's VIPs. |
dName -
String!
|
The identifier of the owning company. |
edgeEnabled -
Boolean!
|
Specifies whether the Ultra Edge offering is enabled for this company's VIPs. |
enableHTTPSPacketInspection -
Boolean!
|
Specifies whether HTTPS packet introspection is turned on. |
enabled -
Boolean!
|
Whether proxy access is enabled for the Company. |
managedObjects -
[ManagedObject!]
|
List of proxy managed objects. |
maxSSLCertificates -
UnsignedInt16!
|
Specifies the max number of SSL certificates that can be configured for this company on all its VIPs combined. |
maxWAFSignatures -
UnsignedInt16!
|
Specifies the max number of signatures allowed for this company for its Web Application Firewall. |
networkEnabled -
Boolean!
|
Specifies whether the VIP network is enabled. |
policyEnabled -
Boolean!
|
Specifies whether L7 policies are enabled for Virtual IPs. |
proxyType -
ProxyType
|
Specifies type of proxy (hardware/cloud/none) for this company. |
ultraWAFEnabled -
Boolean!
|
Specifies whether the Ultra Web Application Firewall offering is enabled for this company's VIPs. |
vipCategory -
String!
|
Specifies the Virtual IP Category for this company. |
vipPoolAllocationLimit -
UnsignedInt32!
|
Specifies the max number of Virtual IPs that can be allocated to this company. |
wafEnabled -
Boolean!
|
Specifies whether Web Application Firewall is enabled for this company's Virtual IPs. |
Example
{
"apiEnabled": true,
"basicWAFEnabled": true,
"botEnabled": false,
"dName": "xyz789",
"edgeEnabled": true,
"enableHTTPSPacketInspection": false,
"enabled": false,
"managedObjects": [ManagedObject],
"maxSSLCertificates": UnsignedInt16,
"maxWAFSignatures": UnsignedInt16,
"networkEnabled": true,
"policyEnabled": false,
"proxyType": ProxyType,
"ultraWAFEnabled": false,
"vipCategory": "xyz789",
"vipPoolAllocationLimit": UnsignedInt32,
"wafEnabled": false
}
ProxyProtocol
Allowed list of values for the front end protocol of a proxy.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ProxyProvisioningStatus
Possible states of a proxy provisioning.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
ProxyType
Defines type of proxy virtual IP offering.
| Enum Value | Description |
|---|---|
|
|
Indicates VIPs on a cloud load balancer offering. |
|
|
Indicates VIPs on a hardware load balancer offering. |
|
|
Indicates no Proxy. |
RecurringExecutiveReportConfiguration
Recurring report configuration.
| Field Name | Description |
|---|---|
createdAt -
Time
|
Timestamp the report configuration was created at. |
description -
String
|
Description of Report Configuration. |
enabled -
Boolean
|
If true, this report configuration generates reports. |
from -
Time
|
Timestamp from when the first report is generated by this configuration. |
id -
String!
|
ID of recurring report configuration. |
includeBot -
Boolean
|
If true, includes Bot mitigation summary in the report. |
includeDDOS -
Boolean
|
If true, includes DDOS mitigation summary in the report. |
includeWAF -
Boolean
|
If true, includes WAF violation summary in the report. |
name -
String!
|
Name of recurring report configuration. |
notification -
ExecutiveReportNotificationDetails
|
List of email recepients of generated reports. |
period -
ExecutiveReportPeriod!
|
Metric summary interval of report. |
reportType -
ExecutiveReportType!
|
Type of report. |
to -
Time
|
Timestamp when this report configuration will expire and won't be run after. |
Example
{
"createdAt": Time,
"description": "abc123",
"enabled": false,
"from": Time,
"id": "xyz789",
"includeBot": true,
"includeDDOS": true,
"includeWAF": false,
"name": "xyz789",
"notification": ExecutiveReportNotificationDetails,
"period": ExecutiveReportPeriod,
"reportType": ExecutiveReportType,
"to": Time
}
RecurringExecutiveReportConfigurationsWithPagination
Paginated recurring report configurations.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
Pagination settings. |
results -
[RecurringExecutiveReportConfiguration!]
|
List of recurring report configurations. |
Example
{
"pageInfo": Pagination,
"results": [RecurringExecutiveReportConfiguration]
}
ResponderAction
Allowed values for the responder action.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
ResponderAnalyticsResponse
| Field Name | Description |
|---|---|
groups -
[ResponderLogGroup!]
|
|
logs -
ResponderLogsWithPagination
|
|
timeSeriesData -
[ResponderLogTimeSeries!]
|
Example
{
"groups": [ResponderLogGroup],
"logs": ResponderLogsWithPagination,
"timeSeriesData": [ResponderLogTimeSeries]
}
ResponderField
Allowed values for the responder match field.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ResponderLog
Represents a Responder Policy log.
| Field Name | Description |
|---|---|
cookies -
String
|
The cookies in the original request. |
customer -
String
|
The customer account dname. |
destinationIP -
IPAddress
|
The destination IP the request was intended for. |
destinationPort -
UnsignedInt16
|
The destination port the request was intended for. |
domain -
String
|
The domain the request was intended for. |
host -
String
|
The hostname in the request. |
logType -
ResponderLogType
|
The responder log type |
method -
String
|
The HTTP method used. |
policyKey -
String
|
The policy key tied to this responder. |
responderAction -
String
|
The responder_action that caused this violation log. |
responderName -
String
|
The responder name in our DB. This will be null for log type network_control. |
sourceIP -
IPAddress
|
The source IP the request was intended for. |
timestamp -
LogTime
|
The timestamp of the violation log. |
uri -
String
|
The uri in the request. |
version -
String
|
The version. |
Example
{
"cookies": "abc123",
"customer": "xyz789",
"destinationIP": IPAddress,
"destinationPort": UnsignedInt16,
"domain": "abc123",
"host": "abc123",
"logType": ResponderLogType,
"method": "xyz789",
"policyKey": "xyz789",
"responderAction": "xyz789",
"responderName": "xyz789",
"sourceIP": IPAddress,
"timestamp": LogTime,
"uri": "abc123",
"version": "xyz789"
}
ResponderLogDimension
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ResponderLogFilterInput
Represents a Responder log filter input.
| Input Field | Description |
|---|---|
all -
String
|
When set, the application looks in all the filters (destionationIP,sourceIP,uri,responderAction) for the input string. |
destinationIP -
IPAddressInput
|
The destination IP of the request. |
logType -
ResponderLogType
|
The responder log type |
responderAction -
String
|
The responder action triggering the logs. |
sourceIP -
IPAddressInput
|
The source IP of the request. |
uri -
String
|
The uri which cause the violation. |
Example
{
"all": "xyz789",
"destinationIP": IPAddressInput,
"logType": ResponderLogType,
"responderAction": "xyz789",
"sourceIP": IPAddressInput,
"uri": "xyz789"
}
ResponderLogGroup
A responder log group object.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
The count of responder logs in this group. |
key -
String!
|
The group name. |
Example
{"count": UnsignedInt32, "key": "abc123"}
ResponderLogGroupByField
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ResponderLogGroupByInput
| Input Field | Description |
|---|---|
direction -
SortDirection! default = "DESCENDING" |
The order of the groups listed (ascending or descending). |
field -
ResponderLogGroupByField!
|
|
timeInterval -
TimeInterval
|
Example
{
"direction": "DESCENDING",
"field": ResponderLogGroupByField,
"timeInterval": TimeInterval
}
ResponderLogSortBy
Represents a responder log sort input.
| Input Field | Description |
|---|---|
dimension -
ResponderLogDimension!
|
The dimension that will be used to sort the logs. |
direction -
SortDirection! default = "DESCENDING" |
The order of the sort (ascending or descending). |
Example
{
"dimension": ResponderLogDimension,
"direction": "DESCENDING"
}
ResponderLogTimeSeries
| Field Name | Description |
|---|---|
cnt -
UnsignedInt64!
|
|
key -
String!
|
|
ts -
Time!
|
Example
{
"cnt": UnsignedInt64,
"key": "xyz789",
"ts": Time
}
ResponderLogsWithPagination
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
|
results -
[ResponderLog!]
|
Example
{
"pageInfo": Pagination,
"results": [ResponderLog]
}
ResponderMatch
A responder match in a given responder policy.
| Field Name | Description |
|---|---|
field -
ResponderField!
|
The field name for the match. |
operand -
ResponderOperand!
|
The operand to be used for the match. |
value -
String!
|
The value to be used for the match. |
Example
{
"field": ResponderField,
"operand": ResponderOperand,
"value": "xyz789"
}
ResponderMatchInput
Create a responder match in a given responder policy.
| Input Field | Description |
|---|---|
field -
ResponderField!
|
The field name for the match. |
operand -
ResponderOperand!
|
The operand to be used for the match. |
value -
String!
|
The value to be used for the match. |
Example
{
"field": ResponderField,
"operand": ResponderOperand,
"value": "xyz789"
}
ResponderOperand
Allowed values for the responder match operand.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ResponderPolicy
A responder policy for a given policy.
| Field Name | Description |
|---|---|
action -
ResponderAction!
|
Action to be taken when the responder matches are found. |
name -
String!
|
The name of the responder policy. |
responderMatches -
[ResponderMatch!]
|
List of responder matches for this responder policy. |
response -
String
|
Response to be returned when the responder matches. NA when action is LOG OR DROP. Value is a URL when the action is REDIRECT_TO, value is a text found when action is when the action is RESPOND_WITH. |
Example
{
"action": ResponderAction,
"name": "abc123",
"responderMatches": [ResponderMatch],
"response": "abc123"
}
ResponderPolicyInput
Create a responder policy for a given policy.
| Input Field | Description |
|---|---|
action -
ResponderAction!
|
Action to be taken when the responder matches are found. |
name -
String!
|
The name of the responder policy. |
responderMatches -
[ResponderMatchInput!]
|
List of responder matches for this responder policy. |
response -
String
|
Response to be returned when the responder matches. NA when action is LOG OR DROP. Value is a URL when the action is REDIRECT_TO, value is a text found when action is when the action is RESPOND_WITH. |
Example
{
"action": ResponderAction,
"name": "xyz789",
"responderMatches": [ResponderMatchInput],
"response": "abc123"
}
Router
Router Configuration
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
flowConfig -
FlowConfig
|
Flow configuration. |
id -
String!
|
Router identifier. |
name -
String!
|
|
snmpConfig -
SNMPConfig
|
SNMP configuration. |
Example
{
"company": Company,
"flowConfig": FlowConfig,
"id": "xyz789",
"name": "abc123",
"snmpConfig": SNMPConfig
}
RouterStatistics
| Field Name | Description |
|---|---|
interfaces -
[Interface!]!
|
|
router -
Router
|
|
traffic -
[TrafficData!]!
|
Example
{
"interfaces": [Interface],
"router": Router,
"traffic": [TrafficData]
}
RunningACL
The Running ACL.
| Field Name | Description |
|---|---|
approvedDatetimestamp -
String!
|
The datetimestamp of when the Running ACL was approved |
configuration -
String!
|
The JSON configuration of the ACL. |
id -
String!
|
The identifier of the running ACL. |
Example
{"approvedDatetimestamp": "xyz789", "configuration": "abc123", "id": "xyz789"}
RunningACLDeploymentStatus
The deployment status of a running ACL.
| Field Name | Description |
|---|---|
deploymentState -
ACLDeploymentState!
|
The overall deployment status of the running ACL. |
scrubbingCenters -
[RunningACLScrubbingCenterDeploymentStatus!]
|
The deployment status of the running ACL by scrubbing center. |
Example
{
"deploymentState": ACLDeploymentState,
"scrubbingCenters": [
RunningACLScrubbingCenterDeploymentStatus
]
}
RunningACLScrubbingCenterDeploymentStatus
The deployment status of a running ACL for a specific scrubbing center.
| Field Name | Description |
|---|---|
deploymentState -
ACLDeploymentState!
|
The deployment state of an ACL for the corresponding scrubbing center. |
scrubbingCenter -
String!
|
The three letter descriptor of the node. |
Example
{
"deploymentState": ACLDeploymentState,
"scrubbingCenter": "abc123"
}
SAMLConfigStatus
Status of SAML configuration.
| Enum Value | Description |
|---|---|
|
|
Domain name for SSO is set and enabled. |
|
|
Connection to IDP failed. |
|
|
Connection to IDP Passed and the user attributes are as expected. |
|
|
Configuration in Progress. |
SAMLInput
Input needed for update.
| Input Field | Description |
|---|---|
id -
String!
|
Identifier of SSO Configuration. |
Example
{"id": "abc123"}
SAMLOutput
Output of Create/Update/Commit SAML Mutation.
| Field Name | Description |
|---|---|
config -
SSOConfig!
|
SSO Config in DB. |
Example
{"config": SSOConfig}
SIPMalformedDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
SIPRequestLimitingDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
SNMPConfig
SNMP Configuration
| Field Name | Description |
|---|---|
community -
String!
|
SNMP community settings. |
ipAddress -
IPAddress!
|
SNMP server IP address. |
Example
{"community": "abc123", "ipAddress": IPAddress}
SQLInjectionType
Allowed list of injection types.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SSOConfig
SSOConfig Definition.
| Field Name | Description |
|---|---|
auth0ConnectionID -
String
|
Auth0 Connection ID. |
connectionName -
String!
|
Internally Generated Connection Name. |
createdAt -
Time!
|
Time Created. |
deletedAt -
Time
|
Time Deleted. |
domain -
[String!]
|
Domain. |
id -
String!
|
ID for the ssoconfig. |
protocolBinding -
Protocol
|
Protocol Binding. |
requestTemplate -
String
|
Request Template (XML). |
signInURL -
String
|
Sign in URL. |
signatureAlgorithm -
Algorithm
|
Signature Algorithm. |
signatureDigestAlgorithm -
Algorithm
|
Signature Digest Algorithm. |
signatureRequest -
Boolean
|
Signature Info. |
sslCertificate -
String!
|
SSL Certificate. |
status -
SAMLConfigStatus!
|
Status. |
updatedAt -
Time!
|
Time Updated. |
userIDAttributes -
String
|
UserID Attributes. |
Example
{
"auth0ConnectionID": "xyz789",
"connectionName": "xyz789",
"createdAt": Time,
"deletedAt": Time,
"domain": ["abc123"],
"id": "abc123",
"protocolBinding": Protocol,
"requestTemplate": "xyz789",
"signInURL": "abc123",
"signatureAlgorithm": Algorithm,
"signatureDigestAlgorithm": Algorithm,
"signatureRequest": true,
"sslCertificate": "xyz789",
"status": SAMLConfigStatus,
"updatedAt": Time,
"userIDAttributes": "abc123"
}
SSOPackage
Specifies SSO configuration for company.
| Field Name | Description |
|---|---|
companyDName -
String!
|
The identifier of the owning company. |
config -
SSOConfig
|
SSO configuration for the company. |
enabled -
Boolean!
|
Whether SSO is enabled for the Company. |
idpInfo -
IDPInfo
|
IDP configuration document info. |
Example
{
"companyDName": "xyz789",
"config": SSOConfig,
"enabled": true,
"idpInfo": IDPInfo
}
SemicolonFieldSeparator
A Semicolon field separator countermeasure.
| Field Name | Description |
|---|---|
enabled -
Boolean
|
Whether the countermeasure is enabled. |
Example
{"enabled": false}
SendACLChangeRequestInput
Send an ACL Change Request.
| Input Field | Description |
|---|---|
candidateACLID -
String
|
The identifier of the Candidate ACL being replaced. |
companyDName -
String!
|
The identifier of the owning company. |
draftACLID -
String!
|
The identifier of the Draft ACL being submitted for SOC approval. |
Example
{"candidateACLID": "xyz789", "companyDName": "xyz789", "draftACLID": "xyz789"}
SendEmailOutput
Output from Sent Email.
| Field Name | Description |
|---|---|
statusCode -
String!
|
Status code for the send email. |
Example
{"statusCode": "xyz789"}
SendTestNotificationInput
Send Test Notification.
| Input Field | Description |
|---|---|
company -
String!
|
Company dname identifier. |
Example
{"company": "abc123"}
SendTestNotificationOutput
Output from Sent Test Notification.
| Field Name | Description |
|---|---|
statusCode -
String!
|
Status code for the test notification. |
Example
{"statusCode": "xyz789"}
SendUserActivationEmailInput
Send user activation email.
| Input Field | Description |
|---|---|
id -
String!
|
ID of the user to send activation email. |
Example
{"id": "abc123"}
SendUserPasswordResetEmailInput
Send user password reset email.
| Input Field | Description |
|---|---|
id -
String!
|
ID of the user to send password reset email. |
Example
{"id": "abc123"}
SessionlessFieldConsistency
Allowed values for SessionlessFieldConsistency. To use Sessionless Field Consistency on all web forms use ON. To use it only for forms submitted with the HTTP POST method, select POST_ONLY.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
ShapingDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
SignatureMatchFormat
Allowed values for a custom signature match format.
| Enum Value | Description |
|---|---|
|
|
|
|
|
SignatureRequestArea
Allowed values for a custom signature request area.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SignatureRequestRule
A WAF custom signature request rule.
| Field Name | Description |
|---|---|
area -
SignatureRequestArea!
|
Area where this rule would apply. |
cookieRule -
CookieSignatureRule
|
A cookie rule, if exists. For a given request rule, only one of cookie, header or form field can exist. |
formFieldSignatureRule -
FormFieldSignatureRule
|
A form field rule, if exists. For a given request rule, only one of cookie, header or form field can exist. |
headerRule -
HeaderSignatureRule
|
A header rule , if exists. For a given request rule, only one of cookie, header or form field can exist. |
match -
String!
|
A match string. |
matchFormat -
SignatureMatchFormat!
|
A format for matching from allowed list of formats. |
Example
{
"area": SignatureRequestArea,
"cookieRule": CookieSignatureRule,
"formFieldSignatureRule": FormFieldSignatureRule,
"headerRule": HeaderSignatureRule,
"match": "abc123",
"matchFormat": SignatureMatchFormat
}
SignatureRequestRuleInput
Create a WAF custom signature request rule.
| Input Field | Description |
|---|---|
area -
SignatureRequestArea!
|
Area where this rule would apply. |
cookieRule -
CookieSignatureRuleInput
|
A cookie rule, if exists. For a given request rule, only one of cookie, header or form field can exist. |
formFieldSignatureRule -
FormFieldSignatureRuleInput
|
A form field rule, if exists. For a given request rule, only one of cookie, header or form field can exist. |
headerRule -
HeaderSignatureRuleInput
|
A header rule , if exists. For a given request rule, only one of cookie, header or form field can exist. |
match -
String!
|
A match string. |
matchFormat -
SignatureMatchFormat!
|
A format for matching from allowed list of formats. |
Example
{
"area": SignatureRequestArea,
"cookieRule": CookieSignatureRuleInput,
"formFieldSignatureRule": FormFieldSignatureRuleInput,
"headerRule": HeaderSignatureRuleInput,
"match": "xyz789",
"matchFormat": SignatureMatchFormat
}
SignatureResponseArea
Allowed values for a custom signature response area.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
SignatureResponseRule
A WAF custom signature response rule.
| Field Name | Description |
|---|---|
area -
SignatureResponseArea!
|
Area where this rule would apply. |
match -
String!
|
A match string. |
matchFormat -
SignatureMatchFormat!
|
A format for matching from allowed list of formats. |
Example
{
"area": SignatureResponseArea,
"match": "xyz789",
"matchFormat": SignatureMatchFormat
}
SignatureResponseRuleInput
Create a WAF custom signature response rule.
| Input Field | Description |
|---|---|
area -
SignatureResponseArea!
|
Area where this rule would apply. |
match -
String!
|
A match string. |
matchFormat -
SignatureMatchFormat!
|
A format for matching from allowed list of formats. |
Example
{
"area": SignatureResponseArea,
"match": "abc123",
"matchFormat": SignatureMatchFormat
}
SignatureRuleFormat
Allowed values for a custom signature rule format.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Status
State possible status of an entity.
| Enum Value | Description |
|---|---|
|
|
The entity is down or non-operational. |
|
|
The entity state is not available. |
|
|
The entity is operational. |
StatusData
| Field Name | Description |
|---|---|
groupedBy -
StatusDimension!
|
How the results are aggregated. |
Example
{"groupedBy": StatusDimension}
StatusGroupBy
Used to group different entities status.
| Input Field | Description |
|---|---|
dimension -
StatusDimension!
|
Example
{"dimension": StatusDimension}
StatusOutput
The status' of a company's entities.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
data -
StatusData!
|
The returned data for a company's entity's status. |
Example
{
"company": Company,
"data": StatusData
}
String
The String scalar type represents textual data, represented as UTF-8 character sequences. The String type is most often used by GraphQL to represent free-form human-readable text.
TCPConnectionLimitingDDOSCountermeasure
| Field Name | Description |
|---|---|
blacklist -
Boolean!
|
|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
idleTimeout -
Int!
|
|
ignoreIdle -
Boolean!
|
|
maxConnections -
Int!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"blacklist": false,
"company": Company,
"id": "abc123",
"idleTimeout": 123,
"ignoreIdle": true,
"maxConnections": 987,
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
TCPConnectionResetDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "abc123",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
TCPSYNAuthDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
TLSCipher
Allowed list of TLS cipher suites.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TLSNegotiationDDOSCountermeasure
| Field Name | Description |
|---|---|
clientCanAlert -
Boolean!
|
|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
maxCipherSuites -
Int!
|
|
maxEarlyClose -
Int!
|
|
maxExtensions -
Int!
|
|
maxPendSecs -
Int!
|
|
minPendSecs -
Int!
|
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"clientCanAlert": true,
"company": Company,
"id": "xyz789",
"maxCipherSuites": 987,
"maxEarlyClose": 123,
"maxExtensions": 987,
"maxPendSecs": 123,
"minPendSecs": 123,
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
TLSOptions
These are TLS settings for a virtual server that is using TLS/SSL.
| Field Name | Description |
|---|---|
cipherSelection -
CipherSelectionMode!
|
Cipher Selection options viz. DEFAULT or CUSTOM. |
ciphers -
[TLSCipher!]
|
List of TLS ciphers. |
commonName -
String
|
Common name to be sent with request to back-end origin(s). |
forceBackendSNI -
Boolean!
|
Forces back-end SNI support between the proxy and the origin, sending the specified common name to initiate SNI to the back end. |
hstsEnabled -
Boolean!
|
Flag indicating whether or not to follow HTTP Strict Transport Security. |
hstsIncludeSubdomains -
Boolean!
|
Flag indicating whether to include subdomains parameter in HSTS. |
hstsMaxAge -
UnsignedInt32!
|
MaxAge parameter for HSTS in seconds. |
hstsPreload -
Boolean!
|
Flag indicating whether to include preload parameter in HSTS. |
minTLSVersion -
MinTLSVersion!
|
Minimum TLS versions to support. TLS 1.3 is support only for front end. |
Example
{
"cipherSelection": CipherSelectionMode,
"ciphers": [TLSCipher],
"commonName": "xyz789",
"forceBackendSNI": false,
"hstsEnabled": true,
"hstsIncludeSubdomains": false,
"hstsMaxAge": UnsignedInt32,
"hstsPreload": true,
"minTLSVersion": MinTLSVersion
}
TLSOptionsInput
Define TLS options for a virtual server.
| Input Field | Description |
|---|---|
cipherSelection -
CipherSelectionMode! default = "DEFAULT" |
Cipher Selection options viz. DEFAULT or CUSTOM. |
ciphers -
[TLSCipher!]
|
List of TLS ciphers. At least one cipher should be selected for every version equal to and above the selected version. If not, default list of secure ciphers will be applied. |
commonName -
String!
|
Common name to be sent with request to back end origin(s). |
forceBackendSNI -
Boolean! default = false |
Forces back-end SNI support between the proxy and the origin, sending the specified common name to initiate SNI to the back end. |
hstsEnabled -
Boolean! default = false |
Flag indicating to follow HTTP Strict Transport Security. |
hstsIncludeSubdomains -
Boolean! default = false |
Flag indicating whether to include subdomains parameter in HSTS. |
hstsMaxAge -
UnsignedInt32! default = 63072000 |
MaxAge parameter for HSTS in seconds. Default is 2 years |
hstsPreload -
Boolean! default = false |
Flag indicating whether to include preload parameter in HSTS. |
minTLSVersion -
MinTLSVersion!
|
Minimum TLS versions to support. |
Example
{
"cipherSelection": "DEFAULT",
"ciphers": [TLSCipher],
"commonName": "abc123",
"forceBackendSNI": false,
"hstsEnabled": false,
"hstsIncludeSubdomains": false,
"hstsMaxAge": 63072000,
"hstsPreload": false,
"minTLSVersion": MinTLSVersion
}
ThresholdInput
Create a WAF Application Security (AppSec) Threshold.
| Input Field | Description |
|---|---|
bucketDurationSeconds -
UnsignedInt32! default = 60 |
Time period within which the minimum number of violations need to occur in order to generate alerts. (allowed values : 60). |
count -
UnsignedInt32!
|
Minimum number of violations for generating alerts.(allowed value range: 1-1000). |
Example
{"bucketDurationSeconds": 60, "count": UnsignedInt32}
Time
Time represents a specific point in time, often adhering to the ISO-8601 standard format.
Example
object
TimeInterval
A time interval.
| Input Field | Description |
|---|---|
interval -
UnsignedInt16!
|
The interval value. |
unit -
TimeUnit!
|
The time units of the interval value. |
Example
{
"interval": UnsignedInt16,
"unit": TimeUnit
}
TrafficData
| Field Name | Description |
|---|---|
field -
TrafficField!
|
The data type queried. |
from -
Time
|
The start time (inclusive) of the data fetched. |
groupedBy -
[TrafficDimension!]
|
How the results are aggregated. |
id -
ID!
|
A unique identifier per query or subscription. |
metric -
TrafficMetric!
|
The metric queried. |
to -
Time
|
The end time (exclusive) of the data fetched. |
trafficType -
TrafficType
|
The source of traffic. |
value -
Float
|
If no groupedBy is present, or the top-level groupedBy has includeRollup: true, this will be the overall value. Null returned for NaN and Infinity. |
Example
{
"field": TrafficField,
"from": Time,
"groupedBy": [TrafficDimension],
"id": ID,
"metric": TrafficMetric,
"to": Time,
"trafficType": TrafficType,
"value": 987.65
}
TrafficDimension
Dimensions that results may be grouped by.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TrafficField
Field values that can be included in TrafficData.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TrafficFilterInput
TrafficFilterInput is used to filter results.
| Input Field | Description |
|---|---|
trafficTypes -
[TrafficType!] default = ["ALL"] |
Traffic type: PROXY, BGP, or ALL |
Example
{"trafficTypes": [ALL]}
TrafficGroupBy
TrafficGroupBy used to group mitigated traffic data.
| Input Field | Description |
|---|---|
dimension -
TrafficDimension!
|
The specific dimension used to group the mitigated traffic data. |
Example
{"dimension": TrafficDimension}
TrafficMetric
Metrics that can be reported for fields.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
TrafficOutput
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
data -
TrafficData
|
List of clean traffic data. |
Example
{
"company": Company,
"data": TrafficData
}
TrustedSourcesWithPagination
A paginated list of trusted IP sources. Traffic at these sources are used by the learning feature to generate recommendations.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[TrustedSource!]
|
The trusted sources. |
Example
{
"pageInfo": Pagination,
"results": [TrustedSource]
}
Tunnel
Network tunnel to send clean traffic through.
| Field Name | Description |
|---|---|
addressV4 -
[IPv4Address!]
|
IPv4 address of the tunnel, network-side. |
addressV6 -
[IPv6Address!]
|
IPv6 address of the tunnel, network-side. |
customerAddressV4 -
[IPv4Address!]
|
IPv4 address of the tunnel, customer-side. |
customerAddressV6 -
[IPv6Address!]
|
IPv6 address of the tunnel, customer-side. |
customerDescription -
String
|
Human-readable description. |
description -
String!
|
Brief description generated by the system. |
destinationIPs -
[CIDR!]
|
Destination IPs sent through this tunnel. |
devices -
[String!]
|
Internal descriptors for network devices implementing the tunnel. |
id -
String!
|
The unique identifier to distinguish tunnels. This identifier is same as the qualified device interface path. |
interfacePath -
String
|
Qualified Device Interface Path. |
networkNodes -
[NetworkNode!]
|
Physical interconnect points. |
tunnelDestination -
String
|
Tunnel destination description. |
tunnelSource -
String
|
Tunnel source description. |
type -
TunnelType!
|
Tunnel type. |
Example
{
"addressV4": [IPv4Address],
"addressV6": [IPv6Address],
"customerAddressV4": [IPv4Address],
"customerAddressV6": [IPv6Address],
"customerDescription": "abc123",
"description": "abc123",
"destinationIPs": [CIDR],
"devices": ["xyz789"],
"id": "abc123",
"interfacePath": "abc123",
"networkNodes": [NetworkNode],
"tunnelDestination": "abc123",
"tunnelSource": "xyz789",
"type": TunnelType
}
UDPReflectionAmpDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
UDPSessionAuthDDOSCountermeasure
| Field Name | Description |
|---|---|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"company": Company,
"id": "xyz789",
"name": "xyz789",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}
UpdateAllUserNotificationRecordsInput
Update all user notification records.
| Input Field | Description |
|---|---|
userID -
String
|
User ID to mark all notification records read. |
Example
{"userID": "abc123"}
UpdateAllUserNotificationRecordsOutput
Output from updating all user notification records.
| Field Name | Description |
|---|---|
userID -
String!
|
Example
{"userID": "abc123"}
UpdateBotBlackListInput
Modify a black list countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean
|
Whether the black list countermeasure is enabled. |
types -
[BotBlackListBindingInput!]
|
List of black list bindings. |
Example
{"enabled": true, "types": [BotBlackListBindingInput]}
UpdateBotCAPTCHAInput
Modify a CAPTCHA countermeasure.
| Input Field | Description |
|---|---|
resources -
[BotCAPTCHABindingInput!]
|
List of CAPTCHA bindings. |
Example
{"resources": [BotCAPTCHABindingInput]}
UpdateBotDeviceFingerprintInput
Modify a device fingerprint countermeasure.
| Input Field | Description |
|---|---|
action -
BotDeviceFingerprintAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
enabled -
Boolean
|
Whether the device fingerprint countermeasure is enabled. |
response -
BotResponse
|
Response to be taken. |
Example
{
"action": BotDeviceFingerprintAction,
"enabled": false,
"response": BotResponse
}
UpdateBotIPReputationInput
Modify an IP reputation countermeasure.
| Input Field | Description |
|---|---|
categories -
[BotIPReputationBindingInput!]
|
List of IP reputation bindings. |
enabled -
Boolean
|
Whether the IP reputation countermeasure is enabled. |
Example
{
"categories": [BotIPReputationBindingInput],
"enabled": true
}
UpdateBotProfileInput
Modify a bot profile.
| Input Field | Description |
|---|---|
blackList -
UpdateBotBlackListInput
|
The black list countermeasure settings. |
botTrap -
UpdateBotTrapInput
|
The bot trap countermeasure settings. |
captcha -
UpdateBotCAPTCHAInput
|
The CAPTCHA countermeasure settings. |
deviceFingerprint -
UpdateBotDeviceFingerprintInput
|
The device fingerprint countermeasure settings. |
enabled -
Boolean
|
Whether the bot profile is enabled. |
ipReputation -
UpdateBotIPReputationInput
|
The IP reputation countermeasure settings. |
rateLimit -
UpdateBotRateLimitInput
|
The rate limit countermeasure settings. |
signatures -
UpdateBotSignaturesInput
|
The bot signatures settings. |
tps -
UpdateBotTPSInput
|
The TPS countermeasure settings. |
whiteList -
UpdateBotWhiteListInput
|
The white list countermeasure settings. |
Example
{
"blackList": UpdateBotBlackListInput,
"botTrap": UpdateBotTrapInput,
"captcha": UpdateBotCAPTCHAInput,
"deviceFingerprint": UpdateBotDeviceFingerprintInput,
"enabled": false,
"ipReputation": UpdateBotIPReputationInput,
"rateLimit": UpdateBotRateLimitInput,
"signatures": UpdateBotSignaturesInput,
"tps": UpdateBotTPSInput,
"whiteList": UpdateBotWhiteListInput
}
UpdateBotRateLimitInput
Modify a rate limit countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean
|
Whether the rate limit countermeasure is enabled. |
resources -
[BotRateLimitBindingInput!]
|
List of rate limit bindings. |
Example
{"enabled": true, "resources": [BotRateLimitBindingInput]}
UpdateBotSignaturesInput
Modify bot signatures.
| Input Field | Description |
|---|---|
configuredBaseSignatures -
[ConfiguredBaseBotSignatureInput!]
|
List of bot signatures. |
enabled -
Boolean
|
Whether bot signatures are enabled. |
Example
{
"configuredBaseSignatures": [
ConfiguredBaseBotSignatureInput
],
"enabled": false
}
UpdateBotTPSInput
Modify a TPS countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean
|
Whether the TPS countermeasure is enabled. |
resources -
[BotTPSBindingInput!]
|
List of TPS bindings. |
Example
{"enabled": true, "resources": [BotTPSBindingInput]}
UpdateBotTrapInput
Modify a bot trap countermeasure.
| Input Field | Description |
|---|---|
action -
BotTrapAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
enabled -
Boolean
|
Whether the bot trap countermeasure is enabled. |
insertionURLs -
[BotTrapBindingInput!]
|
List of bot trap bindings. |
response -
BotResponse
|
Response to be taken. |
Example
{
"action": BotTrapAction,
"enabled": true,
"insertionURLs": [BotTrapBindingInput],
"response": BotResponse
}
UpdateBotWhiteListInput
Modify a white list countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean
|
Whether the white list countermeasure is enabled. |
types -
[BotWhiteListBindingInput!]
|
List of white list bindings. |
Example
{"enabled": true, "types": [BotWhiteListBindingInput]}
UpdateBufferOverflowInput
Modify a buffer overflow countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
maxCookieLength -
UnsignedInt16
|
Maximum cookie length (in character) in requests to the protected web sites. Requests with longer cookie lengths will be blocked. |
maxHeaderLength -
UnsignedInt16
|
Maximum HTTP header length (in characters) in requests to the protected web sites. Requests with longer headers will be blocked. |
maxURLLength -
UnsignedInt16
|
Maximum URL length (in characters) of the protected web sites. Requests with longer URLs will be blocked. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for buffer overflow violations. |
Example
{
"action": WAFAction,
"maxCookieLength": UnsignedInt16,
"maxHeaderLength": UnsignedInt16,
"maxURLLength": UnsignedInt16,
"threshold": ThresholdInput
}
UpdateCSRFSettingsInput
Modify a cross-site request forgery countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
learn -
Boolean
|
A flag to enable or disable learning. |
relaxationRules -
[CSRFRelaxationRuleInput!]
|
A list of CSRF relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for CSRF violations. |
Example
{
"action": WAFAction,
"learn": false,
"relaxationRules": [CSRFRelaxationRuleInput],
"threshold": ThresholdInput
}
UpdateCommandInjectionInput
Modify a command injection countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
commandInjectionType -
CommandInjectionType!
|
A command injection type. |
relaxationRules -
[CommandInjectionRelaxationRuleInput!]
|
A list of command injection relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for command injection violations. |
Example
{
"action": WAFAction,
"commandInjectionType": CommandInjectionType,
"relaxationRules": [
CommandInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
UpdateCompanyNotificationConfigurationInput
Update a Company notification configuration.
| Input Field | Description |
|---|---|
categories -
[CategoryConfigurationInput!]
|
The list of global category notification configurations. |
channel -
ChannelConfigurationInput
|
Global notification channel configurations. |
company -
String
|
Company dname identifier. |
enabled -
Boolean
|
Enable or disable the company notification configuration. If empty it defaults to true. |
id -
String
|
ID of the company notification configuration to be updated. |
Example
{
"categories": [CategoryConfigurationInput],
"channel": ChannelConfigurationInput,
"company": "abc123",
"enabled": false,
"id": "abc123"
}
UpdateCompanyNotificationConfigurationOutput
Output from updating a Company notification configuration.
| Field Name | Description |
|---|---|
configuration -
CompanyNotificationConfiguration!
|
Example
{"configuration": CompanyNotificationConfiguration}
UpdateContentTypeInput
Modify a content type countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
learn -
Boolean
|
A flag to enable or disable learning. |
relaxationRules -
[ContentTypeRelaxationRuleInput!]
|
A list of content type relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for content type violations. |
Example
{
"action": WAFAction,
"learn": false,
"relaxationRules": [ContentTypeRelaxationRuleInput],
"threshold": ThresholdInput
}
UpdateCookieConsistencyInput
Modify a cookie consistency countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
learn -
Boolean
|
A flag to enable or disable learning. |
relaxationRules -
[CookieConsistencyRelaxationRuleInput!]
|
A list of relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for cookie consistency violations. |
Example
{
"action": WAFAction,
"learn": true,
"relaxationRules": [
CookieConsistencyRelaxationRuleInput
],
"threshold": ThresholdInput
}
UpdateDenyURLInput
Modify a deny URL countermeasures configuration.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
regexRules -
[DenyURLRuleInput!]
|
A list of deny URL regex rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for deny URL violations. |
Example
{
"action": WAFAction,
"regexRules": [DenyURLRuleInput],
"threshold": ThresholdInput
}
UpdateFieldFormatInput
Modify a field format countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
enforcementRules -
[FieldFormatEnforcementRuleInput!]
|
A list of enforcement rules. These are tightening rules, in order to relax some rules you need to remove them from this list. |
learn -
Boolean
|
A flag to enable or disable learning. |
maxLength -
UnsignedInt16
|
Maximum length of the field (in characters, allowed range 0-65535). Please note that distinguishing an integer from an alpha character requires at least one character. |
minLength -
UnsignedInt16
|
Minimum length of the field (in characters, allowed range 0-65535). Please note that distinguishing an integer from an alpha character requires at least one character. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for field format violations. |
type -
FieldFormatType
|
Allowed types for this field. |
Example
{
"action": WAFAction,
"enforcementRules": [FieldFormatEnforcementRuleInput],
"learn": false,
"maxLength": UnsignedInt16,
"minLength": UnsignedInt16,
"threshold": ThresholdInput,
"type": FieldFormatType
}
UpdateFormFieldConsistencyInput
Modify a form field consistency countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
fieldConsistencyExemptions -
[FormFieldConsistencyRuleInput!]
|
A list of exemption rules. |
learn -
Boolean
|
A flag to enable or disable learning. |
sessionlessFieldConsistency -
SessionlessFieldConsistency
|
When turned on, it checks only the web form structure. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for form field consistency violations. |
Example
{
"action": WAFAction,
"fieldConsistencyExemptions": [
FormFieldConsistencyRuleInput
],
"learn": true,
"sessionlessFieldConsistency": SessionlessFieldConsistency,
"threshold": ThresholdInput
}
UpdateHTMLSQLInjectionInput
Modify an HTML SQL injection countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
checkSQLWildChars -
Boolean
|
Whether to check for form fields that contain SQL wild chars. |
exemptCommentsWith -
CommentExemption
|
Exempts all comments of the given type. |
learn -
Boolean
|
A flag to enable or disable learning. |
relaxationRules -
[HTMLSQLInjectionRelaxationRuleInput!]
|
A list of XML SQL injection relaxation rules. |
sqlInjectionType -
SQLInjectionType
|
A SQL injection type. |
sqliGrammar -
Boolean
|
Enable SQL Injection grammar |
threshold -
ThresholdInput
|
Appsec Threshold configuration for HTML SQL injection violations. |
Example
{
"action": WAFAction,
"checkSQLWildChars": true,
"exemptCommentsWith": CommentExemption,
"learn": false,
"relaxationRules": [
HTMLSQLInjectionRelaxationRuleInput
],
"sqlInjectionType": SQLInjectionType,
"sqliGrammar": true,
"threshold": ThresholdInput
}
UpdateHTMLXSSInput
Modify an HTML cross-site scripting countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
checkCompleteURLs -
Boolean
|
A flag to enforce checks for complete URLs for cross-site scripts, instead of just the query portions of URLs. |
learn -
Boolean
|
A flag to enable or disable learning. |
relaxationRules -
[HTMLXSSRelaxationRuleInput!]
|
A list of HTML cross-site scripting relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for HTML cross-site scripting violations. |
Example
{
"action": WAFAction,
"checkCompleteURLs": true,
"learn": false,
"relaxationRules": [HTMLXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
UpdateHTTPRFCProfileInput
Modify an HTTP RFC Profile countermeasure.
| Input Field | Description |
|---|---|
action -
HTTPRFCProfileAction
|
Action to be taken when there is a non compliant request. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for HTTP RFC violations. |
Example
{
"action": HTTPRFCProfileAction,
"threshold": ThresholdInput
}
UpdateJSONCommandInjectionSettingsInput
Modufy a JSON command injection Settings Input.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
commandInjectionType -
CommandInjectionType
|
A Command injection type. |
relaxationRules -
[JSONCommandInjectionRelaxationRuleInput!]
|
A list of command injection rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for json command injection violations. |
Example
{
"action": WAFAction,
"commandInjectionType": CommandInjectionType,
"relaxationRules": [
JSONCommandInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
UpdateJSONCrossSiteScriptingSettingsInput
Modify a JSON cross-site scripting settings input to protect applications from XSS Attacks through JSON requests
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
relaxationRules -
[JSONXSSRelaxationRuleInput!]
|
A list of JSON XSS rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for JSON XSS violations. |
Example
{
"action": WAFAction,
"relaxationRules": [JSONXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
UpdateJSONDenialOfServiceSettingsInput
Modify a JSON Denial of Service Settings input to protect applications from Denial of Service Attacks through JSON requests
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
enforcementRule -
JSONDoSEnforcementRuleInput
|
A paginated list of enforcement rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for JSON DOS violations. |
Example
{
"action": WAFAction,
"enforcementRule": JSONDoSEnforcementRuleInput,
"threshold": ThresholdInput
}
UpdateJSONSQLInjectionSettingsInput
Modify a JSON SQL Injection Settings input to protect applications from SQL Injection attacks through JSON requests
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
relaxationRules -
[JSONSQLInjectionRelaxationRuleInput!]
|
A paginated list of SQL Injection rules. |
sqlInjectionType -
SQLInjectionType
|
A SQL injection type. |
sqliGrammar -
Boolean
|
Enable SQL Injection grammar |
threshold -
ThresholdInput
|
Appsec Threshold configuration for JSON SQL injection violations. |
Example
{
"action": WAFAction,
"relaxationRules": [
JSONSQLInjectionRelaxationRuleInput
],
"sqlInjectionType": SQLInjectionType,
"sqliGrammar": false,
"threshold": ThresholdInput
}
UpdateJSONSettingsInput
Modify a JSON Security Settings input to protect JSON Applications
| Input Field | Description |
|---|---|
jsonCommandInjectionSettings -
UpdateJSONCommandInjectionSettingsInput
|
JSON Command Injection Settings. |
jsonCrossSiteScriptingSettings -
UpdateJSONCrossSiteScriptingSettingsInput
|
JSON Cross Site Scripting Settings. |
jsonDenialOfServiceSettings -
UpdateJSONDenialOfServiceSettingsInput
|
JSON Denial Of Service Settings. |
jsonSQLInjectionSettings -
UpdateJSONSQLInjectionSettingsInput
|
JSON SQL Injection Settings. |
Example
{
"jsonCommandInjectionSettings": UpdateJSONCommandInjectionSettingsInput,
"jsonCrossSiteScriptingSettings": UpdateJSONCrossSiteScriptingSettingsInput,
"jsonDenialOfServiceSettings": UpdateJSONDenialOfServiceSettingsInput,
"jsonSQLInjectionSettings": UpdateJSONSQLInjectionSettingsInput
}
UpdateNetworkControlsInput
Modify network controls.
| Input Field | Description |
|---|---|
blockedCountries -
[CountryCode!]
|
A list of blocked countries. |
ipFilterList -
[IPFilterInput!]
|
A list of ip filters. |
Example
{
"blockedCountries": [CountryCode],
"ipFilterList": [IPFilterInput]
}
UpdateNotificationRecordOutput
Output from updating notification records.
| Field Name | Description |
|---|---|
records -
[NotificationRecord!]
|
Example
{"records": [NotificationRecord]}
UpdatePOSTBodyInput
Modify a POST BODY limit countermeasure.
| Input Field | Description |
|---|---|
limit -
UnsignedInt32
|
A post body size limit value. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for post body limit violations. |
Example
{
"limit": UnsignedInt32,
"threshold": ThresholdInput
}
UpdatePolicyInput
Modify a policy.
| Input Field | Description |
|---|---|
appSecThresholds -
[AppSecThresholdInput!]
|
The appsec thresholds associated to this policy. |
botProfile -
UpdateBotProfileInput
|
The bot profile associated to this policy. |
id -
String!
|
ID of the policy to be updated. |
name -
String
|
The name of the policy. |
networkControls -
UpdateNetworkControlsInput
|
The network controls associated to this policy. |
responderPolicies -
[ResponderPolicyInput!]
|
The responder polices associated to this policy. |
trustedSources -
[TrustedSourceInput!]
|
The trusted IP sources associated to this policy. Traffic at these sources are used by the learning feature to generate recommendations. |
wafProfile -
UpdateWAFProfileInput
|
The WAF profile associated to this policy. |
Example
{
"appSecThresholds": [AppSecThresholdInput],
"botProfile": UpdateBotProfileInput,
"id": "xyz789",
"name": "abc123",
"networkControls": UpdateNetworkControlsInput,
"responderPolicies": [ResponderPolicyInput],
"trustedSources": [TrustedSourceInput],
"wafProfile": UpdateWAFProfileInput
}
UpdatePolicyOutput
Returned when updating a policy.
| Field Name | Description |
|---|---|
policy -
Policy!
|
The updated policy. |
Example
{"policy": Policy}
UpdateProxyInput
Modify a proxy.
| Input Field | Description |
|---|---|
id -
String!
|
ID of the proxy to be updated. |
name -
String
|
Company the proxy configuration belongs to. |
policyIDs -
[String!]
|
A list of policies associated with this proxy. |
vServers -
[VServerInput!]
|
The back-end origin servers, ports and protocols that bind it to the front-end port. |
Example
{
"id": "xyz789",
"name": "abc123",
"policyIDs": ["xyz789"],
"vServers": [VServerInput]
}
UpdateProxyOutput
Output from updating a proxy.
| Field Name | Description |
|---|---|
proxy -
Proxy!
|
The updated proxy. |
Example
{"proxy": Proxy}
UpdateRecurringExecutiveReportConfigurationInput
Input to an update of a recurring report configuration.
| Input Field | Description |
|---|---|
dName -
String!
|
The unique, primary identifier for the company. |
description -
String
|
Description of Report Configuration. |
enabled -
Boolean
|
If true, this report configuration generates reports. |
from -
Time
|
Timestamp when the first report is generated. |
id -
String!
|
ID of recurring executive report configuration. |
includeBot -
Boolean
|
If true, includes Bot mitigation summary in the report |
includeDDOS -
Boolean
|
If true, includes DDOS mitigation summary in the report |
includeWAF -
Boolean
|
If true, includes WAF violation summary in the report |
notification -
ExecutiveReportNotificationDetailsInput
|
List of email recepients of generated reports. |
period -
ExecutiveReportPeriod!
|
Metric summary interval of report. |
to -
Time
|
Timestamp when this report configuration will expire and won't be run after. |
Example
{
"dName": "xyz789",
"description": "abc123",
"enabled": true,
"from": Time,
"id": "abc123",
"includeBot": false,
"includeDDOS": true,
"includeWAF": false,
"notification": ExecutiveReportNotificationDetailsInput,
"period": ExecutiveReportPeriod,
"to": Time
}
UpdateRecurringExecutiveReportConfigurationOutput
Output of an update of a recurring report configuration operation.
| Field Name | Description |
|---|---|
configuration -
RecurringExecutiveReportConfiguration!
|
Configuration of a recurring report job. |
Example
{"configuration": RecurringExecutiveReportConfiguration}
UpdateSAMLInput
Input needed for updating a SAML connection.
| Input Field | Description |
|---|---|
domain -
[String!]
|
List of Domain Names. |
id -
ID!
|
SSO Config identifier. |
protocolBinding -
Protocol
|
Protocol Binding. |
requestTemplate -
String
|
Request template in XML format. |
signInURL -
String
|
Login URL for redirect. |
signatureAlgorithm -
Algorithm
|
Algorithm used in signature. |
signatureDigestAlgorithm -
Algorithm
|
DigestAlgorithm used in signature. |
signatureRequest -
Boolean
|
Signature requested from IDP. |
sslCertificate -
String
|
SSL Certificate of the IDP. |
userIDAttributes -
String
|
User Attributes. |
Example
{
"domain": ["abc123"],
"id": ID,
"protocolBinding": Protocol,
"requestTemplate": "xyz789",
"signInURL": "xyz789",
"signatureAlgorithm": Algorithm,
"signatureDigestAlgorithm": Algorithm,
"signatureRequest": false,
"sslCertificate": "xyz789",
"userIDAttributes": "xyz789"
}
UpdateSemicolonFieldSeparatorInput
Modify a Semicolon field separator countermeasure.
| Input Field | Description |
|---|---|
enabled -
Boolean
|
Whether the countermeasure is enabled. |
Example
{"enabled": false}
UpdateUserInput
Modify a user.
| Input Field | Description |
|---|---|
enabled -
Boolean
|
Enabled status of this user. |
firstName -
String
|
First name of this user. |
id -
String!
|
ID of the user to be updated. |
jobTitle -
String
|
Job title of this user. |
lastName -
String
|
Last name of this user. |
mobile -
String
|
Mobile number of this user. |
phone -
String
|
Phone number of this user. |
roles -
[UserRole!]
|
Roles of this user |
Example
{
"enabled": false,
"firstName": "abc123",
"id": "xyz789",
"jobTitle": "abc123",
"lastName": "xyz789",
"mobile": "abc123",
"phone": "abc123",
"roles": [UserRole]
}
UpdateUserNotificationConfigurationInput
Update a User notification configuration.
| Input Field | Description |
|---|---|
categories -
[CategoryConfigurationInput!]
|
The list of user category notification configurations. |
enabled -
Boolean
|
Enable or disable the user notification configuration. If empty it defaults to true. |
id -
String
|
ID of the user notification configuration to be updated. |
userID -
String
|
The User Service ID representing the User the notification configuration is for. |
Example
{
"categories": [CategoryConfigurationInput],
"enabled": false,
"id": "abc123",
"userID": "xyz789"
}
UpdateUserNotificationConfigurationOutput
Output from updating a User notification configuration.
| Field Name | Description |
|---|---|
configuration -
UserNotificationConfiguration!
|
Example
{"configuration": UserNotificationConfiguration}
UpdateUserOutput
Returned when updating a user.
| Field Name | Description |
|---|---|
user -
User!
|
The updated user. |
Example
{"user": User}
UpdateWAFProfileInput
Modify a WAF profile.
| Input Field | Description |
|---|---|
bufferOverflow -
UpdateBufferOverflowInput
|
The buffer overflow countermeasure settings. |
commandInjection -
UpdateCommandInjectionInput
|
The Command Injection countermeasure settings. |
contentType -
UpdateContentTypeInput
|
The content type countermeasure settings. |
cookieConsistency -
UpdateCookieConsistencyInput
|
The cookie consistency countermeasure settings. |
crossSiteScripting -
UpdateHTMLXSSInput
|
The HTML cross-site scripting countermeasure settings. |
csrfSettings -
UpdateCSRFSettingsInput
|
The CSRF countermeasure settings. |
denyURL -
UpdateDenyURLInput
|
The deny URL countermeasure settings. |
enabled -
Boolean
|
Whether the WAF profile is enabled. |
fieldConsistency -
UpdateFormFieldConsistencyInput
|
The form field consistency countermeasure settings. |
fieldFormat -
UpdateFieldFormatInput
|
The field format countermeasure settings. |
htmlSQLInjection -
UpdateHTMLSQLInjectionInput
|
The HTML SQL Injection countermeasure settings. |
httpRFCProfile -
UpdateHTTPRFCProfileInput
|
Check requests for HTTP RFC non compliance. |
jsonSettings -
UpdateJSONSettingsInput
|
The JSON related countermeasure settings. |
postBody -
UpdatePOSTBodyInput
|
Limits the request payload size. |
semicolonFieldSeparator -
UpdateSemicolonFieldSeparatorInput
|
Allow or disallow semicolon field separator between request fields. |
signatures -
UpdateWAFSignaturesInput
|
The WAF signatures settings. |
wsiSettings -
UpdateWSISettingsInput
|
The web service interoperability countermeasure settings. |
xmlCrossSiteScripting -
UpdateXMLXSSInput
|
The XML cross-site scripting countermeasure settings. |
xmlFormat -
UpdateXMLFormatInput
|
The XML format countermeasure settings. |
xmlSOAPFault -
UpdateXMLSOAPFaultInput
|
The XML SOAP fault countermeasure settings. |
xmlSQLInjection -
UpdateXMLSQLInjectionInput
|
The XML SQL Injection countermeasure settings. |
Example
{
"bufferOverflow": UpdateBufferOverflowInput,
"commandInjection": UpdateCommandInjectionInput,
"contentType": UpdateContentTypeInput,
"cookieConsistency": UpdateCookieConsistencyInput,
"crossSiteScripting": UpdateHTMLXSSInput,
"csrfSettings": UpdateCSRFSettingsInput,
"denyURL": UpdateDenyURLInput,
"enabled": false,
"fieldConsistency": UpdateFormFieldConsistencyInput,
"fieldFormat": UpdateFieldFormatInput,
"htmlSQLInjection": UpdateHTMLSQLInjectionInput,
"httpRFCProfile": UpdateHTTPRFCProfileInput,
"jsonSettings": UpdateJSONSettingsInput,
"postBody": UpdatePOSTBodyInput,
"semicolonFieldSeparator": UpdateSemicolonFieldSeparatorInput,
"signatures": UpdateWAFSignaturesInput,
"wsiSettings": UpdateWSISettingsInput,
"xmlCrossSiteScripting": UpdateXMLXSSInput,
"xmlFormat": UpdateXMLFormatInput,
"xmlSOAPFault": UpdateXMLSOAPFaultInput,
"xmlSQLInjection": UpdateXMLSQLInjectionInput
}
UpdateWAFSignaturesInput
Modify WAF signatures.
| Input Field | Description |
|---|---|
configuredBaseSignatures -
[ConfiguredBaseWAFSignatureInput!]
|
A list of signatures for a policy configured from a list of available base signatures. |
customSignatures -
[CustomWAFSignatureInput!]
|
A list of custom signatures created for a policy. |
Example
{
"configuredBaseSignatures": [
ConfiguredBaseWAFSignatureInput
],
"customSignatures": [CustomWAFSignatureInput]
}
UpdateWSISettingsInput
Modify a web services interoperability countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
learn -
Boolean
|
A flag to enable or disable learning. |
standards -
[WSIStandardInput!]
|
A list of WSI standards. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for WSI violations. |
Example
{
"action": WAFAction,
"learn": false,
"standards": [WSIStandardInput],
"threshold": ThresholdInput
}
UpdateXMLFormatInput
Modify an XML format countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for XML format violations. |
Example
{
"action": WAFAction,
"threshold": ThresholdInput
}
UpdateXMLSOAPFaultInput
Modify an XML SOAP fault countermeasure.
| Input Field | Description |
|---|---|
action -
XMLSOAPFaultAction
|
Action to be taken. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for XML format violations. |
Example
{
"action": XMLSOAPFaultAction,
"threshold": ThresholdInput
}
UpdateXMLSQLInjectionInput
Modify an HTML SQL injection countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
checkSQLWildChars -
Boolean
|
Whether to check for form fields that contain SQL wild chars. |
exemptCommentsWith -
CommentExemption
|
Exempts all comments of the given type. |
relaxationRules -
[XMLSQLInjectionRelaxationRuleInput!]
|
A list of XML SQL injection relaxation rules. |
sqlInjectionType -
SQLInjectionType
|
An XML SQL injection type. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for XML SQL injection violations. |
Example
{
"action": WAFAction,
"checkSQLWildChars": true,
"exemptCommentsWith": CommentExemption,
"relaxationRules": [XMLSQLInjectionRelaxationRuleInput],
"sqlInjectionType": SQLInjectionType,
"threshold": ThresholdInput
}
UpdateXMLXSSInput
Modify an XML cross-site scripting countermeasure.
| Input Field | Description |
|---|---|
action -
WAFAction
|
Action to be taken. |
relaxationRules -
[XMLXSSRelaxationRuleInput!]
|
A list of XML cross-site scripting relaxation rules. |
threshold -
ThresholdInput
|
Appsec Threshold configuration for XML cross-site scripting violations. |
Example
{
"action": WAFAction,
"relaxationRules": [XMLXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
User
A user of the system.
| Field Name | Description |
|---|---|
company -
Company!
|
Details of company. |
createdAt -
Time!
|
Timestamp of when user was created. |
email -
String!
|
User email. |
enabled -
Boolean!
|
Whether the user is able to access the system. |
firstName -
String!
|
First name. |
id -
String!
|
ID of company User. |
jobTitle -
String
|
Job title. |
lastLogin -
Time
|
Timestamp of last login of this user. |
lastName -
String!
|
Last name. |
mobile -
String
|
Mobile number. |
notificationConfiguration -
UserNotificationConfiguration
|
The list of notification configuration. |
phone -
String
|
Phone number. |
roles -
[UserRole!]
|
Roles. |
updatedAt -
Time!
|
Timestamp of when user was last updated. |
userName -
String!
|
User name. |
Example
{
"company": Company,
"createdAt": Time,
"email": "abc123",
"enabled": true,
"firstName": "xyz789",
"id": "abc123",
"jobTitle": "xyz789",
"lastLogin": Time,
"lastName": "xyz789",
"mobile": "xyz789",
"notificationConfiguration": UserNotificationConfiguration,
"phone": "abc123",
"roles": [UserRole],
"updatedAt": Time,
"userName": "xyz789"
}
UserDefinedFilter
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
description -
String
|
The description of the filter list. |
entries -
[String!]!
|
Array of filter list entries based on the value of the listType attribute:" BLACK_WHITE_IPV4: IPv4 FCAP expressions BLACK_WHITE_IPV6: IPv6 FCAP expressions ADDRESS_IPV4: IPv4 CIDRs or addresses ADDRESS_IPV6: IPv6 CIDRs or addresses IP_LOCATION: Two-letter ISO 3166 country codes |
filterType -
FilterType!
|
Indicates whether this filter list is user defined or an inline filter. |
id -
String!
|
Since this is a User Defined Filter, the ID is the ID of the Filter as defined in Arbor. |
listType -
FilterListType!
|
Type of data contained in this Filter List. |
listTypeLabel -
String!
|
Display label for the type of data contained in this Filter List. |
name -
String!
|
Name of the filter list. |
templates -
[FilterTemplate]!
|
A set of Templates referenced by this Filter |
usedInAutoMitigation -
Boolean!
|
Indicates if this Filter List is used in an Auto Mitigation. |
usedInTemplate -
Boolean!
|
Indicates if this Filter List is used in a Template. |
Example
{
"company": Company,
"description": "abc123",
"entries": ["xyz789"],
"filterType": FilterType,
"id": "xyz789",
"listType": FilterListType,
"listTypeLabel": "abc123",
"name": "xyz789",
"templates": [FilterTemplate],
"usedInAutoMitigation": true,
"usedInTemplate": true
}
UserFilterInput
For reducing the returned list of users.
| Input Field | Description |
|---|---|
email -
String
|
Specifies user email to filter query results on. |
id -
String
|
Specifies user ID to filter query results on. |
includeDisabled -
Boolean
|
Indicates whether users disabled in portal should be included in query results. |
Example
{"email": "abc123", "id": "abc123", "includeDisabled": false}
UserLog
Auth0 event log for a user.
| Field Name | Description |
|---|---|
date -
Time!
|
The date when the event occurred. |
description -
String!
|
The description of this event. |
ip -
String!
|
The IP address of the log event source. |
logID -
String!
|
The unique ID of the event. |
type -
String!
|
The type of event |
userID -
String!
|
The ID of the user. |
Example
{
"date": Time,
"description": "abc123",
"ip": "xyz789",
"logID": "abc123",
"type": "abc123",
"userID": "xyz789"
}
UserLoginIDWithPagination
Paginated users.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
Page Information. |
results -
[UserLoginID!]
|
Results holds the list of users. |
Example
{
"pageInfo": Pagination,
"results": [UserLoginID]
}
UserLogsFilterInput
Filter for Auth0 event log for a user.
| Input Field | Description |
|---|---|
endTime -
Time
|
Specifies end time to filter query results on. |
id -
String!
|
Specifies user ID to filter query results on. |
startTime -
Time
|
Specifies start time to filter query results on. |
types -
String
|
Specifies log event types to filter query results on. |
Example
{
"endTime": Time,
"id": "abc123",
"startTime": Time,
"types": "xyz789"
}
UserNotificationConfiguration
Represents a User specific notification configuration.
| Field Name | Description |
|---|---|
categories -
[CategoryConfiguration!]!
|
The list of user category notification configurations. |
company -
Company!
|
The company object. |
createdAt -
Time!
|
The time that the notification configuration was created at. |
deletedAt -
Time
|
The time that the notification configuration was last deleted at. |
id -
String!
|
The identifier of this notification configuration. |
updatedAt -
Time!
|
The time that the notification configuration was last updated at. |
user -
User!
|
The User object. |
Example
{
"categories": [CategoryConfiguration],
"company": Company,
"createdAt": Time,
"deletedAt": Time,
"id": "xyz789",
"updatedAt": Time,
"user": User
}
UserRole
Allowed list of user roles.
| Enum Value | Description |
|---|---|
|
|
Primary admin role. |
|
|
Read-only role. |
|
|
Technical user role. |
UsersWithPagination
A paginated list of users.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
Pagination settings for query results. |
results -
[User!]
|
Set of users returned by query. |
Example
{
"pageInfo": Pagination,
"results": [User]
}
VServer
A collection of properties that define a virtual server.
| Field Name | Description |
|---|---|
applicationServices -
[ApplicationService!]
|
Application services that make up this virtual server's back end. |
certificateBindings -
[CertificateBinding!]
|
Certficate(s) for this virtual server. |
loadBalanceMethod -
ProxyLoadBalanceMethod!
|
Method used to load-balance connections. |
persistenceType -
ProxyLoadBalancePersistenceType!
|
A session persistence type to apply to requests. |
port -
UnsignedInt16!
|
The virtual server's front-end server port. |
protocol -
ProxyProtocol!
|
Protocol type used for the front and back ends. |
sp -
Boolean!
|
Ensure connections to the server occur at a rate that the server can handle. |
tcpb -
Boolean!
|
Use TCP Buffering for the service. |
tlsOptions -
TLSOptions
|
TLS/SSL protocol options. |
xffHeader -
String!
|
The name of the 'forwarded-for' header. |
Example
{
"applicationServices": [ApplicationService],
"certificateBindings": [CertificateBinding],
"loadBalanceMethod": ProxyLoadBalanceMethod,
"persistenceType": ProxyLoadBalancePersistenceType,
"port": UnsignedInt16,
"protocol": ProxyProtocol,
"sp": true,
"tcpb": false,
"tlsOptions": TLSOptions,
"xffHeader": "xyz789"
}
VServerInput
Add a VServer to a Proxy.
| Input Field | Description |
|---|---|
applicationServices -
[ApplicationServiceInput!]
|
Application services that make up this virtual server's back end. |
certificateBindings -
[CertificateBindingInput!]
|
Certficate(s) for this virtual server. |
loadBalanceMethod -
ProxyLoadBalanceMethod!
|
Method used to load-balance connections. |
persistenceType -
ProxyLoadBalancePersistenceType! default = "SOURCE_IP" |
A session persistence type to apply to requests. |
port -
UnsignedInt16!
|
Back end origin server port. |
protocol -
ProxyProtocol!
|
Protocol type of the front end. |
sp -
Boolean
|
Ensure connections to the server occur at a rate that the server can handle. |
tcpb -
Boolean
|
Use TCP Buffering for the service. |
tlsOptions -
TLSOptionsInput
|
TLS/SSL protocol options. Only required for TLS. |
xffHeader -
String! default = "X-Forwarded-For" |
The name of the 'forwarded-for' header. |
Example
{
"applicationServices": [ApplicationServiceInput],
"certificateBindings": [CertificateBindingInput],
"loadBalanceMethod": ProxyLoadBalanceMethod,
"persistenceType": "SOURCE_IP",
"port": UnsignedInt16,
"protocol": ProxyProtocol,
"sp": false,
"tcpb": false,
"tlsOptions": TLSOptionsInput,
"xffHeader": "X-Forwarded-For"
}
VServerState
VServer state value.
| Enum Value | Description |
|---|---|
|
|
Down or nonoperational. |
|
|
Unavailable. |
|
|
Up or operational. |
VServerStatus
Represents the status of a vserver (VIP-protocol-port combination).
| Field Name | Description |
|---|---|
currentState -
VServerState!
|
State of the vserver. |
port -
UnsignedInt32!
|
Port of the vserver. |
protocol -
String!
|
Protocol of the vserver. |
Example
{
"currentState": VServerState,
"port": UnsignedInt32,
"protocol": "abc123"
}
ValueType
Allowed list of values for value types.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
ViolationLog
A WAF violation log.
| Field Name | Description |
|---|---|
action -
String
|
The action that caused this violation log. |
aggregatedURI -
String
|
The aggregated uri string which caused the violation |
cefVersion -
String
|
The engine's CEF version. |
cookies -
String
|
The cookies in the original request. |
customer -
String
|
The customer account dname. |
destinationIP -
IPAddress
|
The destination IP the request was intended for. |
devVersion -
String
|
The dev version. |
domain -
String
|
The domain the request was intended for. |
eventID -
String
|
The unique event ID for this event. |
host -
String
|
The hostname in the request. |
httptxID -
String
|
The HTTP transaction ID from the engine. |
method -
String
|
The HTTP method used. |
profile -
String
|
The policy key generating this violation. |
protocol -
String
|
The protocol used. |
rawHeaders -
String
|
The raw headers in the original request. |
reason -
String
|
The reason for the violation to occur. |
sessionID -
String
|
The session ID. |
severity -
UnsignedInt32
|
The severity code of the violation. |
severityString -
String
|
The severity string of the violation. |
signatureID -
String
|
The signature code prefix. |
signatureName -
String
|
The signature name which triggered the violation. |
site -
String
|
The processing site location. |
sourceIP -
IPAddress
|
The source IP of the request. |
sourceLocation -
GeoLocation
|
The source location where the request originated. |
sourcePort -
UnsignedInt16
|
The source port of the request. |
timestamp -
LogTime
|
The timestamp of the violation log. |
timestampEvent -
LogTime
|
The log timestamp event. |
type -
String
|
The type of the violation. |
uri -
String
|
The uri which cause the violation. |
userAgent -
String
|
The user agent in the original request header. |
version -
String
|
The version. |
wafVersion -
String
|
The WAF version. |
Example
{
"action": "xyz789",
"aggregatedURI": "abc123",
"cefVersion": "abc123",
"cookies": "xyz789",
"customer": "abc123",
"destinationIP": IPAddress,
"devVersion": "abc123",
"domain": "abc123",
"eventID": "abc123",
"host": "xyz789",
"httptxID": "xyz789",
"method": "xyz789",
"profile": "xyz789",
"protocol": "abc123",
"rawHeaders": "xyz789",
"reason": "xyz789",
"sessionID": "xyz789",
"severity": UnsignedInt32,
"severityString": "abc123",
"signatureID": "xyz789",
"signatureName": "abc123",
"site": "xyz789",
"sourceIP": IPAddress,
"sourceLocation": GeoLocation,
"sourcePort": UnsignedInt16,
"timestamp": LogTime,
"timestampEvent": LogTime,
"type": "xyz789",
"uri": "abc123",
"userAgent": "abc123",
"version": "xyz789",
"wafVersion": "abc123"
}
ViolationLogDimension
Violation log sort dimensions.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ViolationLogFilterInput
A WAF violation log filter input.
| Input Field | Description |
|---|---|
action -
String
|
The violation log action. |
aggregatedURI -
String
|
The aggregated uri string which caused the violation |
all -
String
|
The All filters looks at all the filters mentioned above, with the exception of profile. |
destinationIP -
IPAddressInput
|
The destination IP of the request. |
domain -
String
|
The domain the request was intended for. |
eventID -
String
|
The unique event ID for this event. |
host -
String
|
The host of the request. |
httptxID -
String
|
The HTTP transaction ID from the engine. |
profile -
String
|
The policy key generating this violation. |
reason -
String
|
The reason for the violation to occur. |
signatureName -
String
|
The signature name which triggered the violation. |
site -
String
|
The processing site location. |
sourceCity -
String
|
The source city name. |
sourceCountryName -
String
|
The source country name. |
sourceIP -
IPAddressInput
|
The source IP of the request. |
timestamp -
String
|
The timestamp of the violation log. |
uri -
String
|
The uri which cause the violation. |
userAgent -
String
|
The user agent in the original request header. |
Example
{
"action": "xyz789",
"aggregatedURI": "abc123",
"all": "abc123",
"destinationIP": IPAddressInput,
"domain": "xyz789",
"eventID": "abc123",
"host": "abc123",
"httptxID": "abc123",
"profile": "xyz789",
"reason": "xyz789",
"signatureName": "abc123",
"site": "abc123",
"sourceCity": "abc123",
"sourceCountryName": "abc123",
"sourceIP": IPAddressInput,
"timestamp": "xyz789",
"uri": "xyz789",
"userAgent": "abc123"
}
ViolationLogGroup
A violation log group.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
The count of violation logs in this group. |
key -
String!
|
The group name. |
Example
{"count": UnsignedInt32, "key": "xyz789"}
ViolationLogGroupByField
Allowed list of violation log group by fields.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ViolationLogGroupByInput
A WAF violation log group by input.
| Input Field | Description |
|---|---|
direction -
SortDirection
|
The order of the groups listed (ascending or descending). |
field -
ViolationLogGroupByField!
|
The field that will be used to group the logs. |
timeInterval -
TimeInterval
|
The time interval when the group of logs occurred. |
Example
{
"direction": SortDirection,
"field": ViolationLogGroupByField,
"timeInterval": TimeInterval
}
ViolationLogSortBy
A WAF violation log sort input.
| Input Field | Description |
|---|---|
dimension -
ViolationLogDimension!
|
The dimension that will be used to sort the logs. |
direction -
SortDirection! default = "DESCENDING" |
The order of the sort (ascending or descending). |
Example
{
"dimension": ViolationLogDimension,
"direction": "DESCENDING"
}
ViolationLogTimeSeries
A violation log time series group.
| Field Name | Description |
|---|---|
cnt -
UnsignedInt64!
|
The count of violation logs in this timeframe. |
key -
String!
|
The key name. |
ts -
Time!
|
The timestamp of these occurrences. |
Example
{
"cnt": UnsignedInt64,
"key": "abc123",
"ts": Time
}
ViolationLogsWithPagination
A paginated list of WAF violation logs.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[ViolationLog!]
|
Violation log data |
Example
{
"pageInfo": Pagination,
"results": [ViolationLog]
}
WAFAction
Allowed list of actions for a given WAF countermeasure.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
WAFAnalyticsResponse
A WAF analytics response.
| Field Name | Description |
|---|---|
groups -
[ViolationLogGroup!]
|
The list of aggregated group results satisfying the group by criteria. |
logs -
ViolationLogsWithPagination
|
A paginated list of violation logs satisfying the filter criteria. |
timeSeriesData -
[ViolationLogTimeSeries!]
|
The time series information of the violation logs occurrences. |
Example
{
"groups": [ViolationLogGroup],
"logs": ViolationLogsWithPagination,
"timeSeriesData": [ViolationLogTimeSeries]
}
WAFMitigation
Represents a WAF Mitigation.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. |
countermeasures -
[WAFViolation!]
|
The countermeasures associated with the mitigation. |
destinationIP -
IPAddress!
|
The destination IP. |
destinationIPs -
[CIDR!]
|
The destination IPs.
Use destinationIP
|
end -
Time
|
The end time of the mitigation. A non-zero value of end time means that the mitigation has ended or finished. |
event -
Event
|
The event associated with this mitigation. |
id -
String!
|
The identifier of this mitigaiton. |
policy -
Policy
|
The Policy that triggered this mitigation.
Use policyKey to find policy separately, if needed
|
policyKey -
String!
|
The Policy Key that triggered this mitigation. |
start -
Time!
|
The start time of the mitigaiton |
Example
{
"company": Company,
"countermeasures": [WAFViolation],
"destinationIP": IPAddress,
"destinationIPs": [CIDR],
"end": Time,
"event": Event,
"id": "abc123",
"policy": Policy,
"policyKey": "xyz789",
"start": Time
}
WAFProfile
A WAF profile for a given policy.
| Field Name | Description |
|---|---|
bufferOverflow -
BufferOverflow
|
The buffer overflow countermeasure settings. |
commandInjection -
CommandInjection
|
The Command Injection countermeasure settings. |
contentType -
ContentType
|
The content type countermeasure settings. |
cookieConsistency -
CookieConsistency
|
The cookie consistency countermeasure settings. |
crossSiteScripting -
HTMLXSS
|
The HTML cross-site scripting countermeasure settings. |
csrfSettings -
CSRFSettings
|
The CSRF countermeasure settings. |
denyURL -
DenyURL
|
The deny URL countermeasure settings. |
enabled -
Boolean!
|
Whether the WAF profile is enabled. |
fieldConsistency -
FormFieldConsistency
|
The form field consistency countermeasure settings. |
fieldFormat -
FieldFormat
|
The field format countermeasure settings. |
htmlSQLInjection -
HTMLSQLInjection
|
The HTML SQL Injection countermeasure settings. |
httpRFCProfile -
HTTPRFCProfile
|
Check requests for HTTP RFC non compliance. |
jsonSettings -
JSONSettings
|
The JSON related countermeasure settings. |
postBody -
POSTBody
|
Limits the request payload size. |
semicolonFieldSeparator -
SemicolonFieldSeparator
|
Allow or disallow semicolon field separator between request fields. |
signatures -
WAFSignatures
|
The WAF signatures settings. |
wsiSettings -
WSISettings
|
The web service interoperability countermeasure settings. |
xmlCrossSiteScripting -
XMLXSS
|
The XML cross-site scripting countermeasure settings. |
xmlFormat -
XMLFormat
|
The XML format countermeasure settings. |
xmlSOAPFault -
XMLSOAPFault
|
The XML SOAP fault countermeasure settings. |
xmlSQLInjection -
XMLSQLInjection
|
The XML SQL Injection countermeasure settings. |
Example
{
"bufferOverflow": BufferOverflow,
"commandInjection": CommandInjection,
"contentType": ContentType,
"cookieConsistency": CookieConsistency,
"crossSiteScripting": HTMLXSS,
"csrfSettings": CSRFSettings,
"denyURL": DenyURL,
"enabled": true,
"fieldConsistency": FormFieldConsistency,
"fieldFormat": FieldFormat,
"htmlSQLInjection": HTMLSQLInjection,
"httpRFCProfile": HTTPRFCProfile,
"jsonSettings": JSONSettings,
"postBody": POSTBody,
"semicolonFieldSeparator": SemicolonFieldSeparator,
"signatures": WAFSignatures,
"wsiSettings": WSISettings,
"xmlCrossSiteScripting": XMLXSS,
"xmlFormat": XMLFormat,
"xmlSOAPFault": XMLSOAPFault,
"xmlSQLInjection": XMLSQLInjection
}
WAFSignatureDimension
Allowed values for sorting the Signature list.
| Enum Value | Description |
|---|---|
|
|
|
|
|
WAFSignatureSortBy
Signature sorting input.
| Input Field | Description |
|---|---|
dimension -
WAFSignatureDimension!
|
The dimension to sort by. |
direction -
SortDirection!
|
The direction to sort in. |
Example
{
"dimension": WAFSignatureDimension,
"direction": SortDirection
}
WAFSignatures
A WAF signature.
| Field Name | Description |
|---|---|
configuredBaseSignatures -
ConfiguredBaseWAFSignaturesWithPagination
|
A paginated list of signatures for a policy configured from a list of available base signatures. |
|
Arguments |
|
customSignatures -
CustomWAFSignaturesWithPagination
|
A paginated list of custom WAF signatures created for a policy. |
|
Arguments |
|
Example
{
"configuredBaseSignatures": ConfiguredBaseWAFSignaturesWithPagination,
"customSignatures": CustomWAFSignaturesWithPagination
}
WAFViolation
Represents WAF violation.
| Field Name | Description |
|---|---|
company -
Company!
|
The company object. removing support |
id -
String!
|
The id of a WAF violation.
Use name
|
mitigation -
WAFMitigation!
|
The WAF mitigation for the violation. |
name -
String!
|
The name of the countermeasure. |
violationsDetails -
[AppViolationData!]
|
The details of the violations. |
|
Arguments
|
|
Example
{
"company": Company,
"id": "abc123",
"mitigation": WAFMitigation,
"name": "abc123",
"violationsDetails": [AppViolationData]
}
WSISettings
A web services interoperability countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
learn -
Boolean!
|
A flag to enable or disable learning. |
standards -
WSIStandardsWithPagination
|
A paginated list of WSI standards. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for WSI violations. |
Example
{
"action": WAFAction,
"learn": true,
"standards": WSIStandardsWithPagination,
"threshold": AppSecThreshold
}
WSISettingsRuleCount
WSI settings rule count.
| Field Name | Description |
|---|---|
count -
UnsignedInt32!
|
|
rule -
LearnedWSISettingsRule!
|
Example
{
"count": UnsignedInt32,
"rule": LearnedWSISettingsRule
}
WSISettingsRuleCountsWithPagination
WSI settings learning rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
|
results -
[WSISettingsRuleCount!]
|
Example
{
"pageInfo": Pagination,
"results": [WSISettingsRuleCount]
}
WSIStandard
A web service interoperability standard.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the standard is enabled. |
rule -
WSIStandardRule!
|
A WSI rule. |
ruleID -
WSIStandardRuleID!
|
A unique rule ID for the standard. |
Example
{
"enabled": false,
"rule": WSIStandardRule,
"ruleID": WSIStandardRuleID
}
WSIStandardInput
A web service interoperability standard.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the standard is enabled. |
ruleID -
WSIStandardRuleID!
|
The unique rule ID for the standard. |
Example
{"enabled": true, "ruleID": WSIStandardRuleID}
WSIStandardRule
A web service interoperability standard rule.
| Field Name | Description |
|---|---|
code -
String!
|
A code for the standard. |
description -
String!
|
A decsription of the standard. |
id -
WSIStandardRuleID!
|
A unique rule ID for the standard. |
Example
{
"code": "xyz789",
"description": "abc123",
"id": WSIStandardRuleID
}
WSIStandardRuleID
Allowed list of WSI standard rule IDs.
| Enum Value | Description |
|---|---|
|
|
A wsdl:binding in a DESCRIPTION SHOULD contain a soapbind:fault describing each known fault. |
|
|
An ENVELOPE MUST include all soapbind:headers specified on a wsdl:input or wsdl:output of a wsdl:operation of a wsdl:binding that describes it. |
|
|
The children of the soap:Body element in an ENVELOPE MUST be namespace qualified. |
|
|
When an ENVELOPE contains a faultcode element, the content of that element SHOULD be either one of the fault codes defined in SOAP 1.1 (supplying additional information if necessary in the detail element), or a Qname whose namespace is controlled by the fault's specifying authority (in that order of preference). |
|
|
A RECEIVER MUST generate a fault if they encounter an envelope whose document element is not soap:Envelope |
|
|
A HTTP request MESSAGE MUST contain a SOAPAction HTTP header field with a quoted value equal to the value of the soapAction attribute of soapbind:operation, if present in the corresponding WSDL description. |
|
|
A MESSAGE MUST be serialized as either UTF-8 or UTF-16 |
|
|
A RECEIVER MUST accept fault messages that have any number of qualified or unqualified attributes, including zero, appearing on the detail element. The namespace of qualified attributes can be anything other than the namespace of the qualified document element 'Envelope' |
|
|
An ENVELOPE containing a soap:mustUnderstand attribute MUST only use the lexical forms '0' and '1'. |
|
|
A MESSAGE MUST be sent using either HTTP/1.1 or HTTP/1.0. |
|
|
A HTTP request MESSAGE MUST use the HTTP POST method |
|
|
An ENVELOPE MUST NOT include the soapenc:arrayType attribute. |
|
|
When an ENVELOPE contains a faultcode element the content of that element SHOULD NOT use of the SOAP 1.1 'dot' notation to refine the meaning of the fault. |
|
|
An ENVELOPE MUST NOT have any element children of soap:Envelope following the soap:Body element. |
|
|
For one-way operations, an INSTANCE MUST NOT return a HTTP response that contains an envelope. Specifically, the HTTP response entity-body must be empty. |
|
|
An ENVELOPE described in an rpc-literal binding MUST NOT contain soap:encodingStyle attribute on any element that is a grandchild of soap:Body. |
|
|
An ENVELOPE described with an rpc-literal binding MUST NOT have the xsi:nil attribute with a value of '1' or 'true' on the part accessors. |
|
|
An ENVELOPE described with an rpc-literal binding MUST place the part accessor elements for parameters and return value in no namespace. |
|
|
An ENVELOPE described with an rpc-literal binding that is a response MUST have a wrapper element whose name is the corresponding wsdl:operation name suffixed with the string 'Response'. |
|
|
A MESSAGE SHOULD be sent using HTTP/1.1. |
|
|
The value of the SOAPAction HTTP header field in a HTTP request MESSAGE MUST be a quoted string. |
|
|
An ENVELOPE MUST NOT contain soap:encodingStyle attributes on any element that is a child of soap:Body. |
|
|
An ENVELOPE MUST NOT contain soap:encodingStyle attribute on any of the elements whose namespace is the same as the namespace of the qualified document element 'Envelope' |
|
|
When an ENVELOPE is a Fault, the element children of the soap:Fault element MUST be unqualified |
|
|
When an ENVELOPE is a Fault, the soap:Fault element MUST NOT have element children other than faultcode, faultstring, faultactor and detail. |
|
|
The soap:Envelope, soap:Header, and soap:Body elements in an ENVELOPE MUST NOT have attributes in the same namespace as that of the qualified document element 'Envelope' |
|
|
An ENVELOPE SHOULD NOT contain the namespace declaration xmlns:xml=' http://www.w3.org/XML/1998/namespace'. |
|
|
An INSTANCE MUST return a '500 Internal Server Error' HTTP status code if the response envelope is a Fault. |
|
|
An INSTANCE SHOULD use a '200 OK' HTTP status code on a response message that contains an envelope that is not a fault. |
WSIStandardsWithPagination
A paginated list of WSI standards.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[WSIStandard!]
|
A list of WSI standards. |
Example
{
"pageInfo": Pagination,
"results": [WSIStandard]
}
WebhookConfiguration
Represents the Webhook channel-specific configuration.
| Field Name | Description |
|---|---|
URL -
String!
|
The customer URL that we send webhook messages to. |
Example
{"URL": "xyz789"}
WebhookConfigurationInput
Represents the Webhook channel-specific configuration Input.
| Input Field | Description |
|---|---|
URL -
String!
|
The customer URL that we send webhook messages to. |
Example
{"URL": "xyz789"}
WhiteLabel
Specifications for elements that can be modified for white-labelled customers.
| Field Name | Description |
|---|---|
bottomLeftLabel -
String!
|
Bottom left label to be rendered for company. |
bottomRightLabel -
String!
|
Bottom right label to be rendered for company. |
domain -
String!
|
Company domain. |
email -
EMail!
|
Company contact email ID. |
enabled -
Boolean!
|
Whether white-labelling is enabled for the Company. |
favicon -
Map
|
Specifies a map of fav icons for this company's pages. |
footerLinks -
[Link!]
|
List of all URLs and Labels associated with this company. |
headerLogo -
String!
|
Header logo for this company. |
loginMarqueeItems -
[String!]
|
Marquee elements to be displayed on login for this company. |
productName -
String!
|
Product Name as displayed by/for this company. |
supportURL -
String!
|
Support URL to be displayed for this company. |
supportUser -
String!
|
Company support username. |
theme -
String!
|
Theme for company. |
Example
{
"bottomLeftLabel": "xyz789",
"bottomRightLabel": "xyz789",
"domain": "xyz789",
"email": EMail,
"enabled": true,
"favicon": Map,
"footerLinks": [Link],
"headerLogo": "xyz789",
"loginMarqueeItems": ["xyz789"],
"productName": "xyz789",
"supportURL": "xyz789",
"supportUser": "xyz789",
"theme": "abc123"
}
XMLFormat
An XML format countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for XML format violations. |
Example
{
"action": WAFAction,
"threshold": AppSecThreshold
}
XMLSOAPFault
An XML SOAP fault countermeasure.
| Field Name | Description |
|---|---|
action -
XMLSOAPFaultAction!
|
Action to be taken. |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for XML format violations. |
Example
{
"action": XMLSOAPFaultAction,
"threshold": AppSecThreshold
}
XMLSOAPFaultAction
Allowed list of actions for XML SOAP Fault countermeasure.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
XMLSQLInjection
An XML SQL injection countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
checkSQLWildChars -
Boolean!
|
Whether to check for form fields that contain SQL wild chars. |
exemptCommentsWith -
CommentExemption!
|
Exempts all comments of the given type. |
relaxationRules -
XMLSQLInjectionRelaxationRulesWithPagination
|
A list of XML SQL injection relaxation rules. |
|
Arguments |
|
sqlInjectionType -
SQLInjectionType!
|
An XML SQL injection type. |
threshold -
AppSecThreshold
|
Appsec Threshold configuration for XML SQL injection violations. |
Example
{
"action": WAFAction,
"checkSQLWildChars": true,
"exemptCommentsWith": CommentExemption,
"relaxationRules": XMLSQLInjectionRelaxationRulesWithPagination,
"sqlInjectionType": SQLInjectionType,
"threshold": AppSecThreshold
}
XMLSQLInjectionRelaxationRule
An XML SQL injection relaxation rule.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean!
|
Whether the name is in regex format. |
location -
XMLLocation
|
The location of the attachment. |
name -
String!
|
The name of the rule. |
Example
{
"enabled": true,
"isNameRegex": true,
"location": XMLLocation,
"name": "abc123"
}
XMLSQLInjectionRelaxationRuleInput
An XML SQL injection relaxation rule.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean! default = false |
Whether the name is in regex format. |
location -
XMLLocation
|
The location that should be examined by the rule. |
name -
String!
|
The name of the rule. |
Example
{
"enabled": true,
"isNameRegex": false,
"location": XMLLocation,
"name": "xyz789"
}
XMLSQLInjectionRelaxationRulesWithPagination
A paginated list SQL injection relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[XMLSQLInjectionRelaxationRule!]
|
A list of relaxation rules. |
Example
{
"pageInfo": Pagination,
"results": [XMLSQLInjectionRelaxationRule]
}
XMLXSS
An XML cross-site scripting countermeasure.
| Field Name | Description |
|---|---|
action -
WAFAction!
|
Action to be taken. |
relaxationRules -
XMLXSSRelaxationRulesWithPagination
|
A paginated list of XML cross-site scripting relaxation rules. |
|
Arguments |
|
threshold -
AppSecThreshold
|
Appsec Threshold configuration for XML cross-site scripting violations. |
Example
{
"action": WAFAction,
"relaxationRules": XMLXSSRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
XMLXSSRelaxationRule
An XML XSS relaxation rule.
| Field Name | Description |
|---|---|
enabled -
Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean!
|
Whether the name is in regex format. |
location -
XMLLocation
|
The location of the attachment. |
name -
String!
|
The name of the rule. |
Example
{
"enabled": false,
"isNameRegex": false,
"location": XMLLocation,
"name": "xyz789"
}
XMLXSSRelaxationRuleInput
An XML XSS relaxation rule.
| Input Field | Description |
|---|---|
enabled -
Boolean! default = true |
Whether the relaxation rule is enabled. |
isNameRegex -
Boolean! default = false |
Whether the name is in regex format. |
location -
XMLLocation
|
The location of the attachment. |
name -
String!
|
The name of the rule. |
Example
{
"enabled": true,
"isNameRegex": false,
"location": XMLLocation,
"name": "xyz789"
}
XMLXSSRelaxationRulesWithPagination
A paginated list of XML cross-site scripting (XSS) relaxation rules.
| Field Name | Description |
|---|---|
pageInfo -
Pagination!
|
The returned page information. |
results -
[XMLXSSRelaxationRule!]
|
A list of XML XSS relaxation rules |
Example
{
"pageInfo": Pagination,
"results": [XMLXSSRelaxationRule]
}
XSSValueType
Allowed list of values for value types in XSS.
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
ZombieDetectionDDOSCountermeasure
| Field Name | Description |
|---|---|
blacklisting -
Boolean!
|
|
company -
Company!
|
Use company of the mitigation.
|
id -
String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
name -
String!
|
|
traffic -
[TrafficData!]
|
|
trafficData -
[TrafficData!]
|
Use traffic.
|
Example
{
"blacklisting": false,
"company": Company,
"id": "xyz789",
"name": "abc123",
"traffic": [TrafficData],
"trafficData": [TrafficData]
}