GraphQL API Schema Reference
GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data. GraphQL provides a complete and understandable description of the data in your API, gives clients the power to ask for exactly what they need and nothing more, makes it easier to evolve APIs over time, and enables powerful developer tools.
References
API Endpoints
https://api.appsecportal.comVersion
1.0.4
Authentication
Use the Client ID and Client Secret to request a token (JWT). This will be used as a Bearer token to make authenticated requests to the GraphQL API.
curl -L -X POST 'https:/auth.appsecportal.com/oauth/token' \
-H 'Content-Type: application/json' \
-d '{
"client_id": "<CLIENT_ID>",
"client_secret": "<CLIENT_SECRET>",
"audience": "https://api.appsecportal.com/",
"grant_type": "client_credentials"
}'
The request above will return a bearer token in the access_token field which should be used in the Authorization header for all further API requests. Example Response:
{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlFUTXdSVVF4UVVJMU9ESTFNVVJHUWtJeU16STRSRGM1UmpWR016TkZPRU5DTmpVMVFrWkNSQSJ9.eyJodHRwczovL2FwaS5hcHBzZWNwb3J0YWwuY29tL25zciI6eyJkbm0iOiJTUF9VV0FGVEVTVCIsInVpZCI6ImF1dGgwfDVmNDU1ZmU2ODJkMGNjMDA2ZGNjZmNlOSIsInNubSI6InV3YWZ0ZXN0IiwidGt5IjoiIn0sImlzcyI6Imh0dHBzOi8vbmV1c3RhcnNlY3VyaXR5LmF1dGgwLmNvbS8iLCJzdWIiOiJnaU5CQm9QcWE3YjdMTXZ3eWRsZjRSZktBcjNTREhEU0BjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly9hcGkuYXBwc2VjcG9ydGFsLmNvbS8iLCJpYXQiOjE2Nzc3MDMxMjUsImV4cCI6MTY3Nzc4OTUyNSwiYXpwIjoiZ2lOQkJvUHFhN2I3TE12d3lkbGY0UmZLQXIzU0RIRFMiLCJzY29wZSI6ImFsZXJ0OnJlYWQgYXBwc2VjLWFsZXJ0OnJlYWQgYXVkaXQ6cmVhZCBibG9ja2VkLWlwOnJlYWQgYm90LW1pdGlnYXRpb246cmVhZCBjZXJ0aWZpY2F0ZTp3cml0ZSBjb21wYW55OndyaXRlIG1hc3F1ZXJhZGU6b3RoZXIgbWl0aWdhdGlvbjpyZWFkIG5ldHdvcmstY29uZmlnOnJlYWQgcG9saWN5OmJvdC1zaWduYXR1cmVzIHBvbGljeTpzaWduYXR1cmVzIHBvbGljeTp3cml0ZSBwcm94eTp3cml0ZSByZXBvcnRzOnJlYWQgcmVwb3J0czp3cml0ZSBzc286d3JpdGUgdW5pZmllZC1hbGVydHM6cmVhZCB1bmlmaWVkLWV2ZW50czpyZWFkIHVzZXI6cmVhZCB1c2VyOndyaXRlIHdhZi1taXRpZ2F0aW9uOnJlYWQiLCJndHkiOiJjbGllbnQtY3JlZGVudGlhbHMiLCJwZXJtaXNzaW9ucyI6WyJhbGVydDpyZWFkIiwiYXBwc2VjLWFsZXJ0OnJlYWQiLCJhdWRpdDpyZWFkIiwiYmxvY2tlZC1pcDpyZWFkIiwiYm90LW1pdGlnYXRpb246cmVhZCIsImNlcnRpZmljYXRlOndyaXRlIiwiY29tcGFueTp3cml0ZSIsIm1hc3F1ZXJhZGU6b3RoZXIiLCJtaXRpZ2F0aW9uOnJlYWQiLCJuZXR3b3JrLWNvbmZpZzpyZWFkIiwicG9saWN5OmJvdC1zaWduYXR1cmVzIiwicG9saWN5OnNpZ25hdHVyZXMiLCJwb2xpY3k6d3JpdGUiLCJwcm94eTp3cml0ZSIsInJlcG9ydHM6cmVhZCIsInJlcG9ydHM6d3JpdGUiLCJzc286d3JpdGUiLCJ1bmlmaWVkLWFsZXJ0czpyZWFkIiwidW5pZmllZC1ldmVudHM6cmVhZCIsInVzZXI6cmVhZCIsInVzZXI6d3JpdGUiLCJ3YWYtbWl0aWdhdGlvbjpyZWFkIl19.K_dZh5t9_hpn0s2yLKyk2rRx3qt5u5VDaUaCBPdwPVSt-RhM7BzQxf5EizWkl4z8c09YJJ0nw-PZPZb_SRcM1f5aoNcTgocyfxi68G1XQArOmw1M2xopaH-0K2uusXqsfrr262E2ibBNM3DSGD3pVDy5B-erzYsW0Bavm6NUWLoJGKFTHsXWOr9eS_HZGTrdE2VUNPtiOzBIcE4e9xqY26Eig3w4JGUNzIEPlZ1WMDwKDAAwuv0B6WI0dlWi_5Rl4Lp8i44n1Fs10eCsdYYySy7cl02fMRQxPAmcna0a1n9r8ysDH3ttayF8RUegajAz7LvkFktw0kY0Gat-_QMuWA","scope":"alert:read appsec-alert:read audit:read blocked-ip:read bot-mitigation:read certificate:write company:write masquerade:other mitigation:read network-config:read policy:bot-signatures policy:signatures policy:write proxy:write reports:read reports:write sso:write unified-alerts:read unified-events:read user:read user:write waf-mitigation:read","expires_in":86400,"token_type":"Bearer"}
Formatting your API Request
The GraphQL API has a single endpoint.
Requires:
- Bearer Token (see Authentication)
- Query object
curl -L -X POST 'https://api.appsecportal.com/query' \
-H 'Authorization: Bearer <TOKEN>' \
-H 'Content-Type: application/json' \
--data-raw '{"query": <QUERY> }'
Example Request with Authentication:
curl -L -X POST 'https://api.appsecportal.com/query' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlFUTXdSVVF4UVVJMU9ESTFNVVJHUWtJeU16STRSRGM1UmpWR016TkZPRU5DTmpVMVFrWkNSQSJ9.eyJodHRwczovL2FwaS5hcHBzZWNwb3J0YWwuY29tL25zciI6eyJkbm0iOiJTUF9VV0FGVEVTVCIsInVpZCI6ImF1dGgwfDVmNDU1ZmU2ODJkMGNjMDA2ZGNjZmNlOSIsInNubSI6InV3YWZ0ZXN0IiwidGt5IjoiIn0sImlzcyI6Imh0dHBzOi8vbmV1c3RhcnNlY3VyaXR5LmF1dGgwLmNvbS8iLCJzdWIiOiJnaU5CQm9QcWE3YjdMTXZ3eWRsZjRSZktBcjNTREhEU0BjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly9hcGkuYXBwc2VjcG9ydGFsLmNvbS8iLCJpYXQiOjE2Nzc3MTE2NjcsImV4cCI6MTY3Nzc5ODA2NywiYXpwIjoiZ2lOQkJvUHFhN2I3TE12d3lkbGY0UmZLQXIzU0RIRFMiLCJzY29wZSI6ImFsZXJ0OnJlYWQgYXBwc2VjLWFsZXJ0OnJlYWQgYXVkaXQ6cmVhZCBibG9ja2VkLWlwOnJlYWQgYm90LW1pdGlnYXRpb246cmVhZCBjZXJ0aWZpY2F0ZTp3cml0ZSBjb21wYW55OndyaXRlIG1hc3F1ZXJhZGU6b3RoZXIgbWl0aWdhdGlvbjpyZWFkIG5ldHdvcmstY29uZmlnOnJlYWQgcG9saWN5OmJvdC1zaWduYXR1cmVzIHBvbGljeTpzaWduYXR1cmVzIHBvbGljeTp3cml0ZSBwcm94eTp3cml0ZSByZXBvcnRzOnJlYWQgcmVwb3J0czp3cml0ZSBzc286d3JpdGUgdW5pZmllZC1hbGVydHM6cmVhZCB1bmlmaWVkLWV2ZW50czpyZWFkIHVzZXI6cmVhZCB1c2VyOndyaXRlIHdhZi1taXRpZ2F0aW9uOnJlYWQiLCJndHkiOiJjbGllbnQtY3JlZGVudGlhbHMiLCJwZXJtaXNzaW9ucyI6WyJhbGVydDpyZWFkIiwiYXBwc2VjLWFsZXJ0OnJlYWQiLCJhdWRpdDpyZWFkIiwiYmxvY2tlZC1pcDpyZWFkIiwiYm90LW1pdGlnYXRpb246cmVhZCIsImNlcnRpZmljYXRlOndyaXRlIiwiY29tcGFueTp3cml0ZSIsIm1hc3F1ZXJhZGU6b3RoZXIiLCJtaXRpZ2F0aW9uOnJlYWQiLCJuZXR3b3JrLWNvbmZpZzpyZWFkIiwicG9saWN5OmJvdC1zaWduYXR1cmVzIiwicG9saWN5OnNpZ25hdHVyZXMiLCJwb2xpY3k6d3JpdGUiLCJwcm94eTp3cml0ZSIsInJlcG9ydHM6cmVhZCIsInJlcG9ydHM6d3JpdGUiLCJzc286d3JpdGUiLCJ1bmlmaWVkLWFsZXJ0czpyZWFkIiwidW5pZmllZC1ldmVudHM6cmVhZCIsInVzZXI6cmVhZCIsInVzZXI6d3JpdGUiLCJ3YWYtbWl0aWdhdGlvbjpyZWFkIl19.TOaT7k8GYEiTYEta8hfjA66RJdXuT_LEJl8IbQ9l_8v6z8kwhs8hRwBVpUM8YEirAxZTIYfiQ74bomXwJpWg1sTKtcuqgm33zoaP27xcR0w_k9IlFy-0odEWR0ySnFvB4bR4xPtTGms9DKe27yNU1V8BzjyZmqRthU8hHAxESaGkCnZzKWdz4KkTzJzwKE2L2amImn0CI3uKUFZp1AOa63EXPLZ0UB92KF3Rqa6FLtxHYmTtNMx1aykeIti3ycGOGfRE81aVM0gUE3bOas16iKICNGAg8rhlqq2H3wfribrV32n0jGu0mmKSIMj4T4ds5P5AMfH2Ct2y-H5OEdzfTg' \
-H 'Content-Type: application/json' \
--data-raw '{"query":"{company(filter:{dName: \"SP_UWAFTEST\"}){dName}}"}'
Example Response:
{"data":{"company":{"dName":"SP_UWAFTEST"}}}
Query Examples
Company Notifications Configuration
User Notifications Configuration
Shared Host Detection Settings
| Name | Request Example |
Company Filter |
Filter by Customer Reseller's Data |
Events |
|
Violation Logs |
|
Proxy Plus Proxies |
|
Proxy Plus Policies |
|
Proxy Plus Services |
|
Proxy Plus Certificates |
|
Proxies |
|
Policies |
|
Audit Logs |
|
Alerts |
|
Blocked IP Logs |
|
Company Notifications Configuration |
|
User Notifications Configuration |
|
Notifications |
|
Shared Host Detection Settings |
|
DDoS Filter Lists |
|
Queries
baseBotSignatures
Description
A paginated list of available bot signatures.
Response
Returns a BotSignaturesWithPagination
Arguments
| Name | Description |
|---|---|
page - UnsignedInt32!
|
The page number to fetch results for. Default = 1 |
perPage - UnsignedInt32!
|
The maximum number of results to show per page. Default = 1000 |
filter - BotSignatureFilterInput
|
Reduce the returned list to specific items. |
sortBy - [BotSignatureSortBy!]
|
Sort the results. |
Example
Query
query baseBotSignatures(
$page: UnsignedInt32!,
$perPage: UnsignedInt32!,
$filter: BotSignatureFilterInput,
$sortBy: [BotSignatureSortBy!]
) {
baseBotSignatures(
page: $page,
perPage: $perPage,
filter: $filter,
sortBy: $sortBy
) {
results {
...BaseBotSignatureFragment
}
pageInfo {
...PaginationFragment
}
version {
...BotSignaturesVersionFragment
}
}
}
Variables
{
"page": 1,
"perPage": 1000,
"filter": BotSignatureFilterInput,
"sortBy": [BotSignatureSortBy]
}
Response
{
"data": {
"baseBotSignatures": {
"results": [BaseBotSignature],
"pageInfo": Pagination,
"version": BotSignaturesVersion
}
}
}
baseWAFSignatures
Description
A paginated list of available WAF signatures.
Response
Returns an BaseWAFSignaturesResponse
Arguments
| Name | Description |
|---|---|
page - UnsignedInt32!
|
The page number to fetch results for. Default = 1 |
perPage - UnsignedInt32!
|
The maximum number of results to show per page. Default = 1000 |
filter - WAFSignatureFilterInput
|
Reduce the returned list to specific items. |
sortBy - [BaseWAFSignatureSortBy!]
|
Sort the results. |
Example
Query
query baseWAFSignatures(
$page: UnsignedInt32!,
$perPage: UnsignedInt32!,
$filter: WAFSignatureFilterInput,
$sortBy: [BaseWAFSignatureSortBy!]
) {
baseWAFSignatures(
page: $page,
perPage: $perPage,
filter: $filter,
sortBy: $sortBy
) {
lastCheckedTime
signatures {
...BaseWAFSignaturesWithPaginationFragment
}
}
}
Variables
{
"page": 1,
"perPage": 1000,
"filter": WAFSignatureFilterInput,
"sortBy": [BaseWAFSignatureSortBy]
}
Response
{
"data": {
"baseWAFSignatures": {
"lastCheckedTime": "10:15:30Z",
"signatures": BaseWAFSignaturesWithPagination
}
}
}
company
Description
Query a company's information.
Response
Returns a Company
Arguments
| Name | Description |
|---|---|
filter - CompanyFilterInput
|
Example
Query
query company($filter: CompanyFilterInput) {
company(filter: $filter) {
dName
wafAnalytics {
...WAFAnalyticsResponseFragment
}
responderAnalytics {
...ResponderAnalyticsResponseFragment
}
botAnalytics {
...BotAnalyticsResponseFragment
}
appDataAnalytics {
...AppDataAnalyticsResponseFragment
}
ddosBlockedIPLogs {
...BlockedIPLogsWithPaginationFragment
}
managedObjects {
...ManagedObjectFragment
}
detectionAndAlertingPackage {
...DetectionAndAlertingPackageFragment
}
filterLists {
...FilterListsWithPaginationFragment
}
auditLogTransactions {
...AuditLogTransactionsWithPaginationFragment
}
acls {
...ACLsOutputFragment
}
configurationChanges {
...ConfigurationChangeFragment
}
certificates {
...CertificateFragment
}
oneTimeExecutiveReportConfigurations {
...OneTimeExecutiveReportConfigurationsWithPaginationFragment
}
executiveReports {
...ExecutiveReportsWithPaginationFragment
}
recurringExecutiveReportConfigurations {
...RecurringExecutiveReportConfigurationsWithPaginationFragment
}
legacyProxies {
...LegacyProxyFragment
}
destinationIPs
tunnels {
...TunnelFragment
}
bgpPackage {
...BGPPackageFragment
}
notificationConfigurations {
...NotificationConfigurationsWithPaginationFragment
}
notificationRecords {
...NotificationRecordsWithPaginationFragment
}
policies {
...PolicyFragment
}
proxyPlusPolicies {
...ProxyPlusPolicyFragment
}
proxyPlusProxies {
...ProxyPlusProxyFragment
}
proxyPlusServices {
...ProxyPlusServiceFragment
}
proxyPlusCertificates {
...ProxyPlusCertificateFragment
}
proxyPlusProvisioningStatus {
...ProxyPlusProvisioningStatusFragment
}
proxies {
...ProxyFragment
}
userPurgeList {
...UserLoginIDWithPaginationFragment
}
traffic {
...TrafficOutputFragment
}
status {
...StatusOutputFragment
}
alerts {
...AlertsWithPaginationFragment
}
event {
...EventFragment
}
events {
...EventsWithPaginationFragment
}
id
createdAt
updatedAt
enabled
deleted
details {
...CompanyDetailsFragment
}
accountID
shortname
reseller {
...CompanyFragment
}
customers {
...CompanyFragment
}
allCustomers {
...CompaniesWithPaginationFragment
}
users {
...UsersWithPaginationFragment
}
whiteLabel {
...WhiteLabelFragment
}
corporateName
corporateDomain
managementDomain
serviceProvider
proxyPackage {
...ProxyPackageFragment
}
apiPackage {
...APIAccessFragment
}
isReseller
resellProxy
resellBGP
resellDetectionAndAlerting
resellWAF
resellBot
mfaPackage {
...MFAPackageFragment
}
accountManagerEmail
accountManagerName
technicalEmail
technicalFirstName
technicalJobTitle
technicalLastName
technicalMobile
technicalPhone
formerlyKnownAs
accountInfo {
...AccountInfoFragment
}
ssoPackage {
...SSOPackageFragment
}
runBook {
...RunBookFragment
}
proxyPlusPackage {
...ProxyPlusPackageFragment
}
portalInactivityTimeout
}
}
Variables
{"filter": CompanyFilterInput}
Response
{
"data": {
"company": {
"dName": "xyz789",
"wafAnalytics": WAFAnalyticsResponse,
"responderAnalytics": ResponderAnalyticsResponse,
"botAnalytics": BotAnalyticsResponse,
"appDataAnalytics": [AppDataAnalyticsResponse],
"ddosBlockedIPLogs": BlockedIPLogsWithPagination,
"managedObjects": [ManagedObject],
"detectionAndAlertingPackage": DetectionAndAlertingPackage,
"filterLists": FilterListsWithPagination,
"auditLogTransactions": AuditLogTransactionsWithPagination,
"acls": ACLsOutput,
"configurationChanges": [ConfigurationChange],
"certificates": [Certificate],
"oneTimeExecutiveReportConfigurations": OneTimeExecutiveReportConfigurationsWithPagination,
"executiveReports": ExecutiveReportsWithPagination,
"recurringExecutiveReportConfigurations": RecurringExecutiveReportConfigurationsWithPagination,
"legacyProxies": [LegacyProxy],
"destinationIPs": [CIDR],
"tunnels": [Tunnel],
"bgpPackage": BGPPackage,
"notificationConfigurations": NotificationConfigurationsWithPagination,
"notificationRecords": NotificationRecordsWithPagination,
"policies": [Policy],
"proxyPlusPolicies": [ProxyPlusPolicy],
"proxyPlusProxies": [ProxyPlusProxy],
"proxyPlusServices": [ProxyPlusService],
"proxyPlusCertificates": [ProxyPlusCertificate],
"proxyPlusProvisioningStatus": ProxyPlusProvisioningStatus,
"proxies": [Proxy],
"userPurgeList": UserLoginIDWithPagination,
"traffic": TrafficOutput,
"status": StatusOutput,
"alerts": AlertsWithPagination,
"event": Event,
"events": EventsWithPagination,
"id": "abc123",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"enabled": true,
"deleted": false,
"details": CompanyDetails,
"accountID": "abc123",
"shortname": "xyz789",
"reseller": Company,
"customers": [Company],
"allCustomers": CompaniesWithPagination,
"users": UsersWithPagination,
"whiteLabel": WhiteLabel,
"corporateName": "abc123",
"corporateDomain": "abc123",
"managementDomain": "abc123",
"serviceProvider": "abc123",
"proxyPackage": ProxyPackage,
"apiPackage": APIAccess,
"isReseller": false,
"resellProxy": false,
"resellBGP": false,
"resellDetectionAndAlerting": true,
"resellWAF": true,
"resellBot": false,
"mfaPackage": MFAPackage,
"accountManagerEmail": "xyz789",
"accountManagerName": "abc123",
"technicalEmail": "abc123",
"technicalFirstName": "abc123",
"technicalJobTitle": "abc123",
"technicalLastName": "abc123",
"technicalMobile": "xyz789",
"technicalPhone": "abc123",
"formerlyKnownAs": "abc123",
"accountInfo": AccountInfo,
"ssoPackage": SSOPackage,
"runBook": RunBook,
"proxyPlusPackage": ProxyPlusPackage,
"portalInactivityTimeout": UnsignedInt32
}
}
}
configurationChangesLock
Description
Get status of config changes lock.
Response
Returns a ConfigurationChangesLockResponse
Example
Query
query configurationChangesLock {
configurationChangesLock {
timestamp
status
}
}
Response
{
"data": {
"configurationChangesLock": {
"timestamp": "10:15:30Z",
"status": "UNKNOWN"
}
}
}
ipInfo
Description
Get IP reputation data for a given IP address.
Response
Returns an IPInfo
Arguments
| Name | Description |
|---|---|
address - IPAddressInput!
|
Example
Query
query ipInfo($address: IPAddressInput!) {
ipInfo(address: $address) {
address {
...IPAddressFragment
}
location {
...GeoLocationFragment
}
network {
...IPNetworkFragment
}
reputation {
...IPReputationFragment
}
}
}
Variables
{"address": IPAddressInput}
Response
{
"data": {
"ipInfo": {
"address": IPAddress,
"location": GeoLocation,
"network": IPNetwork,
"reputation": IPReputation
}
}
}
isCustomer
Description
Query whether a specified company is a customer of the specified reseller.
Example
Query
query isCustomer(
$reseller: String!,
$customer: String!
) {
isCustomer(
reseller: $reseller,
customer: $customer
)
}
Variables
{
"reseller": "xyz789",
"customer": "xyz789"
}
Response
{"data": {"isCustomer": false}}
isUserOnlySSO
Description
Query whether a specified email address only has SSO user accounts.
networkNodes
Response
Returns [NetworkNode!]
Arguments
| Name | Description |
|---|---|
filter - NetworkNodeFilterInput
|
Example
Query
query networkNodes($filter: NetworkNodeFilterInput) {
networkNodes(filter: $filter) {
iataCode
description
}
}
Variables
{"filter": NetworkNodeFilterInput}
Response
{
"data": {
"networkNodes": [
{
"iataCode": "abc123",
"description": "xyz789"
}
]
}
}
notificationsWhiteLabel
Description
Query a company's whitelabel info for notifications.
Response
Returns a NotificationsWhiteLabel
Arguments
| Name | Description |
|---|---|
filter - CompanyFilterInput!
|
Example
Query
query notificationsWhiteLabel($filter: CompanyFilterInput!) {
notificationsWhiteLabel(filter: $filter) {
whiteLabel {
...WhiteLabelFragment
}
managementDomain
}
}
Variables
{"filter": CompanyFilterInput}
Response
{
"data": {
"notificationsWhiteLabel": {
"whiteLabel": WhiteLabel,
"managementDomain": "xyz789"
}
}
}
policyChanges
Description
A list of all policies bound to a proxy changed from UTC time (since) to UTC time (asOf).
Response
Returns [Company!]
Example
Query
query policyChanges(
$since: Time!,
$asOf: Time
) {
policyChanges(
since: $since,
asOf: $asOf
) {
dName
wafAnalytics {
...WAFAnalyticsResponseFragment
}
responderAnalytics {
...ResponderAnalyticsResponseFragment
}
botAnalytics {
...BotAnalyticsResponseFragment
}
appDataAnalytics {
...AppDataAnalyticsResponseFragment
}
ddosBlockedIPLogs {
...BlockedIPLogsWithPaginationFragment
}
managedObjects {
...ManagedObjectFragment
}
detectionAndAlertingPackage {
...DetectionAndAlertingPackageFragment
}
filterLists {
...FilterListsWithPaginationFragment
}
auditLogTransactions {
...AuditLogTransactionsWithPaginationFragment
}
acls {
...ACLsOutputFragment
}
configurationChanges {
...ConfigurationChangeFragment
}
certificates {
...CertificateFragment
}
oneTimeExecutiveReportConfigurations {
...OneTimeExecutiveReportConfigurationsWithPaginationFragment
}
executiveReports {
...ExecutiveReportsWithPaginationFragment
}
recurringExecutiveReportConfigurations {
...RecurringExecutiveReportConfigurationsWithPaginationFragment
}
legacyProxies {
...LegacyProxyFragment
}
destinationIPs
tunnels {
...TunnelFragment
}
bgpPackage {
...BGPPackageFragment
}
notificationConfigurations {
...NotificationConfigurationsWithPaginationFragment
}
notificationRecords {
...NotificationRecordsWithPaginationFragment
}
policies {
...PolicyFragment
}
proxyPlusPolicies {
...ProxyPlusPolicyFragment
}
proxyPlusProxies {
...ProxyPlusProxyFragment
}
proxyPlusServices {
...ProxyPlusServiceFragment
}
proxyPlusCertificates {
...ProxyPlusCertificateFragment
}
proxyPlusProvisioningStatus {
...ProxyPlusProvisioningStatusFragment
}
proxies {
...ProxyFragment
}
userPurgeList {
...UserLoginIDWithPaginationFragment
}
traffic {
...TrafficOutputFragment
}
status {
...StatusOutputFragment
}
alerts {
...AlertsWithPaginationFragment
}
event {
...EventFragment
}
events {
...EventsWithPaginationFragment
}
id
createdAt
updatedAt
enabled
deleted
details {
...CompanyDetailsFragment
}
accountID
shortname
reseller {
...CompanyFragment
}
customers {
...CompanyFragment
}
allCustomers {
...CompaniesWithPaginationFragment
}
users {
...UsersWithPaginationFragment
}
whiteLabel {
...WhiteLabelFragment
}
corporateName
corporateDomain
managementDomain
serviceProvider
proxyPackage {
...ProxyPackageFragment
}
apiPackage {
...APIAccessFragment
}
isReseller
resellProxy
resellBGP
resellDetectionAndAlerting
resellWAF
resellBot
mfaPackage {
...MFAPackageFragment
}
accountManagerEmail
accountManagerName
technicalEmail
technicalFirstName
technicalJobTitle
technicalLastName
technicalMobile
technicalPhone
formerlyKnownAs
accountInfo {
...AccountInfoFragment
}
ssoPackage {
...SSOPackageFragment
}
runBook {
...RunBookFragment
}
proxyPlusPackage {
...ProxyPlusPackageFragment
}
portalInactivityTimeout
}
}
Variables
{
"since": "10:15:30Z",
"asOf": "10:15:30Z"
}
Response
{
"data": {
"policyChanges": [
{
"dName": "xyz789",
"wafAnalytics": WAFAnalyticsResponse,
"responderAnalytics": ResponderAnalyticsResponse,
"botAnalytics": BotAnalyticsResponse,
"appDataAnalytics": [AppDataAnalyticsResponse],
"ddosBlockedIPLogs": BlockedIPLogsWithPagination,
"managedObjects": [ManagedObject],
"detectionAndAlertingPackage": DetectionAndAlertingPackage,
"filterLists": FilterListsWithPagination,
"auditLogTransactions": AuditLogTransactionsWithPagination,
"acls": ACLsOutput,
"configurationChanges": [ConfigurationChange],
"certificates": [Certificate],
"oneTimeExecutiveReportConfigurations": OneTimeExecutiveReportConfigurationsWithPagination,
"executiveReports": ExecutiveReportsWithPagination,
"recurringExecutiveReportConfigurations": RecurringExecutiveReportConfigurationsWithPagination,
"legacyProxies": [LegacyProxy],
"destinationIPs": [CIDR],
"tunnels": [Tunnel],
"bgpPackage": BGPPackage,
"notificationConfigurations": NotificationConfigurationsWithPagination,
"notificationRecords": NotificationRecordsWithPagination,
"policies": [Policy],
"proxyPlusPolicies": [ProxyPlusPolicy],
"proxyPlusProxies": [ProxyPlusProxy],
"proxyPlusServices": [ProxyPlusService],
"proxyPlusCertificates": [ProxyPlusCertificate],
"proxyPlusProvisioningStatus": ProxyPlusProvisioningStatus,
"proxies": [Proxy],
"userPurgeList": UserLoginIDWithPagination,
"traffic": TrafficOutput,
"status": StatusOutput,
"alerts": AlertsWithPagination,
"event": Event,
"events": EventsWithPagination,
"id": "xyz789",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"enabled": false,
"deleted": true,
"details": CompanyDetails,
"accountID": "abc123",
"shortname": "xyz789",
"reseller": Company,
"customers": [Company],
"allCustomers": CompaniesWithPagination,
"users": UsersWithPagination,
"whiteLabel": WhiteLabel,
"corporateName": "abc123",
"corporateDomain": "abc123",
"managementDomain": "xyz789",
"serviceProvider": "xyz789",
"proxyPackage": ProxyPackage,
"apiPackage": APIAccess,
"isReseller": false,
"resellProxy": false,
"resellBGP": true,
"resellDetectionAndAlerting": false,
"resellWAF": false,
"resellBot": false,
"mfaPackage": MFAPackage,
"accountManagerEmail": "abc123",
"accountManagerName": "xyz789",
"technicalEmail": "abc123",
"technicalFirstName": "abc123",
"technicalJobTitle": "abc123",
"technicalLastName": "abc123",
"technicalMobile": "xyz789",
"technicalPhone": "abc123",
"formerlyKnownAs": "xyz789",
"accountInfo": AccountInfo,
"ssoPackage": SSOPackage,
"runBook": RunBook,
"proxyPlusPackage": ProxyPlusPackage,
"portalInactivityTimeout": UnsignedInt32
}
]
}
}
proxyChanges
Description
Get a list of all proxies changed from UTC time ($since) to UTC time ($asOf).
Response
Returns [Company!]
Example
Query
query proxyChanges(
$since: Time!,
$asOf: Time
) {
proxyChanges(
since: $since,
asOf: $asOf
) {
dName
wafAnalytics {
...WAFAnalyticsResponseFragment
}
responderAnalytics {
...ResponderAnalyticsResponseFragment
}
botAnalytics {
...BotAnalyticsResponseFragment
}
appDataAnalytics {
...AppDataAnalyticsResponseFragment
}
ddosBlockedIPLogs {
...BlockedIPLogsWithPaginationFragment
}
managedObjects {
...ManagedObjectFragment
}
detectionAndAlertingPackage {
...DetectionAndAlertingPackageFragment
}
filterLists {
...FilterListsWithPaginationFragment
}
auditLogTransactions {
...AuditLogTransactionsWithPaginationFragment
}
acls {
...ACLsOutputFragment
}
configurationChanges {
...ConfigurationChangeFragment
}
certificates {
...CertificateFragment
}
oneTimeExecutiveReportConfigurations {
...OneTimeExecutiveReportConfigurationsWithPaginationFragment
}
executiveReports {
...ExecutiveReportsWithPaginationFragment
}
recurringExecutiveReportConfigurations {
...RecurringExecutiveReportConfigurationsWithPaginationFragment
}
legacyProxies {
...LegacyProxyFragment
}
destinationIPs
tunnels {
...TunnelFragment
}
bgpPackage {
...BGPPackageFragment
}
notificationConfigurations {
...NotificationConfigurationsWithPaginationFragment
}
notificationRecords {
...NotificationRecordsWithPaginationFragment
}
policies {
...PolicyFragment
}
proxyPlusPolicies {
...ProxyPlusPolicyFragment
}
proxyPlusProxies {
...ProxyPlusProxyFragment
}
proxyPlusServices {
...ProxyPlusServiceFragment
}
proxyPlusCertificates {
...ProxyPlusCertificateFragment
}
proxyPlusProvisioningStatus {
...ProxyPlusProvisioningStatusFragment
}
proxies {
...ProxyFragment
}
userPurgeList {
...UserLoginIDWithPaginationFragment
}
traffic {
...TrafficOutputFragment
}
status {
...StatusOutputFragment
}
alerts {
...AlertsWithPaginationFragment
}
event {
...EventFragment
}
events {
...EventsWithPaginationFragment
}
id
createdAt
updatedAt
enabled
deleted
details {
...CompanyDetailsFragment
}
accountID
shortname
reseller {
...CompanyFragment
}
customers {
...CompanyFragment
}
allCustomers {
...CompaniesWithPaginationFragment
}
users {
...UsersWithPaginationFragment
}
whiteLabel {
...WhiteLabelFragment
}
corporateName
corporateDomain
managementDomain
serviceProvider
proxyPackage {
...ProxyPackageFragment
}
apiPackage {
...APIAccessFragment
}
isReseller
resellProxy
resellBGP
resellDetectionAndAlerting
resellWAF
resellBot
mfaPackage {
...MFAPackageFragment
}
accountManagerEmail
accountManagerName
technicalEmail
technicalFirstName
technicalJobTitle
technicalLastName
technicalMobile
technicalPhone
formerlyKnownAs
accountInfo {
...AccountInfoFragment
}
ssoPackage {
...SSOPackageFragment
}
runBook {
...RunBookFragment
}
proxyPlusPackage {
...ProxyPlusPackageFragment
}
portalInactivityTimeout
}
}
Variables
{
"since": "10:15:30Z",
"asOf": "10:15:30Z"
}
Response
{
"data": {
"proxyChanges": [
{
"dName": "xyz789",
"wafAnalytics": WAFAnalyticsResponse,
"responderAnalytics": ResponderAnalyticsResponse,
"botAnalytics": BotAnalyticsResponse,
"appDataAnalytics": [AppDataAnalyticsResponse],
"ddosBlockedIPLogs": BlockedIPLogsWithPagination,
"managedObjects": [ManagedObject],
"detectionAndAlertingPackage": DetectionAndAlertingPackage,
"filterLists": FilterListsWithPagination,
"auditLogTransactions": AuditLogTransactionsWithPagination,
"acls": ACLsOutput,
"configurationChanges": [ConfigurationChange],
"certificates": [Certificate],
"oneTimeExecutiveReportConfigurations": OneTimeExecutiveReportConfigurationsWithPagination,
"executiveReports": ExecutiveReportsWithPagination,
"recurringExecutiveReportConfigurations": RecurringExecutiveReportConfigurationsWithPagination,
"legacyProxies": [LegacyProxy],
"destinationIPs": [CIDR],
"tunnels": [Tunnel],
"bgpPackage": BGPPackage,
"notificationConfigurations": NotificationConfigurationsWithPagination,
"notificationRecords": NotificationRecordsWithPagination,
"policies": [Policy],
"proxyPlusPolicies": [ProxyPlusPolicy],
"proxyPlusProxies": [ProxyPlusProxy],
"proxyPlusServices": [ProxyPlusService],
"proxyPlusCertificates": [ProxyPlusCertificate],
"proxyPlusProvisioningStatus": ProxyPlusProvisioningStatus,
"proxies": [Proxy],
"userPurgeList": UserLoginIDWithPagination,
"traffic": TrafficOutput,
"status": StatusOutput,
"alerts": AlertsWithPagination,
"event": Event,
"events": EventsWithPagination,
"id": "abc123",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"enabled": true,
"deleted": true,
"details": CompanyDetails,
"accountID": "abc123",
"shortname": "xyz789",
"reseller": Company,
"customers": [Company],
"allCustomers": CompaniesWithPagination,
"users": UsersWithPagination,
"whiteLabel": WhiteLabel,
"corporateName": "xyz789",
"corporateDomain": "abc123",
"managementDomain": "xyz789",
"serviceProvider": "abc123",
"proxyPackage": ProxyPackage,
"apiPackage": APIAccess,
"isReseller": false,
"resellProxy": false,
"resellBGP": false,
"resellDetectionAndAlerting": true,
"resellWAF": true,
"resellBot": true,
"mfaPackage": MFAPackage,
"accountManagerEmail": "xyz789",
"accountManagerName": "xyz789",
"technicalEmail": "xyz789",
"technicalFirstName": "abc123",
"technicalJobTitle": "xyz789",
"technicalLastName": "xyz789",
"technicalMobile": "abc123",
"technicalPhone": "abc123",
"formerlyKnownAs": "abc123",
"accountInfo": AccountInfo,
"ssoPackage": SSOPackage,
"runBook": RunBook,
"proxyPlusPackage": ProxyPlusPackage,
"portalInactivityTimeout": UnsignedInt32
}
]
}
}
proxyPlusConfigurationChangesLock
Description
Fetch the Proxy Configuration Changes Lock status.
Response
Example
Query
query proxyPlusConfigurationChangesLock {
proxyPlusConfigurationChangesLock {
timestamp
status
}
}
Response
{
"data": {
"proxyPlusConfigurationChangesLock": {
"timestamp": "10:15:30Z",
"status": "UNKNOWN"
}
}
}
ssoConnection
Description
Query a company's SSO connection name by tenant.
user
Description
Query a user's information.
Response
Returns a User
Arguments
| Name | Description |
|---|---|
filter - UserFilterInput
|
Example
Query
query user($filter: UserFilterInput) {
user(filter: $filter) {
id
notificationConfiguration {
...UserNotificationConfigurationFragment
}
createdAt
updatedAt
company {
...CompanyFragment
}
enabled
email
userName
firstName
lastName
lastLogin
jobTitle
phone
mobile
roles
}
}
Variables
{"filter": UserFilterInput}
Response
{
"data": {
"user": {
"id": "abc123",
"notificationConfiguration": UserNotificationConfiguration,
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"company": Company,
"enabled": true,
"email": "xyz789",
"userName": "abc123",
"firstName": "abc123",
"lastName": "abc123",
"lastLogin": "10:15:30Z",
"jobTitle": "abc123",
"phone": "abc123",
"mobile": "xyz789",
"roles": ["PRIMARY_ADMIN"]
}
}
}
userLogs
Description
Query a user's Auth0 event logs.
Response
Returns [UserLog!]
Arguments
| Name | Description |
|---|---|
filter - UserLogsFilterInput!
|
Example
Query
query userLogs($filter: UserLogsFilterInput!) {
userLogs(filter: $filter) {
date
type
description
ip
userID
logID
}
}
Variables
{"filter": UserLogsFilterInput}
Response
{
"data": {
"userLogs": [
{
"date": "10:15:30Z",
"type": "xyz789",
"description": "xyz789",
"ip": "xyz789",
"userID": "xyz789",
"logID": "abc123"
}
]
}
}
Mutations
assignCertificate
Description
Assign a certificate to a proxy.
Response
Returns an AssignCertificateOutput
Arguments
| Name | Description |
|---|---|
input - AssignCertificateInput!
|
Example
Query
mutation assignCertificate($input: AssignCertificateInput!) {
assignCertificate(input: $input) {
proxy {
...ProxyFragment
}
oldCertificateID
}
}
Variables
{"input": AssignCertificateInput}
Response
{
"data": {
"assignCertificate": {
"proxy": Proxy,
"oldCertificateID": "xyz789"
}
}
}
assignProxyPlusCertificate
Description
Assigning a Proxy Plus Certificate to a Proxy Plus Service.
Response
Returns an AssignProxyPlusCertificateOutput
Arguments
| Name | Description |
|---|---|
input - AssignProxyPlusCertificateInput!
|
Example
Query
mutation assignProxyPlusCertificate($input: AssignProxyPlusCertificateInput!) {
assignProxyPlusCertificate(input: $input) {
service {
...ProxyPlusServiceFragment
}
newAssignedCertificate {
...ProxyPlusCertificateFragment
}
oldCertificateID
}
}
Variables
{"input": AssignProxyPlusCertificateInput}
Response
{
"data": {
"assignProxyPlusCertificate": {
"service": ProxyPlusService,
"newAssignedCertificate": ProxyPlusCertificate,
"oldCertificateID": "abc123"
}
}
}
commitSAMLConnection
Description
Commit a SAML setup.
Response
Returns an SAMLOutput
Arguments
| Name | Description |
|---|---|
input - SAMLInput!
|
Example
Query
mutation commitSAMLConnection($input: SAMLInput!) {
commitSAMLConnection(input: $input) {
config {
...SSOConfigFragment
}
}
}
Variables
{"input": SAMLInput}
Response
{"data": {"commitSAMLConnection": {"config": SSOConfig}}}
createCertificate
Response
Returns a CreateCertificateOutput!
Arguments
| Name | Description |
|---|---|
input - CreateCertificateInput!
|
Example
Query
mutation createCertificate($input: CreateCertificateInput!) {
createCertificate(input: $input) {
certificate {
...CertificateFragment
}
}
}
Variables
{"input": CreateCertificateInput}
Response
{
"data": {
"createCertificate": {"certificate": Certificate}
}
}
createCompanyNotificationConfiguration
Description
Create a company notification configuration.
Response
Arguments
| Name | Description |
|---|---|
input - CreateCompanyNotificationConfigurationInput!
|
Example
Query
mutation createCompanyNotificationConfiguration($input: CreateCompanyNotificationConfigurationInput!) {
createCompanyNotificationConfiguration(input: $input) {
configuration {
...CompanyNotificationConfigurationFragment
}
}
}
Variables
{"input": CreateCompanyNotificationConfigurationInput}
Response
{
"data": {
"createCompanyNotificationConfiguration": {
"configuration": CompanyNotificationConfiguration
}
}
}
createDraftACL
Description
Create Draft ACL.
Response
Returns a CreateDraftACLOutput
Arguments
| Name | Description |
|---|---|
input - CreateDraftACLInput!
|
Example
Query
mutation createDraftACL($input: CreateDraftACLInput!) {
createDraftACL(input: $input) {
companyDName
id
}
}
Variables
{"input": CreateDraftACLInput}
Response
{
"data": {
"createDraftACL": {
"companyDName": "abc123",
"id": "xyz789"
}
}
}
createOneTimeExecutiveReportConfiguration
Description
Creates a one time report generation configuration.
Response
Arguments
| Name | Description |
|---|---|
input - CreateOneTimeExecutiveReportConfigurationInput
|
Example
Query
mutation createOneTimeExecutiveReportConfiguration($input: CreateOneTimeExecutiveReportConfigurationInput) {
createOneTimeExecutiveReportConfiguration(input: $input) {
configuration {
...OneTimeExecutiveReportConfigurationFragment
}
}
}
Variables
{"input": CreateOneTimeExecutiveReportConfigurationInput}
Response
{
"data": {
"createOneTimeExecutiveReportConfiguration": {
"configuration": OneTimeExecutiveReportConfiguration
}
}
}
createPolicy
Description
Create a policy.
Response
Returns a CreatePolicyOutput
Arguments
| Name | Description |
|---|---|
input - CreatePolicyInput!
|
Example
Query
mutation createPolicy($input: CreatePolicyInput!) {
createPolicy(input: $input) {
policy {
...PolicyFragment
}
}
}
Variables
{"input": CreatePolicyInput}
Response
{"data": {"createPolicy": {"policy": Policy}}}
createProxy
Description
Create a proxy.
Response
Returns a CreateProxyOutput
Arguments
| Name | Description |
|---|---|
input - CreateProxyInput!
|
Example
Query
mutation createProxy($input: CreateProxyInput!) {
createProxy(input: $input) {
proxy {
...ProxyFragment
}
}
}
Variables
{"input": CreateProxyInput}
Response
{"data": {"createProxy": {"proxy": Proxy}}}
createProxyPlusCertificate
Description
Create Proxy Plus Certificate.
Response
Returns a CreateProxyPlusCertificateOutput
Arguments
| Name | Description |
|---|---|
input - CreateProxyPlusCertificateInput!
|
Example
Query
mutation createProxyPlusCertificate($input: CreateProxyPlusCertificateInput!) {
createProxyPlusCertificate(input: $input) {
certificate {
...ProxyPlusCertificateFragment
}
}
}
Variables
{"input": CreateProxyPlusCertificateInput}
Response
{
"data": {
"createProxyPlusCertificate": {
"certificate": ProxyPlusCertificate
}
}
}
createProxyPlusPolicy
Description
Create Proxy Plus Policy.
Response
Returns a CreateProxyPlusPolicyOutput
Arguments
| Name | Description |
|---|---|
input - CreateProxyPlusPolicyInput!
|
Example
Query
mutation createProxyPlusPolicy($input: CreateProxyPlusPolicyInput!) {
createProxyPlusPolicy(input: $input) {
policy {
...ProxyPlusPolicyFragment
}
}
}
Variables
{"input": CreateProxyPlusPolicyInput}
Response
{
"data": {
"createProxyPlusPolicy": {"policy": ProxyPlusPolicy}
}
}
createProxyPlusProxy
Description
Create Proxy Plus Proxy.
Response
Returns a CreateProxyPlusProxyOutput
Arguments
| Name | Description |
|---|---|
input - CreateProxyPlusProxyInput!
|
Example
Query
mutation createProxyPlusProxy($input: CreateProxyPlusProxyInput!) {
createProxyPlusProxy(input: $input) {
proxy {
...ProxyPlusProxyFragment
}
}
}
Variables
{"input": CreateProxyPlusProxyInput}
Response
{
"data": {
"createProxyPlusProxy": {"proxy": ProxyPlusProxy}
}
}
createProxyPlusService
Description
Create Proxy Plus Service.
Response
Returns a CreateProxyPlusServiceOutput
Arguments
| Name | Description |
|---|---|
input - CreateProxyPlusServiceInput!
|
Example
Query
mutation createProxyPlusService($input: CreateProxyPlusServiceInput!) {
createProxyPlusService(input: $input) {
service {
...ProxyPlusServiceFragment
}
}
}
Variables
{"input": CreateProxyPlusServiceInput}
Response
{
"data": {
"createProxyPlusService": {
"service": ProxyPlusService
}
}
}
createRecurringExecutiveReportConfiguration
Description
Creates a recurring report generation configuration.
Response
Returns a CreateRecurringExecutiveReportConfigurationOutput!
Arguments
| Name | Description |
|---|---|
input - CreateRecurringExecutiveReportConfigurationInput
|
Example
Query
mutation createRecurringExecutiveReportConfiguration($input: CreateRecurringExecutiveReportConfigurationInput) {
createRecurringExecutiveReportConfiguration(input: $input) {
configuration {
...RecurringExecutiveReportConfigurationFragment
}
}
}
Variables
{
"input": CreateRecurringExecutiveReportConfigurationInput
}
Response
{
"data": {
"createRecurringExecutiveReportConfiguration": {
"configuration": RecurringExecutiveReportConfiguration
}
}
}
createSAMLConnection
Description
Create a SAML connection.
Response
Returns an SAMLOutput
Arguments
| Name | Description |
|---|---|
input - CreateSAMLInput!
|
Example
Query
mutation createSAMLConnection($input: CreateSAMLInput!) {
createSAMLConnection(input: $input) {
config {
...SSOConfigFragment
}
}
}
Variables
{"input": CreateSAMLInput}
Response
{"data": {"createSAMLConnection": {"config": SSOConfig}}}
createUser
Description
Create a user.
Response
Returns a CreateUserOutput
Arguments
| Name | Description |
|---|---|
input - CreateUserInput!
|
Example
Query
mutation createUser($input: CreateUserInput!) {
createUser(input: $input) {
user {
...UserFragment
}
}
}
Variables
{"input": CreateUserInput}
Response
{"data": {"createUser": {"user": User}}}
createUserNotificationConfiguration
Description
Create a user notification configuration.
Response
Arguments
| Name | Description |
|---|---|
input - CreateUserNotificationConfigurationInput!
|
Example
Query
mutation createUserNotificationConfiguration($input: CreateUserNotificationConfigurationInput!) {
createUserNotificationConfiguration(input: $input) {
configuration {
...UserNotificationConfigurationFragment
}
}
}
Variables
{"input": CreateUserNotificationConfigurationInput}
Response
{
"data": {
"createUserNotificationConfiguration": {
"configuration": UserNotificationConfiguration
}
}
}
deleteCandidateACL
Description
Delete a Candidate ACL.
Response
Returns a DeleteCandidateACLOutput
Arguments
| Name | Description |
|---|---|
input - DeleteCandidateACLInput!
|
Example
Query
mutation deleteCandidateACL($input: DeleteCandidateACLInput!) {
deleteCandidateACL(input: $input) {
companyDName
}
}
Variables
{"input": DeleteCandidateACLInput}
Response
{
"data": {
"deleteCandidateACL": {
"companyDName": "xyz789"
}
}
}
deleteCertificate
Response
Returns a DeleteCertificateOutput!
Arguments
| Name | Description |
|---|---|
input - DeleteCertificateInput!
|
Example
Query
mutation deleteCertificate($input: DeleteCertificateInput!) {
deleteCertificate(input: $input) {
deletedCertificateID
}
}
Variables
{"input": DeleteCertificateInput}
Response
{
"data": {
"deleteCertificate": {
"deletedCertificateID": "xyz789"
}
}
}
deleteCompanyUsers
Description
Delete users for a company.
Response
Returns a DeleteCompanyUsersOutput
Arguments
| Name | Description |
|---|---|
input - DeleteCompanyUsersInput!
|
Example
Query
mutation deleteCompanyUsers($input: DeleteCompanyUsersInput!) {
deleteCompanyUsers(input: $input) {
deletedUsers {
...UserFragment
}
}
}
Variables
{"input": DeleteCompanyUsersInput}
Response
{"data": {"deleteCompanyUsers": {"deletedUsers": [User]}}}
deleteDraftACL
Description
Delete a Draft ACL.
Response
Returns a DeleteDraftACLOutput
Arguments
| Name | Description |
|---|---|
input - DeleteDraftACLInput!
|
Example
Query
mutation deleteDraftACL($input: DeleteDraftACLInput!) {
deleteDraftACL(input: $input) {
companyDName
}
}
Variables
{"input": DeleteDraftACLInput}
Response
{
"data": {
"deleteDraftACL": {
"companyDName": "abc123"
}
}
}
deleteExecutiveReport
Description
Deletes a report based on name or ID. - check other delete mutations and follow pattern. Add a date range for delete, so create new filter type with these params.
Response
Returns a DeleteExecutiveReportOutput!
Arguments
| Name | Description |
|---|---|
input - DeleteExecutiveReportInput
|
Example
Query
mutation deleteExecutiveReport($input: DeleteExecutiveReportInput) {
deleteExecutiveReport(input: $input) {
deletedExecutiveReportID
}
}
Variables
{"input": DeleteExecutiveReportInput}
Response
{
"data": {
"deleteExecutiveReport": {
"deletedExecutiveReportID": "xyz789"
}
}
}
deleteOneTimeExecutiveReportConfiguration
Description
Deletes a one time executive report configuration.
Response
Arguments
| Name | Description |
|---|---|
input - DeleteOneTimeExecutiveReportConfigurationInput
|
Example
Query
mutation deleteOneTimeExecutiveReportConfiguration($input: DeleteOneTimeExecutiveReportConfigurationInput) {
deleteOneTimeExecutiveReportConfiguration(input: $input) {
deletedOneTimeExecutiveReportConfigurationID
}
}
Variables
{"input": DeleteOneTimeExecutiveReportConfigurationInput}
Response
{
"data": {
"deleteOneTimeExecutiveReportConfiguration": {
"deletedOneTimeExecutiveReportConfigurationID": "xyz789"
}
}
}
deletePolicy
Description
Delete a policy.
Response
Returns a DeletePolicyOutput
Arguments
| Name | Description |
|---|---|
input - DeletePolicyInput!
|
Example
Query
mutation deletePolicy($input: DeletePolicyInput!) {
deletePolicy(input: $input) {
deletedPolicyID
}
}
Variables
{"input": DeletePolicyInput}
Response
{
"data": {
"deletePolicy": {
"deletedPolicyID": "abc123"
}
}
}
deleteProxy
Description
Delete a proxy.
Response
Returns a DeleteProxyOutput
Arguments
| Name | Description |
|---|---|
input - DeleteProxyInput!
|
Example
Query
mutation deleteProxy($input: DeleteProxyInput!) {
deleteProxy(input: $input) {
deletedProxyID
permanentlyDeleted
}
}
Variables
{"input": DeleteProxyInput}
Response
{
"data": {
"deleteProxy": {
"deletedProxyID": "xyz789",
"permanentlyDeleted": true
}
}
}
deleteProxyPlusCertificate
Description
Delete Proxy Plus Certificate.
Response
Returns a DeleteProxyPlusCertificateOutput
Arguments
| Name | Description |
|---|---|
input - DeleteProxyPlusCertificateInput!
|
Example
Query
mutation deleteProxyPlusCertificate($input: DeleteProxyPlusCertificateInput!) {
deleteProxyPlusCertificate(input: $input) {
deletedProxyPlusCertificateID
}
}
Variables
{"input": DeleteProxyPlusCertificateInput}
Response
{
"data": {
"deleteProxyPlusCertificate": {
"deletedProxyPlusCertificateID": "abc123"
}
}
}
deleteProxyPlusPolicy
Description
Delete Proxy Plus Policy.
Response
Returns a DeleteProxyPlusPolicyOutput
Arguments
| Name | Description |
|---|---|
input - DeleteProxyPlusPolicyInput!
|
Example
Query
mutation deleteProxyPlusPolicy($input: DeleteProxyPlusPolicyInput!) {
deleteProxyPlusPolicy(input: $input) {
deletedProxyPlusPolicyID
}
}
Variables
{"input": DeleteProxyPlusPolicyInput}
Response
{
"data": {
"deleteProxyPlusPolicy": {
"deletedProxyPlusPolicyID": "abc123"
}
}
}
deleteProxyPlusProxy
Description
Delete Proxy Plus Proxy.
Response
Returns a DeleteProxyPlusProxyOutput
Arguments
| Name | Description |
|---|---|
input - DeleteProxyPlusProxyInput!
|
Example
Query
mutation deleteProxyPlusProxy($input: DeleteProxyPlusProxyInput!) {
deleteProxyPlusProxy(input: $input) {
deletedProxyPlusProxyID
}
}
Variables
{"input": DeleteProxyPlusProxyInput}
Response
{
"data": {
"deleteProxyPlusProxy": {
"deletedProxyPlusProxyID": "xyz789"
}
}
}
deleteProxyPlusService
Description
Delete Proxy Plus Service.
Response
Returns a DeleteProxyPlusServiceOutput
Arguments
| Name | Description |
|---|---|
input - DeleteProxyPlusServiceInput!
|
Example
Query
mutation deleteProxyPlusService($input: DeleteProxyPlusServiceInput!) {
deleteProxyPlusService(input: $input) {
deletedProxyPlusServiceID
}
}
Variables
{"input": DeleteProxyPlusServiceInput}
Response
{
"data": {
"deleteProxyPlusService": {
"deletedProxyPlusServiceID": "xyz789"
}
}
}
deleteRecurringExecutiveReportConfiguration
Description
Deletes a recurring executive report configuration.
Response
Returns a DeleteRecurringExecutiveReportConfigurationOutput!
Arguments
| Name | Description |
|---|---|
input - DeleteRecurringExecutiveReportConfigurationInput
|
Example
Query
mutation deleteRecurringExecutiveReportConfiguration($input: DeleteRecurringExecutiveReportConfigurationInput) {
deleteRecurringExecutiveReportConfiguration(input: $input) {
deletedRecurringExecutiveReportConfigurationID
}
}
Variables
{
"input": DeleteRecurringExecutiveReportConfigurationInput
}
Response
{
"data": {
"deleteRecurringExecutiveReportConfiguration": {
"deletedRecurringExecutiveReportConfigurationID": "xyz789"
}
}
}
deleteRunningACL
Description
Delete a Running ACL.
Response
Returns a DeleteRunningACLOutput
Arguments
| Name | Description |
|---|---|
input - DeleteRunningACLInput!
|
Example
Query
mutation deleteRunningACL($input: DeleteRunningACLInput!) {
deleteRunningACL(input: $input) {
companyDName
}
}
Variables
{"input": DeleteRunningACLInput}
Response
{
"data": {
"deleteRunningACL": {
"companyDName": "abc123"
}
}
}
deleteSAMLConnection
Description
Delete a SAML connection.
Response
Returns an SAMLOutput
Arguments
| Name | Description |
|---|---|
input - SAMLInput!
|
Example
Query
mutation deleteSAMLConnection($input: SAMLInput!) {
deleteSAMLConnection(input: $input) {
config {
...SSOConfigFragment
}
}
}
Variables
{"input": SAMLInput}
Response
{"data": {"deleteSAMLConnection": {"config": SSOConfig}}}
deleteUser
Description
Delete a user.
Response
Returns a DeleteUserOutput
Arguments
| Name | Description |
|---|---|
input - DeleteUserInput!
|
Example
Query
mutation deleteUser($input: DeleteUserInput!) {
deleteUser(input: $input) {
deletedUserID
}
}
Variables
{"input": DeleteUserInput}
Response
{
"data": {
"deleteUser": {
"deletedUserID": "abc123"
}
}
}
lockConfigurationChanges
Response
Returns a ConfigurationChangesLock
Example
Query
mutation lockConfigurationChanges {
lockConfigurationChanges {
id
createdAt
updatedAt
started
ended
lockedBy
unlockedBy
}
}
Response
{
"data": {
"lockConfigurationChanges": {
"id": "abc123",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"started": "10:15:30Z",
"ended": "10:15:30Z",
"lockedBy": "xyz789",
"unlockedBy": "xyz789"
}
}
}
lockProxyPlusConfigurationChanges
Description
Lock Proxy Plus Configuration Changes.
Response
Returns a ProxyPlusConfigurationChangesLock
Example
Query
mutation lockProxyPlusConfigurationChanges {
lockProxyPlusConfigurationChanges {
id
createdAt
updatedAt
started
ended
lockedBy
unlockedBy
}
}
Response
{
"data": {
"lockProxyPlusConfigurationChanges": {
"id": "xyz789",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"started": "10:15:30Z",
"ended": "10:15:30Z",
"lockedBy": "abc123",
"unlockedBy": "abc123"
}
}
}
markAllUserNotificationRecordsRead
Description
Update all user notification records read.
Response
Returns an UpdateAllUserNotificationRecordsOutput
Arguments
| Name | Description |
|---|---|
input - UpdateAllUserNotificationRecordsInput!
|
Example
Query
mutation markAllUserNotificationRecordsRead($input: UpdateAllUserNotificationRecordsInput!) {
markAllUserNotificationRecordsRead(input: $input) {
userID
}
}
Variables
{"input": UpdateAllUserNotificationRecordsInput}
Response
{
"data": {
"markAllUserNotificationRecordsRead": {
"userID": "abc123"
}
}
}
sendACLChangeRequest
Response
Returns an SendACLChangeRequestOutput
Arguments
| Name | Description |
|---|---|
input - SendACLChangeRequestInput!
|
Example
Query
mutation sendACLChangeRequest($input: SendACLChangeRequestInput!) {
sendACLChangeRequest(input: $input) {
companyDName
id
}
}
Variables
{"input": SendACLChangeRequestInput}
Response
{
"data": {
"sendACLChangeRequest": {
"companyDName": "xyz789",
"id": "xyz789"
}
}
}
sendEmail
Description
Send email.
Response
Returns a SendEmailOutput
Arguments
| Name | Description |
|---|---|
input - SendEmailInput!
|
Example
Query
mutation sendEmail($input: SendEmailInput!) {
sendEmail(input: $input) {
statusCode
}
}
Variables
{"input": SendEmailInput}
Response
{
"data": {
"sendEmail": {"statusCode": "abc123"}
}
}
sendTestNotification
Description
Send test notification.
Response
Returns a SendTestNotificationOutput
Arguments
| Name | Description |
|---|---|
input - SendTestNotificationInput!
|
Example
Query
mutation sendTestNotification($input: SendTestNotificationInput!) {
sendTestNotification(input: $input) {
statusCode
}
}
Variables
{"input": SendTestNotificationInput}
Response
{
"data": {
"sendTestNotification": {
"statusCode": "abc123"
}
}
}
sendUserActivationEmail
Description
Send user activation email.
Response
Returns a SendUserActivationEmailOutput
Arguments
| Name | Description |
|---|---|
input - SendUserActivationEmailInput!
|
Example
Query
mutation sendUserActivationEmail($input: SendUserActivationEmailInput!) {
sendUserActivationEmail(input: $input) {
id
email
}
}
Variables
{"input": SendUserActivationEmailInput}
Response
{
"data": {
"sendUserActivationEmail": {
"id": "xyz789",
"email": "xyz789"
}
}
}
sendUserPasswordResetEmail
Description
Send user reset password email.
Response
Returns a SendUserPasswordResetEmailOutput
Arguments
| Name | Description |
|---|---|
input - SendUserPasswordResetEmailInput!
|
Example
Query
mutation sendUserPasswordResetEmail($input: SendUserPasswordResetEmailInput!) {
sendUserPasswordResetEmail(input: $input) {
id
email
}
}
Variables
{"input": SendUserPasswordResetEmailInput}
Response
{
"data": {
"sendUserPasswordResetEmail": {
"id": "xyz789",
"email": "abc123"
}
}
}
unlockConfigurationChanges
Response
Returns a Boolean!
Example
Query
mutation unlockConfigurationChanges {
unlockConfigurationChanges
}
Response
{"data": {"unlockConfigurationChanges": false}}
unlockProxyPlusConfigurationChanges
Description
Unlock Proxy Plus Configuration Changes.
Response
Returns a Boolean!
Example
Query
mutation unlockProxyPlusConfigurationChanges {
unlockProxyPlusConfigurationChanges
}
Response
{"data": {"unlockProxyPlusConfigurationChanges": false}}
updateCompanyNotificationConfiguration
Description
Modify a company notification configuration.
Response
Returns an UpdateCompanyNotificationConfigurationOutput
Arguments
| Name | Description |
|---|---|
input - UpdateCompanyNotificationConfigurationInput!
|
Example
Query
mutation updateCompanyNotificationConfiguration($input: UpdateCompanyNotificationConfigurationInput!) {
updateCompanyNotificationConfiguration(input: $input) {
configuration {
...CompanyNotificationConfigurationFragment
}
}
}
Variables
{"input": UpdateCompanyNotificationConfigurationInput}
Response
{
"data": {
"updateCompanyNotificationConfiguration": {
"configuration": CompanyNotificationConfiguration
}
}
}
updateDomainAliasesSAMLConnection
Description
Update domain aliases for a SAML connection.
Response
Returns an SAMLOutput
Arguments
| Name | Description |
|---|---|
input - SAMLInput!
|
Example
Query
mutation updateDomainAliasesSAMLConnection($input: SAMLInput!) {
updateDomainAliasesSAMLConnection(input: $input) {
config {
...SSOConfigFragment
}
}
}
Variables
{"input": SAMLInput}
Response
{
"data": {
"updateDomainAliasesSAMLConnection": {
"config": SSOConfig
}
}
}
updateNotificationRecord
Description
Modify notification records.
Response
Returns an UpdateNotificationRecordOutput
Arguments
| Name | Description |
|---|---|
input - UpdateNotificationRecordInput!
|
Example
Query
mutation updateNotificationRecord($input: UpdateNotificationRecordInput!) {
updateNotificationRecord(input: $input) {
records {
...NotificationRecordFragment
}
}
}
Variables
{"input": UpdateNotificationRecordInput}
Response
{
"data": {
"updateNotificationRecord": {
"records": [NotificationRecord]
}
}
}
updatePolicy
Description
Modify a policy.
Response
Returns an UpdatePolicyOutput
Arguments
| Name | Description |
|---|---|
input - UpdatePolicyInput!
|
Example
Query
mutation updatePolicy($input: UpdatePolicyInput!) {
updatePolicy(input: $input) {
policy {
...PolicyFragment
}
}
}
Variables
{"input": UpdatePolicyInput}
Response
{"data": {"updatePolicy": {"policy": Policy}}}
updateProxy
Description
Modify a proxy.
Response
Returns an UpdateProxyOutput
Arguments
| Name | Description |
|---|---|
input - UpdateProxyInput!
|
Example
Query
mutation updateProxy($input: UpdateProxyInput!) {
updateProxy(input: $input) {
proxy {
...ProxyFragment
}
}
}
Variables
{"input": UpdateProxyInput}
Response
{"data": {"updateProxy": {"proxy": Proxy}}}
updateProxyPlusPolicy
Description
Update Proxy Plus Policy.
Response
Returns an UpdateProxyPlusPolicyOutput
Arguments
| Name | Description |
|---|---|
input - UpdateProxyPlusPolicyInput!
|
Example
Query
mutation updateProxyPlusPolicy($input: UpdateProxyPlusPolicyInput!) {
updateProxyPlusPolicy(input: $input) {
policy {
...ProxyPlusPolicyFragment
}
}
}
Variables
{"input": UpdateProxyPlusPolicyInput}
Response
{
"data": {
"updateProxyPlusPolicy": {"policy": ProxyPlusPolicy}
}
}
updateProxyPlusProxy
Description
Update Proxy Plus Proxy.
Response
Returns an UpdateProxyPlusProxyOutput
Arguments
| Name | Description |
|---|---|
input - UpdateProxyPlusProxyInput!
|
Example
Query
mutation updateProxyPlusProxy($input: UpdateProxyPlusProxyInput!) {
updateProxyPlusProxy(input: $input) {
proxy {
...ProxyPlusProxyFragment
}
}
}
Variables
{"input": UpdateProxyPlusProxyInput}
Response
{
"data": {
"updateProxyPlusProxy": {"proxy": ProxyPlusProxy}
}
}
updateProxyPlusService
Description
Update Proxy Plus Service.
Response
Returns an UpdateProxyPlusServiceOutput
Arguments
| Name | Description |
|---|---|
input - UpdateProxyPlusServiceInput!
|
Example
Query
mutation updateProxyPlusService($input: UpdateProxyPlusServiceInput!) {
updateProxyPlusService(input: $input) {
service {
...ProxyPlusServiceFragment
}
}
}
Variables
{"input": UpdateProxyPlusServiceInput}
Response
{
"data": {
"updateProxyPlusService": {
"service": ProxyPlusService
}
}
}
updateRecurringExecutiveReportConfiguration
Description
Updates a recurring report generation configuration.
Response
Returns an UpdateRecurringExecutiveReportConfigurationOutput!
Arguments
| Name | Description |
|---|---|
input - UpdateRecurringExecutiveReportConfigurationInput
|
Example
Query
mutation updateRecurringExecutiveReportConfiguration($input: UpdateRecurringExecutiveReportConfigurationInput) {
updateRecurringExecutiveReportConfiguration(input: $input) {
configuration {
...RecurringExecutiveReportConfigurationFragment
}
}
}
Variables
{
"input": UpdateRecurringExecutiveReportConfigurationInput
}
Response
{
"data": {
"updateRecurringExecutiveReportConfiguration": {
"configuration": RecurringExecutiveReportConfiguration
}
}
}
updateSAMLConnection
Description
Modify a SAML connection.
Response
Returns an SAMLOutput
Arguments
| Name | Description |
|---|---|
input - UpdateSAMLInput!
|
Example
Query
mutation updateSAMLConnection($input: UpdateSAMLInput!) {
updateSAMLConnection(input: $input) {
config {
...SSOConfigFragment
}
}
}
Variables
{"input": UpdateSAMLInput}
Response
{"data": {"updateSAMLConnection": {"config": SSOConfig}}}
updateUser
Description
Modify a user.
Response
Returns an UpdateUserOutput
Arguments
| Name | Description |
|---|---|
input - UpdateUserInput!
|
Example
Query
mutation updateUser($input: UpdateUserInput!) {
updateUser(input: $input) {
user {
...UserFragment
}
}
}
Variables
{"input": UpdateUserInput}
Response
{"data": {"updateUser": {"user": User}}}
updateUserNotificationConfiguration
Description
Modify a user notification configuration.
Response
Returns an UpdateUserNotificationConfigurationOutput
Arguments
| Name | Description |
|---|---|
input - UpdateUserNotificationConfigurationInput!
|
Example
Query
mutation updateUserNotificationConfiguration($input: UpdateUserNotificationConfigurationInput!) {
updateUserNotificationConfiguration(input: $input) {
configuration {
...UserNotificationConfigurationFragment
}
}
}
Variables
{"input": UpdateUserNotificationConfigurationInput}
Response
{
"data": {
"updateUserNotificationConfiguration": {
"configuration": UserNotificationConfiguration
}
}
}
Types
ACL
ACLDeploymentState
Description
The deployment state of an ACL.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"COMPLETE"
ACLsData
Description
The data describing a customer's ACLs
Fields
| Field Name | Description |
|---|---|
draftACL - DraftACL
|
The Draft ACL. |
candidateACL - CandidateACL
|
The Candidate ACL that is under review by SOC. |
runningACL - RunningACL
|
The running ACL that has been approved by SOC. |
runningACLDeploymentStatus - RunningACLDeploymentStatus!
|
The deployment status of the running ACL for all of the scrubbing centers. |
Example
{
"draftACL": DraftACL,
"candidateACL": CandidateACL,
"runningACL": RunningACL,
"runningACLDeploymentStatus": RunningACLDeploymentStatus
}
ACLsOutput
AIFHTTPURLRegexDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
level - String!
|
|
blocking - Boolean!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"level": "xyz789",
"blocking": false
}
APIAccess
Description
Specifies API Access configuration for company.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether API access is enabled for the Company. |
openHybridEnabled - Boolean!
|
Specifies if Open Hybrid access is enabled in portal for this company. |
maxAPIClients - UnsignedInt32!
|
Specifies the max number of API clients that can be configured for this company. |
Example
{
"enabled": false,
"openHybridEnabled": false,
"maxAPIClients": UnsignedInt32
}
APIClient
Description
Per-Company API Access settings.
Example
{
"id": "xyz789",
"name": "xyz789",
"description": "abc123",
"company": Company,
"user": User
}
AccountInfo
Description
Contract-related information for a customer.
Fields
| Field Name | Description |
|---|---|
accountNumber - String!
|
Account Number of customer. |
domain - String!
|
Primary DNS name of customer. |
countryName - String
|
Country customer is registered in. |
state - String
|
State customer is registered in. |
featureList - [Feature!]
|
List of features purchased by customer. |
accountExecutiveList - [Person!]
|
List of Account Executives for customer. |
Example
{
"accountNumber": "abc123",
"domain": "abc123",
"countryName": "abc123",
"state": "xyz789",
"featureList": [Feature],
"accountExecutiveList": [Person]
}
ActivationStatus
Description
The status of a contract negotiated with customer.
Values
| Enum Value | Description |
|---|---|
|
|
Indicates that the specified feature is under review but not purchased yet by the company. |
|
|
Indicates that the specified feature is pending signature by the company. |
|
|
Indicates that the specified feature is purchased and activated for the company. |
|
|
Indicates that the specified feature is being reviewed post submission, for the company. |
Example
"EDIT_UNDER_REVIEW"
Alert
Description
An Alert is something that has been raised within SiteProtect to be dealt with.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of the alert. |
company - Company!
|
The company object. |
start - Time!
|
The start time of the alert |
end - Time
|
The end time of the alert. A non-zero value of end time means that the alert has ended or finished. |
severity - Severity!
|
An indication of how critical the Alert is. |
type - AlertType!
|
A boolean value that indicates whether or not the alert is an Infrastructure alert |
Possible Types
| Alert Types |
|---|
Example
{
"id": "abc123",
"company": Company,
"start": "10:15:30Z",
"end": "10:15:30Z",
"severity": "HIGH",
"type": "DNA"
}
AlertCharacterization
Fields
| Field Name | Description |
|---|---|
source_prefixes - [String]
|
|
destination_prefixes - [String]
|
|
source_tcp_ports - [String]
|
|
destination_tcp_ports - [String]
|
|
source_udp_ports - [String]
|
|
destination_udp_ports - [String]
|
|
source_asns - [String]
|
|
destination_asns - [String]
|
|
source_countries - [AlertCountry]
|
|
protocols - [String]
|
|
tcp_flags - [String]
|
Example
{
"source_prefixes": ["abc123"],
"destination_prefixes": ["abc123"],
"source_tcp_ports": ["xyz789"],
"destination_tcp_ports": ["abc123"],
"source_udp_ports": ["abc123"],
"destination_udp_ports": ["xyz789"],
"source_asns": ["xyz789"],
"destination_asns": ["abc123"],
"source_countries": [AlertCountry],
"protocols": ["abc123"],
"tcp_flags": ["xyz789"]
}
AlertClassification
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"POSSIBLE_ATTACK"
AlertCountry
AlertDetailsTraffic
Fields
| Field Name | Description |
|---|---|
misuse_types - [AlertDetailsTrafficSeries]
|
|
patterns - [AlertTrafficPattern]
|
|
source_prefixes - [AlertDetailsTrafficSeries]
|
|
destination_prefixes - [AlertDetailsTrafficSeries]
|
|
source_tcp_ports - [AlertDetailsTrafficSeries]
|
|
destination_tcp_ports - [AlertDetailsTrafficSeries]
|
|
source_udp_ports - [AlertDetailsTrafficSeries]
|
|
destination_udp_ports - [AlertDetailsTrafficSeries]
|
|
source_asns - [AlertDetailsTrafficSeries]
|
|
destination_asns - [AlertDetailsTrafficSeries]
|
|
source_countries - [AlertDetailsTrafficSeriesCountry]
|
|
protocols - [AlertDetailsTrafficSeries]
|
|
tcp_flags - [AlertDetailsTrafficSeries]
|
|
icmp_types - [AlertDetailsTrafficSeries]
|
|
router_traffic - [AlertDetailsTrafficSeries]
|
|
interface_traffic - [AlertInterfaceTraffic]
|
|
packet_sizes - [AlertPacketSizeBin]
|
|
characterization - AlertCharacterization
|
Example
{
"misuse_types": [AlertDetailsTrafficSeries],
"patterns": [AlertTrafficPattern],
"source_prefixes": [AlertDetailsTrafficSeries],
"destination_prefixes": [AlertDetailsTrafficSeries],
"source_tcp_ports": [AlertDetailsTrafficSeries],
"destination_tcp_ports": [AlertDetailsTrafficSeries],
"source_udp_ports": [AlertDetailsTrafficSeries],
"destination_udp_ports": [AlertDetailsTrafficSeries],
"source_asns": [AlertDetailsTrafficSeries],
"destination_asns": [AlertDetailsTrafficSeries],
"source_countries": [AlertDetailsTrafficSeriesCountry],
"protocols": [AlertDetailsTrafficSeries],
"tcp_flags": [AlertDetailsTrafficSeries],
"icmp_types": [AlertDetailsTrafficSeries],
"router_traffic": [AlertDetailsTrafficSeries],
"interface_traffic": [AlertInterfaceTraffic],
"packet_sizes": [AlertPacketSizeBin],
"characterization": AlertCharacterization
}
AlertDetailsTrafficSeries
Example
{
"name": "xyz789",
"view": "xyz789",
"unit": "abc123",
"severity": "xyz789",
"points": [AlertTrafficTimeSeriesPoint],
"percentageTotalTraffic": 123.45,
"average": Int64
}
AlertDetailsTrafficSeriesCountry
Fields
| Field Name | Description |
|---|---|
country - AlertCountry
|
|
view - String
|
|
unit - String
|
|
severity - String
|
|
points - [AlertTrafficTimeSeriesPoint]
|
|
percentageTotalTraffic - Float
|
|
average - Int64
|
Example
{
"country": AlertCountry,
"view": "xyz789",
"unit": "xyz789",
"severity": "abc123",
"points": [AlertTrafficTimeSeriesPoint],
"percentageTotalTraffic": 123.45,
"average": Int64
}
AlertDimension
Description
One of the sorted order fields.
Values
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the START time. |
|
|
The ascending order based on the END time. |
|
|
The ascending order based on the SEVERITY time. |
Example
"START"
AlertFilterInput
Description
The filters that can be applied to scope the list of alerts.
Fields
| Input Field | Description |
|---|---|
id - String
|
The identifier of the alert |
providerID - String
|
The provider identifier of the alert |
active - Boolean
|
Include active alerts when set to true or inactive when set to false. By default, all alerts are fetched regardless of whether they are active or not. |
types - [AlertType!]
|
The alert types to filter on |
severities - [Severity!]
|
The severity levels to filter on |
isInfrastructure - Boolean
|
Whether the alert is an infrastructure alert type |
Example
{
"id": "abc123",
"providerID": "abc123",
"active": true,
"types": ["DNA"],
"severities": ["HIGH"],
"isInfrastructure": true
}
AlertInterfaceTraffic
Fields
| Field Name | Description |
|---|---|
direction - String
|
|
unit - String
|
|
router - String
|
|
router_severity - String
|
|
interface_boundary - String
|
|
snmp_description - String
|
|
interface_name - String
|
|
interface_asns - [UnsignedInt64]
|
|
pct95_value - UnsignedInt64
|
|
avg_value - UnsignedInt64
|
|
max_value - UnsignedInt64
|
Example
{
"direction": "xyz789",
"unit": "xyz789",
"router": "abc123",
"router_severity": "abc123",
"interface_boundary": "abc123",
"snmp_description": "xyz789",
"interface_name": "abc123",
"interface_asns": [UnsignedInt64],
"pct95_value": UnsignedInt64,
"avg_value": UnsignedInt64,
"max_value": UnsignedInt64
}
AlertPacketSizeBin
Fields
| Field Name | Description |
|---|---|
low - UnsignedInt64
|
|
high - UnsignedInt64
|
|
pct95_value - UnsignedInt64
|
|
avg_value - UnsignedInt64
|
|
max_value - UnsignedInt64
|
Example
{
"low": UnsignedInt64,
"high": UnsignedInt64,
"pct95_value": UnsignedInt64,
"avg_value": UnsignedInt64,
"max_value": UnsignedInt64
}
AlertSortBy
Description
AlertSortBy sorting.
Fields
| Input Field | Description |
|---|---|
dimension - AlertDimension!
|
The dimension to sort by. Default = START |
direction - SortDirection!
|
The direction to sort in. Default = DESCENDING |
Example
{"dimension": "START", "direction": "ASCENDING"}
AlertTrafficPattern
Example
{
"source": "xyz789",
"protocol": "xyz789",
"tcp_flags": ["xyz789"],
"source_ports": PortRange,
"destination": "abc123",
"destination_ports": PortRange,
"router": "xyz789",
"max_traffic": 987.65,
"max_traffic_unit": "xyz789"
}
AlertTrafficTimeSeriesPoint
AlertType
Values
| Enum Value | Description |
|---|---|
|
|
Detected from customer traffic data feed. |
|
|
Comes from waf and bot. |
|
|
Detected DDoS attack. |
|
|
BGP customers specify IP prefixes to be protected. |
|
|
Traffic data feed not received when performing detection observation. |
|
|
Traffic data feed not received when performing detection observation. |
|
|
Users send API call. |
|
|
Communication is lost between the APS deployment and its Sightline manager. |
|
|
Customer’s APS deployment requests a mitigation be started. |
|
|
Tunnel Alert data. |
Example
"DNA"
AlertsWithPagination
Description
Represents the list of alerts along with pagination details.
Fields
| Field Name | Description |
|---|---|
results - [Alert!]!
|
The list of alerts. |
pageInfo - Pagination!
|
The pagination details. |
Example
{
"results": [Alert],
"pageInfo": Pagination
}
Algorithm
Description
Algorithm used for signature request.
Values
| Enum Value | Description |
|---|---|
|
|
SHA256 Algorithm. |
|
|
SHA1 Algorithm. |
Example
"SHA256"
Annotation
AppDataAggregateByField
Description
Allowed list of values for results to be grouped by.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"METHOD"
AppDataAggregateByInput
Description
Define how the results should be grouped.
Fields
| Input Field | Description |
|---|---|
field - AppDataAggregateByField!
|
A value indicating how the results should be grouped. |
Example
{"field": "METHOD"}
AppDataAnalyticsResponse
Description
Output application results.
Fields
| Field Name | Description |
|---|---|
field - AppDataField!
|
|
aggregateBy - AppDataAggregateByField!
|
|
values - [AppDataValues!]
|
Example
{
"field": "CONNECTIONS",
"aggregateBy": "METHOD",
"values": [AppDataValues]
}
AppDataField
Description
Allowed list of request types for any given query.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"CONNECTIONS"
AppDataFilterInput
Description
Input required if extra criteria is needed to constrain the queried results.
Fields
| Input Field | Description |
|---|---|
vips - [IPAddressInput!]
|
If given, the queried results will only include those for the VIPs provided. |
Example
{"vips": [IPAddressInput]}
AppDataValues
Description
Generic query type and result count.
Fields
| Field Name | Description |
|---|---|
key - String!
|
|
count - UnsignedInt32!
|
Example
{
"key": "abc123",
"count": UnsignedInt32
}
AppSecAlert
Description
An alert generated as defined by a Policy.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of the alert. |
policyID - String!
|
The Policy ID that triggered this alert. |
destinationIP - IPAddress!
|
The destination IP. |
vip - IPAddress!
|
The VIP. |
dimension - String!
|
The dimension. |
key - String!
|
The key. |
operator - String!
|
The operator. |
details - AppSecAlertDetails
|
The details of the alert. |
company - Company!
|
The company object. |
start - Time!
|
The start time of the alert |
end - Time
|
The end time of the alert. A non-zero value of end time means that the alert has ended or finished. |
severity - Severity!
|
An indication of how critical the Alert is. |
type - AlertType!
|
A boolean value that indicates whether or not the alert is an Infrastructure alert |
Example
{
"id": "xyz789",
"policyID": "xyz789",
"destinationIP": IPAddress,
"vip": IPAddress,
"dimension": "abc123",
"key": "xyz789",
"operator": "xyz789",
"details": AppSecAlertDetails,
"company": Company,
"start": "10:15:30Z",
"end": "10:15:30Z",
"severity": "HIGH",
"type": "DNA"
}
AppSecAlertDetails
Fields
| Field Name | Description |
|---|---|
threshold - UnsignedInt32!
|
The threshold. |
importance - UnsignedInt32!
|
The importance. |
Example
{
"threshold": UnsignedInt32,
"importance": UnsignedInt32
}
AppSecThreshold
Description
An Application Security (AppSec) Threshold.
Fields
| Field Name | Description |
|---|---|
dimension - AppSecThresholdDimension!
|
Dimension for this configuration from a valid list of dimensions. |
key - String!
|
Key based on the Dimension. For instance, valid keys for REQUEST_BY_SOURCE_IP are , ||, /index.html||., /index.html||153.18.34.1. Valid keys for for RESPONSE_BY_STATUS are *, /index.html||200. |
count - UnsignedInt32!
|
Max number of violations allowed for this configuration before generating alerts. |
bucketDurationSeconds - UnsignedInt32!
|
Time period for max number of violations to occur before generating alerts. |
Example
{
"dimension": "REQUEST_BY_SOURCE_IP",
"key": "abc123",
"count": UnsignedInt32,
"bucketDurationSeconds": UnsignedInt32
}
AppSecThresholdDimension
Description
Allowed values for a WAF Application Security (AppSec) Threshold Configuration Dimension.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"REQUEST_BY_SOURCE_IP"
AppSecThresholdDimensionInput
Description
Allowed values for a policy level Application Security (AppSec) Threshold Configuration Dimension Input.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"REQUEST_BY_SOURCE_IP"
AppSecThresholdInput
Description
Specify a policy-level Application Security (AppSec) Threshold.
Fields
| Input Field | Description |
|---|---|
dimension - AppSecThresholdDimensionInput!
|
Dimension for this configuration from a valid list of dimensions. |
key - String!
|
Key based on the Dimension. For instance, valid keys for REQUEST_BY_SOURCE_IP , ||, /index.html||., /index.html||153.18.34.1, for RESPONSE_BY_STATUS *, /index.html||200. |
count - UnsignedInt32!
|
Minimum number of violations for generating alerts.(allowed value range: 1-1000). Default = 100 |
bucketDurationSeconds - UnsignedInt32!
|
Time period within which the minimum number of violations need to occur in order to generate alerts. (allowed values : 60). Default = 60 |
Example
{
"dimension": "REQUEST_BY_SOURCE_IP",
"key": "xyz789",
"count": UnsignedInt32,
"bucketDurationSeconds": UnsignedInt32
}
AppViolationData
Description
Represents the application violation data object.
Fields
| Field Name | Description |
|---|---|
metric - AppViolationMetric!
|
The metric for the data. |
value - Int!
|
The value for the data. |
Example
{"metric": "COUNT", "value": 123}
AppViolationMetric
Description
One of the application violation metrics.
Values
| Enum Value | Description |
|---|---|
|
|
The count of application violations. |
Example
"COUNT"
ApplicationService
Description
Application services that make up this virtual servers back end.
Fields
| Field Name | Description |
|---|---|
port - UnsignedInt16!
|
The back-end port for this virtual server's origin. |
protocol - ProxyProtocol!
|
Protocol type used for this virtual server's front and back ends. |
origin - String!
|
The back-end IP for this virtual server's origin. |
monitor - Boolean!
|
Whether or not to monitor this origin. |
Example
{
"port": UnsignedInt16,
"protocol": "HTTP",
"origin": "abc123",
"monitor": false
}
ApplicationServiceInput
Description
Define a virtual server's back-end server.
Fields
| Input Field | Description |
|---|---|
port - UnsignedInt16!
|
The back-end port for this virtual server's origin. |
protocol - ProxyProtocol!
|
Protocol type used for this virtual server's front and back ends. |
origin - String!
|
The back-end IP/hostname of this virtual server's origin. |
monitor - Boolean!
|
Whether or not to monitor this origin. Default = true |
Example
{
"port": UnsignedInt16,
"protocol": "HTTP",
"origin": "xyz789",
"monitor": false
}
AssignCertificateInput
Description
Assign a certificate to a proxy.
Fields
| Input Field | Description |
|---|---|
proxyID - String!
|
The ID of the proxy to assign the certificate to. |
certificateID - String!
|
The ID of the certificate to assign. |
companyDName - String
|
The identifier of the owning company. |
port - UnsignedInt16
|
The virtual server's front-end server port. Required when assigning a certificate to a non-SSL vServer. |
minTLSVersion - MinTLSVersion
|
Minimum TLS versions to support. TLS 1.3 is support only for front end. If not provided when assigning a certificate to a non-SSL vServer, the default minimum TLS version will be TLS 1.2." |
sni - Boolean
|
Forces back-end SNI support between the proxy and the origin, sending the specified common name to initiate SNI to the back end. If not provided when assigning a certificate to a non-SSL vServer, the default will be false." |
Example
{
"proxyID": "abc123",
"certificateID": "abc123",
"companyDName": "abc123",
"port": UnsignedInt16,
"minTLSVersion": "V_1_0",
"sni": true
}
AssignCertificateOutput
AssignProxyPlusCertificateInput
Description
The input to assign a Proxy Plus Certificate to a Proxy Plus Service.
Example
{
"serviceID": "abc123",
"certificateID": "abc123",
"companyDName": "xyz789"
}
AssignProxyPlusCertificateOutput
Description
The output after assigning a Proxy Plus Certificate to a Proxy Plus Service.
Fields
| Field Name | Description |
|---|---|
service - ProxyPlusService!
|
The proxy plus service that was assigned a certificate. |
newAssignedCertificate - ProxyPlusCertificate!
|
The certificate assigned to the service. |
oldCertificateID - String
|
The ID of the certificate previously assigned to the service, if any. |
Example
{
"service": ProxyPlusService,
"newAssignedCertificate": ProxyPlusCertificate,
"oldCertificateID": "xyz789"
}
Attribute
Fields
| Field Name | Description |
|---|---|
id - String!
|
|
traffic - [TrafficData!]!
|
Example
{
"id": "abc123",
"traffic": [TrafficData]
}
AuditLogAction
Description
Allowed list of values indicating what type of action caused an audit log transaction to be written.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"CREATE"
AuditLogImage
Description
The before and after image of an object that was altered.
Example
{
"newObj": RawJSON,
"oldObj": RawJSON
}
AuditLogOperation
Description
A specific audit log operation. A given audit log transaction can contain many seperate operations.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of an audit log operation. |
description - String!
|
A description describing the cause of the audit log operation. |
company - Company!
|
The owning company of the object represented in this audit log operation. |
transaction - AuditLogTransaction!
|
Audit log transaction details associated with the operation. |
timestamp - Time!
|
The time reported by the caller for when the action occurred causing the audit log operation to be captured. |
serviceID - String!
|
A string representing the name of the service that caused the audit log operation to be captured. |
callerID - String
|
Used internally to help identify what system component made a request to record the audit log operation. |
callerType - CallerType
|
A string indicating what type of caller is recording an audit log transaction. |
action - AuditLogAction!
|
A value indicating what type of action caused an audit log transaction to be written. |
resourceID - String!
|
An ID value for internal reference indicating the key/ID value of the object being altered. |
resourceType - String!
|
A string value for internal reference indicating what type of object was altered. |
image - AuditLogImage
|
A before and after image of an object that was altered. |
status - AuditLogResultStatus!
|
The result of the action that caused an audit log transaction to be written. |
messages - [String!]
|
A list of messages indicating useful information about the action that caused the audit log operation to be captured. |
Example
{
"id": "abc123",
"description": "abc123",
"company": Company,
"transaction": AuditLogTransaction,
"timestamp": "10:15:30Z",
"serviceID": "abc123",
"callerID": "abc123",
"callerType": "APPLICATION",
"action": "CREATE",
"resourceID": "xyz789",
"resourceType": "abc123",
"image": AuditLogImage,
"status": "IN_PROGRESS",
"messages": ["abc123"]
}
AuditLogOperationDimension
Description
Allowed list of values indicating what field and order the results are to be sorted.
Values
| Enum Value | Description |
|---|---|
|
|
Example
"TIMESTAMP"
AuditLogOperationFilterInput
Description
Input required if extra criteria is needed to constrain the queried results.
Fields
| Input Field | Description |
|---|---|
serviceID - String
|
A string representing the name of the service that caused the audit log operation to be captured. |
resourceType - String
|
A string value for internal reference indicating what type of object was altered. |
resourceID - String
|
An ID value for internal reference indicating the key/ID value of the object being altered. |
action - AuditLogAction
|
A value indicating what type of action caused an audit log transaction to be written. |
status - AuditLogResultStatus
|
The result of the action that caused an audit log transaction to be written. |
Example
{
"serviceID": "abc123",
"resourceType": "abc123",
"resourceID": "xyz789",
"action": "CREATE",
"status": "IN_PROGRESS"
}
AuditLogOperationSortBy
Description
Audit Log Operations log sorting.
Fields
| Input Field | Description |
|---|---|
dimension - AuditLogOperationDimension!
|
The dimension to sort by. Default = TIMESTAMP |
direction - SortDirection!
|
The direction to sort in. Default = DESCENDING |
Example
{"dimension": "TIMESTAMP", "direction": "ASCENDING"}
AuditLogResultStatus
Description
Allowed list of values indicating the result of the action that caused an audit log transaction to be written.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"IN_PROGRESS"
AuditLogTransaction
Description
A specific audit log transaction. A transaction can consist of many individual audit log operations.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of an audit log transaction. |
description - String!
|
A description describing the cause of the audit log transaction. |
traceID - String!
|
An identifier that ties this audit log operation with a transaction. |
timestamp - Time!
|
The time reported by the caller for when the action occurred causing the audit log operation to be captured. |
userID - String!
|
The ID of the user who caused an audit log transaction to be written. |
applicationID - String!
|
Used internally to help identify what system component made a request to record the audit log operation. |
apiClientID - String
|
Used internally to help identify what system user made a request to record the audit log operation. |
operations - [AuditLogOperation!]
|
A list of audit log operations. A given audit log transaction may contain many individual operations. |
Arguments
|
|
status - AuditLogResultStatus!
|
The result of the action that caused an audit log transaction to be written. |
messages - [String!]
|
A list of messages indicating useful information about the action that caused the audit log operation to be captured. |
user - User
|
User details. |
apiClient - APIClient
|
API caller information. |
Example
{
"id": "xyz789",
"description": "abc123",
"traceID": "xyz789",
"timestamp": "10:15:30Z",
"userID": "xyz789",
"applicationID": "abc123",
"apiClientID": "xyz789",
"operations": [AuditLogOperation],
"status": "IN_PROGRESS",
"messages": ["abc123"],
"user": User,
"apiClient": APIClient
}
AuditLogTransactionDimension
Description
How to sort audit log transactions.
Values
| Enum Value | Description |
|---|---|
|
|
Example
"TIMESTAMP"
AuditLogTransactionFilterInput
Description
Input required if extra criteria is needed to constrain the queried results.
Fields
| Input Field | Description |
|---|---|
userID - String
|
The ID of the user who caused an audit log transaction to be written. |
applicationID - String
|
Used internally to help identify what system component made a request to record the audit log operation. |
apiClientID - String
|
Used internally to help identify what system user made a request to record the audit log operation. |
transactionResultStatus - AuditLogResultStatus
|
A status representing the result of the action that caused an audit log transaction to be written. |
action - AuditLogAction
|
A value indicating what type of action caused an audit log transaction to be written. |
resourceType - String
|
A string value for internal reference indicating what type of object was altered. |
resourceID - String
|
An ID value for internal reference indicating the key/ID value of the object being altered. |
Example
{
"userID": "abc123",
"applicationID": "xyz789",
"apiClientID": "xyz789",
"transactionResultStatus": "IN_PROGRESS",
"action": "CREATE",
"resourceType": "xyz789",
"resourceID": "xyz789"
}
AuditLogTransactionSortBy
Description
Audit Log Transactions log sorting.
Fields
| Input Field | Description |
|---|---|
dimension - AuditLogTransactionDimension!
|
The dimension to sort by. Default = TIMESTAMP |
direction - SortDirection!
|
The direction to sort in. Default = DESCENDING |
Example
{"dimension": "TIMESTAMP", "direction": "ASCENDING"}
AuditLogTransactionsWithPagination
Description
The list of audit log transactions along with pagination details.
Fields
| Field Name | Description |
|---|---|
results - [AuditLogTransaction!]
|
The list of audit log transactions. |
pageInfo - Pagination!
|
The pagination details. |
Example
{
"results": [AuditLogTransaction],
"pageInfo": Pagination
}
AuthorizationHeader
Description
Authorization header.
Example
{
"authorizationValue": "xyz789",
"scheme": "xyz789",
"token": "xyz789"
}
AuthorizationHeaderInput
Description
Authorization header input.
Example
{
"authorizationValue": "abc123",
"scheme": "xyz789",
"token": "xyz789"
}
BGPCleanTrafficDeliveryMechanism
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"SINGLE_GRE"
BGPMitigationTriggerMechanism
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"STANDARD"
BGPPackage
Description
Specifies BGP configuration for the company.
Fields
| Field Name | Description |
|---|---|
companyDName - String!
|
The identifier of the owning company. |
managedObjects - [ManagedObject!]
|
List of BGP Managed Objects. |
alertAuto - Boolean!
|
Auto Mitigation Enabled. |
hybridCloudSignalling - Boolean!
|
Cloud Signalling Auto Mitigation Enabled. |
serviceTypes - [BGPServiceType!]
|
BGP Service types configured. |
cleanTrafficDeliveryMechanisms - [BGPCleanTrafficDeliveryMechanism!]
|
Mechanism(s) used to send clean traffic to back end. |
mitigationTriggerMechanisms - [BGPMitigationTriggerMechanism!]
|
Mechanism(s) used to trigger mitigations. |
alwaysRouted - Boolean!
|
Whether traffic is always routed here. |
enabled - Boolean!
|
Whether BGP is enabled for the Company. |
cloudFirewallEnabled - Boolean!
|
Indicates whether Cloud Firewall is enabled for the Company. |
routing - BGPTrafficRouting
|
Indicates what type of BGP routing is being used. This can be one of BGP IP, Traffic Engineering, Direct Connect, Direct Connect Traffic Engineering, or Group Routing Encapsulation (GRE). |
onDemand - Boolean!
|
Indicates whether company has BGP On Demand DDoS mitigation enabled. |
alwaysOn - Boolean!
|
Indicates whether company has BGP Always On DDoS mitigation enabled. |
Example
{
"companyDName": "xyz789",
"managedObjects": [ManagedObject],
"alertAuto": false,
"hybridCloudSignalling": false,
"serviceTypes": ["ANYCAST_GRE"],
"cleanTrafficDeliveryMechanisms": ["SINGLE_GRE"],
"mitigationTriggerMechanisms": ["STANDARD"],
"alwaysRouted": true,
"enabled": false,
"cloudFirewallEnabled": true,
"routing": "BGP_IP",
"onDemand": false,
"alwaysOn": true
}
BGPPackageFilterInput
Description
Ways of reducing output of Company queries.
Fields
| Input Field | Description |
|---|---|
serviceTypes - [BGPServiceType!]
|
BGP Service types configured. |
cleanTrafficDeliveryMechanisms - [BGPCleanTrafficDeliveryMechanism!]
|
Mechanism(s) used to send clean traffic to back end. |
mitigationTriggerMechanisms - [BGPMitigationTriggerMechanism!]
|
Mechanism(s) used to trigger mitigations. |
Example
{
"serviceTypes": ["ANYCAST_GRE"],
"cleanTrafficDeliveryMechanisms": ["SINGLE_GRE"],
"mitigationTriggerMechanisms": ["STANDARD"]
}
BGPServiceType
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"ANYCAST_GRE"
BGPTrafficRouting
Description
Specifies the type of BGP traffic routing configured for the company.
Values
| Enum Value | Description |
|---|---|
|
|
Specifies BGP IP routing. |
|
|
Specifies BGP Traffic Engineering routing. |
|
|
Specifies BGP Direct Connect routing. |
|
|
Specifies BGP Direct Connect Traffic Engineering routing. |
|
|
Specifies BGP Group Routing Encapsulation (GRE) routing. |
Example
"BGP_IP"
BaseBotSignature
Description
A Bot Detection signature provided by the system. Can be configured to respond with a different action.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The signature unique ID. |
category - String!
|
The signature category. |
description - String!
|
Description of the signature. |
version - String!
|
The signature version. |
defaultEnabled - Boolean!
|
Whether bot signature is enabled. |
botType - BotType!
|
The signature bot type. |
defaultAction - BotSignatureAction!
|
The signature action taken by default. |
Example
{
"id": "xyz789",
"category": "abc123",
"description": "xyz789",
"version": "xyz789",
"defaultEnabled": false,
"botType": "BAD_BOT",
"defaultAction": "NONE"
}
BaseWAFSignature
Description
A WAF signature provided by the system. Can be configured to respond with a different action.
Fields
| Field Name | Description |
|---|---|
id - String!
|
Unique ID of the signature. |
createdAt - Time
|
The time that this base signature was added into the system. |
category - String!
|
Category of the signature. |
description - String!
|
Description of the signature. |
defaultAction - WAFAction!
|
Default action to be taken. |
refs - String
|
Reference ID to the corresponding vulnerability lists. For instance: cve, bugtraq, nessus |
Example
{
"id": "xyz789",
"createdAt": "10:15:30Z",
"category": "xyz789",
"description": "abc123",
"defaultAction": "NONE",
"refs": "xyz789"
}
BaseWAFSignatureDimension
Description
Allowed values for sorting the Signature list.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"CATEGORY"
BaseWAFSignatureSortBy
Description
Signature sorting input.
Fields
| Input Field | Description |
|---|---|
dimension - BaseWAFSignatureDimension!
|
The dimension to sort by. |
direction - SortDirection!
|
The direction to sort in. |
Example
{"dimension": "CATEGORY", "direction": "ASCENDING"}
BaseWAFSignaturesResponse
Description
A base signatures response object.
Fields
| Field Name | Description |
|---|---|
lastCheckedTime - Time
|
Represents the timestamp when the job ran to check for latest signature updates |
signatures - BaseWAFSignaturesWithPagination
|
A paginated list of base signatures |
Example
{
"lastCheckedTime": "10:15:30Z",
"signatures": BaseWAFSignaturesWithPagination
}
BaseWAFSignaturesWithPagination
Description
A paginated list of base WAF signatures.
Fields
| Field Name | Description |
|---|---|
results - [BaseWAFSignature!]
|
A list of signatures |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [BaseWAFSignature],
"pageInfo": Pagination
}
BlackWhiteListsDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
traffic - [TrafficData!]
|
Example
{
"name": "xyz789",
"id": "xyz789",
"company": Company,
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"traffic": [TrafficData]
}
BlockedIPLog
Description
A DDoS blocked IP event log.
The log is identified by the customer, mitigation and blocked IP fields, which is called a tuple.
Fields
| Field Name | Description |
|---|---|
customer - String!
|
The identifier of the owning company. |
firstEventTimeStamp - Time!
|
The timestamp when the blocked IP event log was first recorded for the tuple in the repository for the customer, so long as the entry has not been aged out. |
eventTimeStamp - Time!
|
The timestamp of this event. |
internalMitigationName - String!
|
The internal mitigation name. |
blockedIP - IPAddress!
|
The blocked IP address. |
nodeName - String
|
The node name where the event occurred. |
deviceName - String
|
The device name where the event occurred. |
protocol - String
|
The protocol of the packet. |
srcPort - UnsignedInt16
|
The source port of the packet. |
prefixList - [String!]
|
The target prefix list. |
destPort - UnsignedInt16
|
The destination port of the packet. |
countermeasure - String
|
The countermeasure for this event. |
rule - String
|
The rule associated with this event. |
reason - String
|
The reason for this event. |
blacklisted - Boolean
|
Whether the packet was blacklisted. |
country - String
|
The country of origin of the packet. |
city - String
|
The city where the packet originated. |
asn - UnsignedInt32
|
The ASN for the packet. |
Example
{
"customer": "xyz789",
"firstEventTimeStamp": "10:15:30Z",
"eventTimeStamp": "10:15:30Z",
"internalMitigationName": "xyz789",
"blockedIP": IPAddress,
"nodeName": "xyz789",
"deviceName": "abc123",
"protocol": "abc123",
"srcPort": UnsignedInt16,
"prefixList": ["xyz789"],
"destPort": UnsignedInt16,
"countermeasure": "abc123",
"rule": "abc123",
"reason": "abc123",
"blacklisted": true,
"country": "xyz789",
"city": "abc123",
"asn": UnsignedInt32
}
BlockedIPLogDimension
Description
A list of values for sorting the DDoS blocked IP log.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"CUSTOMER"
BlockedIPLogFilterInput
Description
Filters queries for DDoS blocked IP logs.
Fields
| Input Field | Description |
|---|---|
customerSubstring - String
|
A substring for matching customer that contains this substring. A value of empty string "" indicates any customer is a match. If this field is specified, the dName value in company filter CompanyFilterInput will not be used for searching for customer matching. |
firstEventTime - BlockedIPLogTimeInput
|
Criteria for selecting a timestamp range firstEventTimeStamp. |
eventTime - BlockedIPLogTimeInput!
|
Criteria for selecting a timestamp range for eventTimeStamp. |
blockedIPSubstring - String
|
A substring for matching blocked IP that contains this substring. |
countermeasureSubstring - String
|
A substring for matching countermeasure that contains this substring. |
countrySubstring - String
|
A substring for matching country that contains this substring. |
asn - UnsignedInt32
|
A number for matching ASN. |
mitigationName - String
|
A string for matching mitigation name. |
Example
{
"customerSubstring": "xyz789",
"firstEventTime": BlockedIPLogTimeInput,
"eventTime": BlockedIPLogTimeInput,
"blockedIPSubstring": "abc123",
"countermeasureSubstring": "abc123",
"countrySubstring": "abc123",
"asn": UnsignedInt32,
"mitigationName": "xyz789"
}
BlockedIPLogSortBy
Description
DDoS blocked IP log sorting.
Fields
| Input Field | Description |
|---|---|
dimension - BlockedIPLogDimension!
|
The dimension to sort by. |
direction - SortDirection!
|
The order of the sort (ascending or descending). Default = DESCENDING |
Example
{"dimension": "CUSTOMER", "direction": "ASCENDING"}
BlockedIPLogTimeInput
BlockedIPLogsWithPagination
Description
A paginated list of DDoS blocked IP logs.
Fields
| Field Name | Description |
|---|---|
results - [BlockedIPLog!]
|
DDoS blocked IP log data. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [BlockedIPLog],
"pageInfo": Pagination
}
Boolean
Description
The Boolean scalar type represents true or false.
Example
true
BotAnalyticsResponse
Description
A Bot analytics response.
Fields
| Field Name | Description |
|---|---|
logs - BotViolationLogsWithPagination
|
A paginated list of violation logs satisfying the filter criteria. |
groups - [ViolationLogGroup!]
|
The list of aggregated group results satisfying the group by criteria. |
timeSeriesData - [ViolationLogTimeSeries!]
|
The time series information of the violation logs occurrences. |
Example
{
"logs": BotViolationLogsWithPagination,
"groups": [ViolationLogGroup],
"timeSeriesData": [ViolationLogTimeSeries]
}
BotBlackList
Description
A black list countermeasure.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the black list countermeasure is enabled. |
types - BotBlackListTypesWithPagination
|
A paginated list of black list bindings. |
Arguments
|
|
Example
{
"enabled": true,
"types": BotBlackListTypesWithPagination
}
BotBlackListAction
Description
Allowed list of black list actions.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"DROP"
BotBlackListBinding
Description
A black list binding.
Fields
| Field Name | Description |
|---|---|
type - BotBlackListType!
|
The binding type. |
active - Boolean!
|
Whether the binding is active. |
value - String
|
The binding value. Can only be set if type is IPV4 or SUBNET. |
expressionMatch - BotBlackWhiteListExpressionMatch
|
The binding expression value. Can only be set if type is EXPRESSION. |
response - BotResponse!
|
The binding response. |
action - BotBlackListAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{
"type": "IPV4",
"active": true,
"value": "abc123",
"expressionMatch": BotBlackWhiteListExpressionMatch,
"response": "NONE",
"action": "DROP"
}
BotBlackListBindingInput
Description
A black list binding.
Fields
| Input Field | Description |
|---|---|
type - BotBlackListType!
|
The binding type. |
active - Boolean!
|
Whether the binding is active. |
value - String
|
The binding value. Can only be set if type is IPV4 or SUBNET. |
expressionMatch - BotBlackWhiteListExpressionMatchInput
|
The binding expression value. Can only be set if type is EXPRESSION. |
response - BotResponse!
|
The binding response. |
action - BotBlackListAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{
"type": "IPV4",
"active": true,
"value": "abc123",
"expressionMatch": BotBlackWhiteListExpressionMatchInput,
"response": "NONE",
"action": "DROP"
}
BotBlackListType
Description
Allowed list of black list types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"IPV4"
BotBlackListTypesWithPagination
Description
A paginated list of black list bindings.
Fields
| Field Name | Description |
|---|---|
results - [BotBlackListBinding!]
|
List of black list bindings. |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [BotBlackListBinding],
"pageInfo": Pagination
}
BotBlackWhiteListExpressionField
Description
Allowed list of black and white list expression fields.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"URL"
BotBlackWhiteListExpressionMatch
Description
A black and white list expression match.
Fields
| Field Name | Description |
|---|---|
field - BotBlackWhiteListExpressionField!
|
The expression field. |
fieldValue - String
|
The expression field value. Can only be set if field is HEADER. |
operand - BotBlackWhiteListExpressionOperand!
|
The expression operand. |
operandValue - String!
|
The expression operand value. |
Example
{
"field": "URL",
"fieldValue": "abc123",
"operand": "EQUALS",
"operandValue": "xyz789"
}
BotBlackWhiteListExpressionMatchInput
Description
A black and white list expression match.
Fields
| Input Field | Description |
|---|---|
field - BotBlackWhiteListExpressionField!
|
The expression field. |
fieldValue - String
|
The expression field value. Can only be set if field is HEADER. |
operand - BotBlackWhiteListExpressionOperand!
|
The expression operand. |
operandValue - String!
|
The expression operand value. |
Example
{
"field": "URL",
"fieldValue": "abc123",
"operand": "EQUALS",
"operandValue": "xyz789"
}
BotBlackWhiteListExpressionOperand
Description
Allowed list of black and white list expression operands.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"EQUALS"
BotCAPTCHA
Description
A CAPTCHA countermeasure.
Fields
| Field Name | Description |
|---|---|
resources - BotCAPTCHAResourcesWithPagination
|
A paginated list of CAPTCHA bindings. |
Arguments
|
|
Example
{"resources": BotCAPTCHAResourcesWithPagination}
BotCAPTCHAAction
Description
Allowed list of CAPTCHA actions.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"DROP"
BotCAPTCHABinding
Description
A CAPTCHA binding.
Fields
| Field Name | Description |
|---|---|
urlPath - String!
|
The binding url. |
active - Boolean!
|
Whether the binding is active. |
waitTime - UnsignedInt32!
|
The binding wait time. |
gracePeriod - UnsignedInt32!
|
The binding grace period. |
mutePeriod - UnsignedInt32!
|
The binding mute period. |
requestLengthLimit - UnsignedInt32!
|
The binding request length limit. |
retryAttempts - UnsignedInt32!
|
The binding retry attempts. |
response - BotResponse!
|
The binding response. |
action - BotCAPTCHAAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{
"urlPath": "abc123",
"active": true,
"waitTime": UnsignedInt32,
"gracePeriod": UnsignedInt32,
"mutePeriod": UnsignedInt32,
"requestLengthLimit": UnsignedInt32,
"retryAttempts": UnsignedInt32,
"response": "NONE",
"action": "DROP"
}
BotCAPTCHABindingInput
Description
A CAPTCHA binding.
Fields
| Input Field | Description |
|---|---|
urlPath - String!
|
The binding url. |
active - Boolean!
|
Whether the binding is active. |
waitTime - UnsignedInt32!
|
The binding wait time. |
gracePeriod - UnsignedInt32!
|
The binding grace period. |
mutePeriod - UnsignedInt32!
|
The binding mute period. |
requestLengthLimit - UnsignedInt32!
|
The binding request length limit. |
retryAttempts - UnsignedInt32!
|
The binding retry attempts. |
response - BotResponse!
|
The binding response. |
action - BotCAPTCHAAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{
"urlPath": "xyz789",
"active": true,
"waitTime": UnsignedInt32,
"gracePeriod": UnsignedInt32,
"mutePeriod": UnsignedInt32,
"requestLengthLimit": UnsignedInt32,
"retryAttempts": UnsignedInt32,
"response": "NONE",
"action": "DROP"
}
BotCAPTCHAResourcesWithPagination
Description
A paginated list of CAPTCHA bindings.
Fields
| Field Name | Description |
|---|---|
results - [BotCAPTCHABinding!]
|
List of CAPTCHA bindings. |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [BotCAPTCHABinding],
"pageInfo": Pagination
}
BotDeviceFingerprint
Description
A device fingerprint countermeasure.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the device fingerprint countermeasure is enabled. |
response - BotResponse!
|
Response to be taken. |
action - BotDeviceFingerprintAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
Example
{"enabled": true, "response": "NONE", "action": "DROP"}
BotDeviceFingerprintAction
Description
Allowed list of device fingerprint actions.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"DROP"
BotIPReputation
Description
An IP reputation countermeasure.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the IP reputation countermeasure is enabled. |
categories - BotIPReputationCategoriesWithPagination
|
A paginated list of IP reputation bindings. |
Arguments
|
|
Example
{
"enabled": true,
"categories": BotIPReputationCategoriesWithPagination
}
BotIPReputationAction
Description
Allowed list of IP reputation actions.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"DROP"
BotIPReputationBinding
Description
An IP reputation binding.
Fields
| Field Name | Description |
|---|---|
type - BotIPReputationType!
|
The binding type. |
active - Boolean!
|
Whether the binding is active. |
response - BotResponse!
|
The binding response. |
action - BotIPReputationAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{"type": "IP", "active": true, "response": "NONE", "action": "DROP"}
BotIPReputationBindingInput
Description
An IP reputation binding.
Fields
| Input Field | Description |
|---|---|
type - BotIPReputationType!
|
The binding type. |
active - Boolean!
|
Whether the binding is active. |
response - BotResponse!
|
The binding response. |
action - BotIPReputationAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{"type": "IP", "active": false, "response": "NONE", "action": "DROP"}
BotIPReputationCategoriesWithPagination
Description
A paginated list of IP reputation bindings.
Fields
| Field Name | Description |
|---|---|
results - [BotIPReputationBinding!]
|
List of IP reputation bindings. |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [BotIPReputationBinding],
"pageInfo": Pagination
}
BotIPReputationType
Description
Allowed list of IP reputation types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"IP"
BotMitigation
Description
Represents a BOT Mitigation.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of the mitigation. |
policy - Policy
|
The Policy that triggered this mitigation. Use policyKey to find policy separately, if needed
|
destinationIPs - [CIDR!]
|
The destination IPs. Use destinationIP
|
policyKey - String!
|
The Policy Key that triggered this mitigation. |
destinationIP - IPAddress!
|
The destination IP. |
countermeasures - [BotViolation!]
|
The countermeasures associated with the mitigation. |
company - Company!
|
The company object. |
start - Time!
|
The start time of the mitigaiton |
end - Time
|
The end time of the mitigation. A non-zero value of end time means that the mitigation has ended or finished. |
event - Event
|
The event associated with this mitigation. |
Example
{
"id": "abc123",
"policy": Policy,
"destinationIPs": [CIDR],
"policyKey": "abc123",
"destinationIP": IPAddress,
"countermeasures": [BotViolation],
"company": Company,
"start": "10:15:30Z",
"end": "10:15:30Z",
"event": Event
}
BotProfile
Description
A bot profile for a given policy.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the bot profile is enabled. |
blackList - BotBlackList
|
The black list countermeasure settings. |
whiteList - BotWhiteList
|
The white list countermeasure settings. |
ipReputation - BotIPReputation
|
The IP reputation countermeasure settings. |
rateLimit - BotRateLimit
|
The rate limit countermeasure settings. |
deviceFingerprint - BotDeviceFingerprint
|
The device fingerprint countermeasure settings. |
botTrap - BotTrap
|
The bot trap countermeasure settings. |
tps - BotTPS
|
The TPS countermeasure settings. |
captcha - BotCAPTCHA
|
The CAPTCHA countermeasure settings. |
signatures - BotSignatures
|
The bot signatures settings. |
Example
{
"enabled": true,
"blackList": BotBlackList,
"whiteList": BotWhiteList,
"ipReputation": BotIPReputation,
"rateLimit": BotRateLimit,
"deviceFingerprint": BotDeviceFingerprint,
"botTrap": BotTrap,
"tps": BotTPS,
"captcha": BotCAPTCHA,
"signatures": BotSignatures
}
BotRateLimit
Description
A rate limit countermeasure.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the rate limit countermeasure is enabled. |
resources - BotRateLimitResourcesWithPagination
|
A paginated list of rate limit bindings. |
Arguments
|
|
Example
{
"enabled": true,
"resources": BotRateLimitResourcesWithPagination
}
BotRateLimitAction
Description
Allowed list of rate limit actions.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"DROP"
BotRateLimitBinding
Description
A rate limit binding.
Fields
| Field Name | Description |
|---|---|
type - BotRateLimitType!
|
The binding type. |
cookieName - String
|
The binding cookie name. Can only be set if type is SESSION. |
urlPath - String
|
The binding URL path. Can only be set if type is URL. |
active - Boolean!
|
Whether the binding is active. |
rate - UnsignedInt32!
|
The binding rate. |
period - UnsignedInt32!
|
The binding period. |
response - BotResponse!
|
The binding response. |
action - BotRateLimitAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{
"type": "SESSION",
"cookieName": "xyz789",
"urlPath": "xyz789",
"active": true,
"rate": UnsignedInt32,
"period": UnsignedInt32,
"response": "NONE",
"action": "DROP"
}
BotRateLimitBindingInput
Description
A rate limit binding.
Fields
| Input Field | Description |
|---|---|
type - BotRateLimitType!
|
The binding type. |
cookieName - String
|
The binding cookie name. Can only be set if type is SESSION. |
urlPath - String
|
The binding URL path. Can only be set if type is URL. |
active - Boolean!
|
Whether the binding is active. |
rate - UnsignedInt32!
|
The binding rate. |
period - UnsignedInt32!
|
The binding period. |
response - BotResponse!
|
The binding response. |
action - BotRateLimitAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{
"type": "SESSION",
"cookieName": "xyz789",
"urlPath": "abc123",
"active": false,
"rate": UnsignedInt32,
"period": UnsignedInt32,
"response": "NONE",
"action": "DROP"
}
BotRateLimitResourcesWithPagination
Description
A paginated list of rate limit bindings.
Fields
| Field Name | Description |
|---|---|
results - [BotRateLimitBinding!]
|
List of rate limit bindings. |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [BotRateLimitBinding],
"pageInfo": Pagination
}
BotRateLimitType
Description
Allowed list of rate limit types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"SESSION"
BotResponse
Description
Allowed list of countermeasure responses.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"NONE"
BotSignatureAction
Description
Allowed list of bot signature actions.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"NONE"
BotSignatureDimension
Description
Allowed values for sorting the bot signature list.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"CATEGORY"
BotSignatureFilterInput
Description
Filter a list of bot signatures.
Example
{
"category": "xyz789",
"name": "xyz789",
"search": "abc123"
}
BotSignatureSortBy
Description
Sort options for the bot signature list.
Fields
| Input Field | Description |
|---|---|
dimension - BotSignatureDimension!
|
The dimension to sort by. |
direction - SortDirection!
|
The direction to sort in. |
Example
{"dimension": "CATEGORY", "direction": "ASCENDING"}
BotSignatures
Description
Bot signatures.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether bot signatures are enabled. |
configuredBaseSignatures - [ConfiguredBaseBotSignature!]
|
List of bot signatures. |
Example
{
"enabled": true,
"configuredBaseSignatures": [ConfiguredBaseBotSignature]
}
BotSignaturesVersion
BotSignaturesWithPagination
Description
A paginated list of bot signatures.
Fields
| Field Name | Description |
|---|---|
results - [BaseBotSignature!]
|
List of bot signatures. |
pageInfo - Pagination!
|
The results paging information. |
version - BotSignaturesVersion
|
The version of the default bot signatures file |
Example
{
"results": [BaseBotSignature],
"pageInfo": Pagination,
"version": BotSignaturesVersion
}
BotTPS
Description
A TPS countermeasure.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the TPS countermeasure is enabled. |
resources - BotTPSResourcesWithPagination
|
A paginated list of rate limit bindings. |
Arguments
|
|
Example
{
"enabled": true,
"resources": BotTPSResourcesWithPagination
}
BotTPSAction
Description
Allowed list of TPS actions.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"DROP"
BotTPSBinding
Description
A TPS binding.
Fields
| Field Name | Description |
|---|---|
type - BotTPSType!
|
The binding type. |
fixedThreshold - UnsignedInt32
|
The binding fixed threshold. One or both of fixed and percentage threshold must be set. |
percentageThreshold - UnsignedInt32
|
The binding percentage threshold. One or both of fixed and percentage threshold must be set. |
response - BotResponse!
|
The binding response. |
action - BotTPSAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{
"type": "SOURCE_IP",
"fixedThreshold": UnsignedInt32,
"percentageThreshold": UnsignedInt32,
"response": "NONE",
"action": "DROP"
}
BotTPSBindingInput
Description
A TPS binding.
Fields
| Input Field | Description |
|---|---|
type - BotTPSType!
|
The binding type. |
fixedThreshold - UnsignedInt32
|
The binding fixed threshold. One or both of fixed and percentage threshold must be set. |
percentageThreshold - UnsignedInt32
|
The binding percentage threshold. One or both of fixed and percentage threshold must be set. |
response - BotResponse!
|
The binding response. |
action - BotTPSAction
|
The binding action. Can only be set if response is ACTION_AND_LOG. |
Example
{
"type": "SOURCE_IP",
"fixedThreshold": UnsignedInt32,
"percentageThreshold": UnsignedInt32,
"response": "NONE",
"action": "DROP"
}
BotTPSResourcesWithPagination
Description
A paginated list of TPS bindings.
Fields
| Field Name | Description |
|---|---|
results - [BotTPSBinding!]
|
List of TPS bindings. |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [BotTPSBinding],
"pageInfo": Pagination
}
BotTPSType
Description
Allowed list of TPS types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"SOURCE_IP"
BotTrap
Description
A bot trap countermeasure.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the bot trap countermeasure is enabled. |
response - BotResponse!
|
Response to be taken. |
action - BotTrapAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
insertionURLs - [BotTrapBinding!]
|
List of bot trap bindings. |
Example
{
"enabled": false,
"response": "NONE",
"action": "DROP",
"insertionURLs": [BotTrapBinding]
}
BotTrapAction
Description
Allowed list of bot trap actions.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"DROP"
BotTrapBinding
BotTrapBindingInput
BotType
Description
Allowed list of bot types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"BAD_BOT"
BotViolation
Description
Represents Bot violation.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The id of a bot violation. Use name
|
name - String!
|
The name of the countermeasure. |
company - Company!
|
The company object. removing support |
mitigation - BotMitigation!
|
The bot mitigation for the violation. |
violationsDetails - [AppViolationData!]
|
The details of the violations. |
Arguments
|
|
Example
{
"id": "abc123",
"name": "xyz789",
"company": Company,
"mitigation": BotMitigation,
"violationsDetails": [AppViolationData]
}
BotViolationLog
Description
A Bot violation log.
Fields
| Field Name | Description |
|---|---|
timestamp - LogTime
|
The timestamp of the violation log. |
timestampEvent - LogTime
|
The log timestamp event. |
version - String
|
The version. |
action - String
|
The action that caused this violation log. |
cookies - String
|
The cookies in the original request. |
customer - String
|
The customer account dname. |
domain - String
|
The domain the request was intended for. |
destinationIP - IPAddress
|
The destination IP the request was intended for. |
host - String
|
The hostname in the request. |
httptxID - String
|
The HTTP transaction ID from the engine. |
node - NetworkNode
|
The network node that detected the violation. |
profile - String
|
The policy key generating this violation. |
protocol - String
|
The protocol used. |
rawHeaders - String
|
The raw headers in the original request. |
reason - String
|
The reason for the violation to occur. |
signatureName - String
|
The protection / signature name which triggered the violation. |
sourceASN - UnsignedInt32
|
The source ASN (autonomous system number) of the request. |
sourceIP - IPAddress
|
The source IP of the request. |
sourceLocation - GeoLocation
|
The location where the request originated. |
type - String
|
The type of the violation. |
uri - String
|
The uri which cause the violation. |
userAgent - String
|
The user agent in the original request header. |
wafVersion - String
|
The WAF version. |
logType - BotViolationLogType
|
The type of the log message. |
Example
{
"timestamp": LogTime,
"timestampEvent": LogTime,
"version": "xyz789",
"action": "xyz789",
"cookies": "abc123",
"customer": "abc123",
"domain": "xyz789",
"destinationIP": IPAddress,
"host": "xyz789",
"httptxID": "xyz789",
"node": NetworkNode,
"profile": "xyz789",
"protocol": "xyz789",
"rawHeaders": "abc123",
"reason": "abc123",
"signatureName": "abc123",
"sourceASN": UnsignedInt32,
"sourceIP": IPAddress,
"sourceLocation": GeoLocation,
"type": "abc123",
"uri": "abc123",
"userAgent": "abc123",
"wafVersion": "xyz789",
"logType": "INFO"
}
BotViolationLogDimension
Description
Allowed list of Bot violation log sort fields.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"SOURCE_IP"
BotViolationLogFilterInput
Description
A Bot violation log filter input.
Fields
| Input Field | Description |
|---|---|
sourceIP - IPAddressInput
|
The source IP of the request. |
destinationIP - IPAddressInput
|
The destination IP of the request. |
host - String
|
The host of the request. |
signatureName - String
|
The signature name which triggered the violation. |
userAgent - String
|
The user agent in the original request header. |
timestamp - String
|
The timestamp of the violation log. |
sourceCountryName - String
|
The source country name. |
sourceCity - String
|
The source city name. |
action - String
|
The violation log action. |
reason - String
|
The reason for the violation to occur. |
domain - String
|
The domain the request was intended for. |
uri - String
|
The uri which cause the violation. |
httptxID - String
|
The HTTP transaction ID from the engine. |
nodeIATACode - String
|
The IATA code for the processing node (site). |
profile - String
|
The policy key generating this violation. |
logType - BotViolationLogType
|
The type of the log message. |
all - String
|
The All filters looks at all the filters mentioned above, with the exception of profile. |
Example
{
"sourceIP": IPAddressInput,
"destinationIP": IPAddressInput,
"host": "abc123",
"signatureName": "xyz789",
"userAgent": "xyz789",
"timestamp": "abc123",
"sourceCountryName": "xyz789",
"sourceCity": "xyz789",
"action": "xyz789",
"reason": "abc123",
"domain": "abc123",
"uri": "xyz789",
"httptxID": "abc123",
"nodeIATACode": "xyz789",
"profile": "xyz789",
"logType": "INFO",
"all": "xyz789"
}
BotViolationLogGroupByField
Description
Allowed list of Bot violation log group by fields.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"URI"
BotViolationLogGroupByInput
Description
A Bot violation log group by input.
Fields
| Input Field | Description |
|---|---|
field - BotViolationLogGroupByField!
|
The field that will be used to group the logs. |
direction - SortDirection
|
The order of the groups listed (ascending or descending). |
timeInterval - TimeInterval
|
The time interval when the group of logs occurred. |
Example
{
"field": "URI",
"direction": "ASCENDING",
"timeInterval": TimeInterval
}
BotViolationLogSortBy
Description
Bot violation log sorting.
Fields
| Input Field | Description |
|---|---|
dimension - BotViolationLogDimension!
|
The dimension to sort by. |
direction - SortDirection!
|
The direction to sort in. Default = DESCENDING |
Example
{"dimension": "SOURCE_IP", "direction": "ASCENDING"}
BotViolationLogType
Description
Allowed list of Bot violation log types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"INFO"
BotViolationLogsWithPagination
Description
A paginated list of Bot violation logs.
Fields
| Field Name | Description |
|---|---|
results - [BotViolationLog!]
|
Violation log entries. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [BotViolationLog],
"pageInfo": Pagination
}
BotWhiteList
Description
A white list countermeasure.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the white list countermeasure is enabled. |
types - BotWhiteListTypesWithPagination
|
A paginated list of white list bindings. |
Arguments
|
|
Example
{
"enabled": true,
"types": BotWhiteListTypesWithPagination
}
BotWhiteListBinding
Description
A white list binding.
Fields
| Field Name | Description |
|---|---|
type - BotWhiteListType!
|
The binding type. |
active - Boolean!
|
Whether the binding is active. |
value - String
|
The binding value. Can only be set if type is IPV4 or SUBNET. |
expressionMatch - BotBlackWhiteListExpressionMatch
|
The binding expression value. Can only be set if type is EXPRESSION. |
response - BotWhiteListResponse!
|
The binding response. |
Example
{
"type": "IPV4",
"active": true,
"value": "abc123",
"expressionMatch": BotBlackWhiteListExpressionMatch,
"response": "NONE"
}
BotWhiteListBindingInput
Description
A white list binding.
Fields
| Input Field | Description |
|---|---|
type - BotWhiteListType!
|
The binding type. |
active - Boolean!
|
Whether the binding is active. |
value - String
|
The binding value. Can only be set if type is IPV4 or SUBNET. |
expressionMatch - BotBlackWhiteListExpressionMatchInput
|
The binding expression value. Can only be set if type is EXPRESSION. |
response - BotWhiteListResponse!
|
The binding response. |
Example
{
"type": "IPV4",
"active": false,
"value": "abc123",
"expressionMatch": BotBlackWhiteListExpressionMatchInput,
"response": "NONE"
}
BotWhiteListResponse
Description
Allowed list of white list responses.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"NONE"
BotWhiteListType
Description
Allowed list of white list types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"IPV4"
BotWhiteListTypesWithPagination
Description
A paginated list of white list bindings.
Fields
| Field Name | Description |
|---|---|
results - [BotWhiteListBinding!]
|
List of white list bindings. |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [BotWhiteListBinding],
"pageInfo": Pagination
}
BufferOverflow
Description
Buffer overflow countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
maxURLLength - UnsignedInt16!
|
Maximum URL length allowed on the protected web sites. Requests with longer URLs will be blocked. |
maxHeaderLength - UnsignedInt16!
|
Maximum HTTP header length (in characters) in requests to the protected web sites. Requests with longer headers will be blocked. |
maxCookieLength - UnsignedInt16!
|
Maximum cookie length (in characters) in requests to the protected web sites. Requests with longer cookie lengths will be blocked. |
threshold - AppSecThreshold
|
Appsec Threshold configuration for buffer overflow violations. |
Example
{
"action": "NONE",
"maxURLLength": UnsignedInt16,
"maxHeaderLength": UnsignedInt16,
"maxCookieLength": UnsignedInt16,
"threshold": AppSecThreshold
}
CIDR
Description
CIDR represents an IP address range, either IPv4 or IPv6
Example
CIDR
CSRFRelaxationRule
Description
A CSRF relaxation rule.
Example
{
"enabled": false,
"formOriginURL": "xyz789",
"formActionURL": "abc123"
}
CSRFRelaxationRuleInput
Description
A CSRF relaxation rule. Form tagging must be enabled to use this feature.
Example
{
"enabled": true,
"formOriginURL": "xyz789",
"formActionURL": "abc123"
}
CSRFRelaxationRulesWithPagination
Description
A paginated list of CSRF relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [CSRFRelaxationRule!]
|
A list of CSRF relaxation rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [CSRFRelaxationRule],
"pageInfo": Pagination
}
CSRFSettings
Description
A cross-site request forgery countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. |
relaxationRules - CSRFRelaxationRulesWithPagination
|
A paginated list of CSRF relaxation rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for CSRF violations. |
Example
{
"action": "NONE",
"learn": true,
"relaxationRules": CSRFRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
CSRFSettingsRuleCount
Description
CSRF settings rule count.
Fields
| Field Name | Description |
|---|---|
rule - LearnedCSRFSettingsRule!
|
|
count - UnsignedInt32!
|
Example
{
"rule": LearnedCSRFSettingsRule,
"count": UnsignedInt32
}
CSRFSettingsRuleCountsWithPagination
Description
CSRF settings learning rules.
Fields
| Field Name | Description |
|---|---|
results - [CSRFSettingsRuleCount!]
|
|
pageInfo - Pagination!
|
Example
{
"results": [CSRFSettingsRuleCount],
"pageInfo": Pagination
}
CallerType
Description
Allowed list of values indicating what type of caller is recording an audit log transaction.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"APPLICATION"
CandidateACL
Description
The Candidate ACL.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of the candidate ACL. |
configuration - String!
|
The JSON configuration of the ACL. |
comment - String
|
A comment provided by SOC regarding the candidate ACL. |
state - CandidateACLState!
|
The state of the candidate ACL |
Example
{
"id": "abc123",
"configuration": "abc123",
"comment": "xyz789",
"state": "APPROVED"
}
CandidateACLState
Description
The different states of a candidate ACL.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"APPROVED"
CategoryConfiguration
Description
Configuration for a specific notification category.
Fields
| Field Name | Description |
|---|---|
category - NotificationCategory!
|
Notification category name. |
label - String!
|
Notification category label. |
description - String!
|
Notification category description. |
email - Boolean!
|
A flag indicating if email is enabled for this notification category. |
slack - Boolean!
|
A flag indicating if Slack is enabled for this notification category. |
webhook - Boolean!
|
A flag indicating if webhook is enabled for this notification category. |
hec - Boolean!
|
A flag indicating if HEC is enabled for this notification category. |
Example
{
"category": "CLOUD_FIREWALL_SUBMITTED",
"label": "abc123",
"description": "xyz789",
"email": false,
"slack": true,
"webhook": true,
"hec": false
}
CategoryConfigurationInput
Description
Input of Category Configuration.
Fields
| Input Field | Description |
|---|---|
category - NotificationCategory!
|
Notification category name. |
email - Boolean!
|
A flag indicating if email is enabled for this notification category. |
slack - Boolean
|
A flag indicating if Slack is enabled for this notification category. This flag must always be set to false for the user configuration. |
webhook - Boolean
|
A flag indicating if webhook is enabled for this notification category. This flag must always be set to false for the user configuration. |
hec - Boolean
|
A flag indicating if HEC is enabled for this notification category. This flag must always be set to false for the user configuration. |
Example
{
"category": "CLOUD_FIREWALL_SUBMITTED",
"email": true,
"slack": true,
"webhook": false,
"hec": true
}
Certificate
Description
An SSL certificate.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The ID of the certificate. |
createdAt - Time!
|
The time at which the certificate was created. |
updatedAt - Time!
|
The time at which the certificate was updated. |
company - Company!
|
The name of the company. |
name - String!
|
The name of the certificate. |
linksTo - String
|
The intermediate certificate that links to the SSL certificate. |
isIntermediate - Boolean!
|
Whether or not the certificate is an intermediate. |
fingerprint - String!
|
The hash of the certificate. |
commonName - String!
|
The common name of the certificate. |
issuer - String!
|
The issuer name of the certificate. |
root - String!
|
The root certificate name. |
sanNames - [String!]
|
SAN Names belonging to the certificate. |
issued - Time!
|
The time at which the certificate was issued. |
expiration - Time!
|
The time at which the certificate will expire. |
nod - String!
|
The name of the certificate on the devices. |
Example
{
"id": "xyz789",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"company": Company,
"name": "abc123",
"linksTo": "xyz789",
"isIntermediate": true,
"fingerprint": "abc123",
"commonName": "xyz789",
"issuer": "xyz789",
"root": "xyz789",
"sanNames": ["xyz789"],
"issued": "10:15:30Z",
"expiration": "10:15:30Z",
"nod": "xyz789"
}
CertificateBinding
Description
Certificate information for a back end.
Example
{"certificateID": "xyz789", "sni": true}
CertificateBindingInput
Description
Associate a certificate with a virtual server.
Fields
| Input Field | Description |
|---|---|
certificateID - String!
|
Internal ID for a defined certficiate. |
Example
{"certificateID": "abc123"}
ChannelConfiguration
Description
Channel configuration used by the company notification configuration.
Fields
| Field Name | Description |
|---|---|
email - EmailConfiguration!
|
Email channel configuration. |
slack - SlackConfiguration!
|
Slack channel configuration. |
webhook - WebhookConfiguration!
|
Webhook channel configuration. |
hec - HECConfiguration!
|
HEC channel configuration. |
Example
{
"email": EmailConfiguration,
"slack": SlackConfiguration,
"webhook": WebhookConfiguration,
"hec": HECConfiguration
}
ChannelConfigurationInput
Description
Input of Channel configuration.
Fields
| Input Field | Description |
|---|---|
email - EmailConfigurationInput
|
Email channel configuration input. |
slack - SlackConfigurationInput
|
Slack channel configuration input. |
webhook - WebhookConfigurationInput
|
Webhook channel configuration input. |
hec - HECConfigurationInput
|
HEC channel configuration input. |
Example
{
"email": EmailConfigurationInput,
"slack": SlackConfigurationInput,
"webhook": WebhookConfigurationInput,
"hec": HECConfigurationInput
}
CipherSelectionMode
Description
Allowed list of TLS cipher user selection mode.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"DEFAULT"
CommandInjection
Description
An Command injection countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
commandInjectionType - CommandInjectionType!
|
A command injection type. |
relaxationRules - CommandInjectionRelaxationRulesWithPagination
|
A paginated list of SQL Injection rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for command injection violations. |
Example
{
"action": "NONE",
"commandInjectionType": "COMMAND_KEYWORD",
"relaxationRules": CommandInjectionRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
CommandInjectionRelaxationRule
Description
A Command injection relaxation rule.
Fields
| Field Name | Description |
|---|---|
name - String!
|
Name of the web form field, cookie, or HTTP header to relax. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex - Boolean!
|
Whether the name is in regex format. |
url - String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
location - HTMLLocation
|
Location that should be examined by the rule. |
valueType - CommandInjectionValueType
|
The value type. |
isValueExpressionRegex - Boolean
|
Whether the value expression is in regex format. |
valueExpression - String
|
The value expression. |
Example
{
"name": "abc123",
"enabled": true,
"isNameRegex": false,
"url": "abc123",
"location": "FORM_FIELD",
"valueType": "KEYWORD",
"isValueExpressionRegex": false,
"valueExpression": "abc123"
}
CommandInjectionRelaxationRuleInput
Description
A Command injection relaxation rule input.
Fields
| Input Field | Description |
|---|---|
name - String!
|
Name of the web form field, cookie, or HTTP header to relax. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. Default = true |
isNameRegex - Boolean!
|
Whether the name is in regex format. Default = false |
url - String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
location - HTMLLocation
|
The location that should be examined by the rule. |
valueType - CommandInjectionValueType
|
The value type. |
isValueExpressionRegex - Boolean
|
Whether the value expression is in regex format. Default = false |
valueExpression - String
|
The value expression. |
Example
{
"name": "abc123",
"enabled": false,
"isNameRegex": false,
"url": "abc123",
"location": "FORM_FIELD",
"valueType": "KEYWORD",
"isValueExpressionRegex": true,
"valueExpression": "abc123"
}
CommandInjectionRelaxationRulesWithPagination
Description
A paginated list of SQL injection relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [CommandInjectionRelaxationRule!]
|
A list of relaxation rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [CommandInjectionRelaxationRule],
"pageInfo": Pagination
}
CommandInjectionType
Description
Allowed list of command injection types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"COMMAND_KEYWORD"
CommandInjectionValueType
Description
Allowed list of values for command injection value types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"KEYWORD"
CommentExemption
Description
Allowed list of types of comment which can be exmpted.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"CHECK_ALL"
CompaniesWithPagination
Description
A paginated list of Companies.
Fields
| Field Name | Description |
|---|---|
results - [Company!]
|
Set of companies returned by query. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [Company],
"pageInfo": Pagination
}
Company
Description
A Customer or Reseller
Fields
| Field Name | Description |
|---|---|
dName - String!
|
The unique, primary identifier for the company. |
wafAnalytics - WAFAnalyticsResponse
|
WAF Violation Log details. |
Arguments
|
|
responderAnalytics - ResponderAnalyticsResponse
|
WAF Responder Policy Log details. |
Arguments
|
|
botAnalytics - BotAnalyticsResponse
|
Bot Violation Log details. |
Arguments
|
|
appDataAnalytics - [AppDataAnalyticsResponse!]
|
Application-level traffic data. |
Arguments
|
|
ddosBlockedIPLogs - BlockedIPLogsWithPagination
|
DDoS blocked IP log details. |
Arguments
|
|
managedObjects - [ManagedObject!]
|
List of Managed Objects. |
Arguments
|
|
detectionAndAlertingPackage - DetectionAndAlertingPackage
|
Detection and Alerting Package. |
filterLists - FilterListsWithPagination!
|
List of Filter Lists. |
Arguments
|
|
auditLogTransactions - AuditLogTransactionsWithPagination!
|
A list of audit log transactions that occurred between UTC time (from) to UTC time (to). |
Arguments
|
|
acls - ACLsOutput!
|
Fetch ACLs. |
configurationChanges - [ConfigurationChange!]
|
Recent changes to Policies and/or Proxies. |
Arguments
|
|
certificates - [Certificate!]
|
TLS Certificates configured for the Company. |
oneTimeExecutiveReportConfigurations - OneTimeExecutiveReportConfigurationsWithPagination!
|
Retrieves One time Executive Report Configurations. |
Arguments
|
|
executiveReports - ExecutiveReportsWithPagination!
|
Retrieves Executive Reports. |
Arguments
|
|
recurringExecutiveReportConfigurations - RecurringExecutiveReportConfigurationsWithPagination!
|
Retrieves Recurring Executive Report Configurations. |
Arguments
|
|
legacyProxies - [LegacyProxy!]
|
List of legacy proxies based on filter options. |
Arguments
|
|
destinationIPs - [CIDR!]
|
IP Addresses that could be getting traffic. |
tunnels - [Tunnel!]
|
Tunnels connecting to the customer origin. |
bgpPackage - BGPPackage
|
BGP Configuration, if any. |
Arguments
|
|
notificationConfigurations - NotificationConfigurationsWithPagination
|
The list of notification configuration. |
Arguments
|
|
notificationRecords - NotificationRecordsWithPagination
|
The list of notification records. |
Arguments
|
|
policies - [Policy!]
|
A list of policies based on filter options. |
Arguments
|
|
proxyPlusPolicies - [ProxyPlusPolicy!]
|
Fetch Proxy Plus Policies. |
Arguments
|
|
proxyPlusProxies - [ProxyPlusProxy!]
|
Fetch Proxy Plus Proxy. |
Arguments
|
|
proxyPlusServices - [ProxyPlusService!]
|
Fetch Proxy Plus Service. |
Arguments
|
|
proxyPlusCertificates - [ProxyPlusCertificate!]
|
Fetch Proxy Plus Certificates. |
Arguments
|
|
proxyPlusProvisioningStatus - ProxyPlusProvisioningStatus!
|
Fetch Proxy Plus Provisioning Status. |
proxies - [Proxy!]
|
A list of proxies based on filter options. |
Arguments
|
|
userPurgeList - UserLoginIDWithPagination
|
Retreive the list of login id's of users that would be purged on enabling SSO for the company. |
Arguments
|
|
traffic - TrafficOutput!
|
Fetch clean traffic data. |
Arguments
|
|
status - StatusOutput!
|
Fetch status data. |
Arguments
|
|
alerts - AlertsWithPagination!
|
All the alerts. |
Arguments
|
|
event - Event
|
Details of a specific event. Use events providing ID in filter.
|
Arguments
|
|
events - EventsWithPagination!
|
The list of events. |
Arguments
|
|
id - String!
|
Company ID. |
createdAt - Time!
|
Timestamp the company entry was created at. |
updatedAt - Time!
|
Timestamp the company entry was last updated at. |
enabled - Boolean!
|
Whether the Company and its users are able to access the system. |
deleted - Boolean!
|
Indicates whether company is deleted. |
details - CompanyDetails!
|
Contains Company details like Name, Account Name and ID, DNS account, among others. |
accountID - String!
|
Unique account ID of Company. |
shortname - String!
|
Short name of Company. |
reseller - Company
|
Details of company that is the reseller of this company. |
customers - [Company!]
|
Companies that are direct customers of this company. |
allCustomers - CompaniesWithPagination!
|
Returns all companies that are customers of (resold by) this company and those resold by other reseller. |
Arguments
|
|
users - UsersWithPagination!
|
Returns all Users associated with this company. |
Arguments
|
|
whiteLabel - WhiteLabel
|
Contains whitelabel specifications for this company. |
corporateName - String!
|
Corporate Name of the company. |
corporateDomain - String!
|
Corporate Domain name of the company. |
managementDomain - String!
|
Management Domain name of the company. |
serviceProvider - String!
|
Service Provider for the company. |
proxyPackage - ProxyPackage
|
Proxy Related information for the company. |
apiPackage - APIAccess
|
API access settings users belonging to this company. |
isReseller - Boolean!
|
Indicates whether the company resells other companies. |
resellProxy - Boolean!
|
Indicates whether this company is a reseller of Proxy offerings. |
resellBGP - Boolean!
|
Indicates whether this company is a reseller of BGP related offerings. |
resellDetectionAndAlerting - Boolean!
|
Indicates whether this company is a reseller of Detection and Alerting related offerings. |
resellWAF - Boolean!
|
Indicates whether this company is a reseller of Web Application Firewall related offerings. |
resellBot - Boolean!
|
Indicates whether this company is a reseller of Bot related offerings. |
mfaPackage - MFAPackage
|
Specifies Multi Factor Authentication configuration and Enablement for this company's users. |
accountManagerEmail - String!
|
Company Account Manager email. |
accountManagerName - String!
|
Company Account Manager Name. |
technicalEmail - String!
|
Company Technical contact Email. |
technicalFirstName - String!
|
Company Technical contact First Name. |
technicalJobTitle - String!
|
Company Technical contact Job Title. |
technicalLastName - String!
|
Company Technical contact Last Name. |
technicalMobile - String!
|
Company Technical contact Mobile number. |
technicalPhone - String!
|
Company Technical contact phone number. |
formerlyKnownAs - String!
|
Former Name of Company if applicable. |
accountInfo - AccountInfo
|
Account and Contract Details of Company. |
ssoPackage - SSOPackage
|
SSO Related information for the company. |
runBook - RunBook
|
The escalation runbook. |
proxyPlusPackage - ProxyPlusPackage
|
Proxy Plus Related information for the company. |
portalInactivityTimeout - UnsignedInt32
|
Portal inactivity timeout in seconds. |
Example
{
"dName": "abc123",
"wafAnalytics": WAFAnalyticsResponse,
"responderAnalytics": ResponderAnalyticsResponse,
"botAnalytics": BotAnalyticsResponse,
"appDataAnalytics": [AppDataAnalyticsResponse],
"ddosBlockedIPLogs": BlockedIPLogsWithPagination,
"managedObjects": [ManagedObject],
"detectionAndAlertingPackage": DetectionAndAlertingPackage,
"filterLists": FilterListsWithPagination,
"auditLogTransactions": AuditLogTransactionsWithPagination,
"acls": ACLsOutput,
"configurationChanges": [ConfigurationChange],
"certificates": [Certificate],
"oneTimeExecutiveReportConfigurations": OneTimeExecutiveReportConfigurationsWithPagination,
"executiveReports": ExecutiveReportsWithPagination,
"recurringExecutiveReportConfigurations": RecurringExecutiveReportConfigurationsWithPagination,
"legacyProxies": [LegacyProxy],
"destinationIPs": [CIDR],
"tunnels": [Tunnel],
"bgpPackage": BGPPackage,
"notificationConfigurations": NotificationConfigurationsWithPagination,
"notificationRecords": NotificationRecordsWithPagination,
"policies": [Policy],
"proxyPlusPolicies": [ProxyPlusPolicy],
"proxyPlusProxies": [ProxyPlusProxy],
"proxyPlusServices": [ProxyPlusService],
"proxyPlusCertificates": [ProxyPlusCertificate],
"proxyPlusProvisioningStatus": ProxyPlusProvisioningStatus,
"proxies": [Proxy],
"userPurgeList": UserLoginIDWithPagination,
"traffic": TrafficOutput,
"status": StatusOutput,
"alerts": AlertsWithPagination,
"event": Event,
"events": EventsWithPagination,
"id": "abc123",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"enabled": false,
"deleted": true,
"details": CompanyDetails,
"accountID": "xyz789",
"shortname": "abc123",
"reseller": Company,
"customers": [Company],
"allCustomers": CompaniesWithPagination,
"users": UsersWithPagination,
"whiteLabel": WhiteLabel,
"corporateName": "xyz789",
"corporateDomain": "xyz789",
"managementDomain": "xyz789",
"serviceProvider": "abc123",
"proxyPackage": ProxyPackage,
"apiPackage": APIAccess,
"isReseller": true,
"resellProxy": false,
"resellBGP": false,
"resellDetectionAndAlerting": true,
"resellWAF": false,
"resellBot": true,
"mfaPackage": MFAPackage,
"accountManagerEmail": "xyz789",
"accountManagerName": "abc123",
"technicalEmail": "xyz789",
"technicalFirstName": "abc123",
"technicalJobTitle": "abc123",
"technicalLastName": "xyz789",
"technicalMobile": "abc123",
"technicalPhone": "xyz789",
"formerlyKnownAs": "xyz789",
"accountInfo": AccountInfo,
"ssoPackage": SSOPackage,
"runBook": RunBook,
"proxyPlusPackage": ProxyPlusPackage,
"portalInactivityTimeout": UnsignedInt32
}
CompanyDetails
Description
Company configuration details.
Fields
| Field Name | Description |
|---|---|
dName - String!
|
The unique, primary identifier for the company. |
ultraSecurityAccountID - String!
|
Company portal Account ID. |
wpmAPIKey - String
|
Web Performance Management API key for this company. |
ipiID - String
|
IP Intelligence ID for this company. |
ultraDNSAccountName - String
|
Ultra DNS Account name for this company. |
recursiveSponsorID - String
|
Recursive DNS Sponsor server ID for this company. |
recursiveAccountID - String
|
Recursive DNS Account ID for this company. |
Example
{
"dName": "abc123",
"ultraSecurityAccountID": "abc123",
"wpmAPIKey": "xyz789",
"ipiID": "abc123",
"ultraDNSAccountName": "xyz789",
"recursiveSponsorID": "xyz789",
"recursiveAccountID": "abc123"
}
CompanyFilterInput
Description
Filters queries for companies.
Fields
| Input Field | Description |
|---|---|
dName - String
|
A unique, primary identifier for a company. |
Example
{"dName": "abc123"}
CompanyNotificationConfiguration
Description
Represents a Company wide notification configuration.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of this notification configuration. |
company - Company!
|
The company object. |
createdAt - Time!
|
The time that the notification configuration was created at. |
updatedAt - Time!
|
The time that the notification configuration was last updated at |
deletedAt - Time
|
The time that the notification configuration was deleted at. |
categories - [CategoryConfiguration!]!
|
The list of global category notification configurations. |
channel - ChannelConfiguration!
|
Global notification channels configurations. |
Example
{
"id": "xyz789",
"company": Company,
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"deletedAt": "10:15:30Z",
"categories": [CategoryConfiguration],
"channel": ChannelConfiguration
}
CompanyUsersFilterInput
Description
Specify how to search Company users.
Fields
| Input Field | Description |
|---|---|
userNameSubstring - String
|
Filter users by a specified substring in their name (first and/or last name). |
emailSubstring - String
|
Filter users by a specified substring in their email IDs. |
includeDescendants - Boolean
|
Indicates whether users from descendant companies should be included in query results. Default = false |
includeDisabled - Boolean
|
Specifies whether disabled users belonging to company should be included in query results. |
Example
{
"userNameSubstring": "xyz789",
"emailSubstring": "xyz789",
"includeDescendants": true,
"includeDisabled": true
}
ConfigurationChange
Description
A configuration change submitted to the controlling system(s).
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of the change. |
createdAt - Time!
|
Time at which the change was created. |
updatedAt - Time!
|
Time at which the change was last updated. |
company - Company!
|
Company the change belongs to. |
started - Time
|
Time at which the change began provisioning to devices. |
ended - Time
|
Time at which the change finished provisioning to devices. |
status - ConfigurationChangeStatus!
|
Current status of the config change. |
statusText - String!
|
Additional status infomation about the config change. |
Example
{
"id": "abc123",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"company": Company,
"started": "10:15:30Z",
"ended": "10:15:30Z",
"status": "UNKNOWN",
"statusText": "abc123"
}
ConfigurationChangeFilterInput
Description
Input needed to get config changes.
Fields
| Input Field | Description |
|---|---|
latest - Boolean
|
Whether to only return the latest config change. |
Example
{"latest": true}
ConfigurationChangeStatus
Description
List of possible ConfigurationChange statuses.
Values
| Enum Value | Description |
|---|---|
|
|
Should never be encountered, used in manual adjustments only. |
|
|
In progress. |
|
|
Submitted, but not yet processing. |
|
|
Completed successfully. |
|
|
Completed, but failed. |
Example
"UNKNOWN"
ConfigurationChangesLock
Description
The lock status of the configuration engine.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of the lock. |
createdAt - Time!
|
Time at which the lock was created. |
updatedAt - Time!
|
Time at which the lock was updated. |
started - Time!
|
Time at which the lock started. |
ended - Time
|
Time at which the lock ended. |
lockedBy - String!
|
User that created this lock. |
unlockedBy - String
|
User that unlocked this lock. |
Example
{
"id": "abc123",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"started": "10:15:30Z",
"ended": "10:15:30Z",
"lockedBy": "xyz789",
"unlockedBy": "abc123"
}
ConfigurationChangesLockResponse
Description
The lock status of the configuration engine.
Fields
| Field Name | Description |
|---|---|
timestamp - Time!
|
Time at which the status last changed. |
status - ConfigurationChangesLockStatus!
|
Current status of the lock. |
Example
{
"timestamp": "10:15:30Z",
"status": "UNKNOWN"
}
ConfigurationChangesLockStatus
Description
List of possible ConfigurationChangesLockResponse statuses.
Values
| Enum Value | Description |
|---|---|
|
|
Should never be encountered, used in manual adjustments only. |
|
|
Locked |
|
|
Unlocked |
Example
"UNKNOWN"
ConfiguredBaseBotSignature
Description
A base Bot Detection signature configured to respond with a different action.
Fields
| Field Name | Description |
|---|---|
signature - BaseBotSignature!
|
The base signature being configured. |
enabled - Boolean!
|
Whether the signature is enabled. |
action - BotSignatureAction!
|
The signature action. |
Example
{
"signature": BaseBotSignature,
"enabled": true,
"action": "NONE"
}
ConfiguredBaseBotSignatureInput
Description
Configure an action for a base Bot signature.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the signature. |
enabled - Boolean!
|
Whether the signature is enabled. |
action - BotSignatureAction!
|
Action to be taken. |
Example
{
"id": "abc123",
"enabled": true,
"action": "NONE"
}
ConfiguredBaseWAFSignature
Description
A base WAF signature configured to respond with a different action.
Fields
| Field Name | Description |
|---|---|
signature - BaseWAFSignature!
|
The base signature being configured. |
enabled - Boolean!
|
Whether the signature is enabled. |
action - WAFAction!
|
Action to be taken. |
Example
{
"signature": BaseWAFSignature,
"enabled": false,
"action": "NONE"
}
ConfiguredBaseWAFSignatureInput
Description
Configure an action for a base WAF signature.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the signature. |
action - WAFAction!
|
Action to be taken. |
Example
{"id": "abc123", "action": "NONE"}
ConfiguredBaseWAFSignaturesWithPagination
Description
A paginated list of base WAF signatures with configured actions.
Fields
| Field Name | Description |
|---|---|
results - [ConfiguredBaseWAFSignature!]
|
A list of signatures |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [ConfiguredBaseWAFSignature],
"pageInfo": Pagination
}
ContentType
Description
A content type countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. |
relaxationRules - ContentTypeRelaxationRulesWithPagination
|
A paginated list of content type relaxation rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for content type violations. |
Example
{
"action": "NONE",
"learn": false,
"relaxationRules": ContentTypeRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
ContentTypeRelaxationRule
ContentTypeRelaxationRuleInput
ContentTypeRelaxationRulesWithPagination
Description
A paginated list for content type relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [ContentTypeRelaxationRule!]
|
A list of content type relaxation rules. |
pageInfo - Pagination!
|
Contains the current page information. |
Example
{
"results": [ContentTypeRelaxationRule],
"pageInfo": Pagination
}
ContentTypeRuleCount
Description
Content type rule count.
Fields
| Field Name | Description |
|---|---|
rule - LearnedContentTypeRule!
|
|
count - UnsignedInt32!
|
Example
{
"rule": LearnedContentTypeRule,
"count": UnsignedInt32
}
ContentTypeRuleCountsWithPagination
Description
Content type learning rules.
Fields
| Field Name | Description |
|---|---|
results - [ContentTypeRuleCount!]
|
|
pageInfo - Pagination!
|
Example
{
"results": [ContentTypeRuleCount],
"pageInfo": Pagination
}
CookieConsistency
Description
Cookie consistency countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. |
relaxationRules - CookieConsistencyRelaxationRulesWithPagination
|
A paginated list of relaxation rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for cookie consistency violations. |
Example
{
"action": "NONE",
"learn": true,
"relaxationRules": CookieConsistencyRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
CookieConsistencyRelaxationRule
Description
A cookie consistency relaxation rule.
Example
{
"enabled": true,
"isRegex": false,
"cookieName": "abc123"
}
CookieConsistencyRelaxationRuleInput
Description
A cookie consistency relaxation rule.
Example
{
"enabled": true,
"isRegex": true,
"cookieName": "abc123"
}
CookieConsistencyRelaxationRulesWithPagination
Description
A paginated list of cookie consistency relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [CookieConsistencyRelaxationRule!]
|
A paginated list of relaxation rules. |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [CookieConsistencyRelaxationRule],
"pageInfo": Pagination
}
CookieConsistencyRuleCount
Description
Cookie consistency rule count.
Fields
| Field Name | Description |
|---|---|
rule - LearnedCookieConsistencyRule!
|
|
count - UnsignedInt32!
|
Example
{
"rule": LearnedCookieConsistencyRule,
"count": UnsignedInt32
}
CookieConsistencyRuleCountsWithPagination
Description
Cookie consistency learning rules.
Fields
| Field Name | Description |
|---|---|
results - [CookieConsistencyRuleCount!]
|
|
pageInfo - Pagination!
|
Example
{
"results": [CookieConsistencyRuleCount],
"pageInfo": Pagination
}
CookieSignatureRule
Description
A WAF custom signature cookie rule.
Fields
| Field Name | Description |
|---|---|
cookieNameFormat - SignatureRuleFormat!
|
A cookie name format from the allowed list of formats. |
cookieName - String
|
The cookie name used in this rule. |
Example
{
"cookieNameFormat": "ANY",
"cookieName": "abc123"
}
CookieSignatureRuleInput
Description
Create a WAF custom signature cookie rule.
Fields
| Input Field | Description |
|---|---|
cookieNameFormat - SignatureRuleFormat!
|
A cookie name format from the allowed list of formats. Default = ANY |
cookieName - String
|
The cookie name used in this rule. |
Example
{
"cookieNameFormat": "ANY",
"cookieName": "abc123"
}
CountryCode
Description
ISO 3166-1 alpha-2 country codes
Values
| Enum Value | Description |
|---|---|
|
|
Andorra |
|
|
United Arab Emirates |
|
|
Afghanistan |
|
|
Antigua and Barbuda |
|
|
Anguilla |
|
|
Albania |
|
|
Armenia |
|
|
Angola |
|
|
Netherlands Antilles |
|
|
Antarctica |
|
|
Argentina |
|
|
American Samoa |
|
|
Austria |
|
|
Australia |
|
|
Aruba |
|
|
Åland Islands |
|
|
Azerbaijan |
|
|
Bosnia and Herzegovina |
|
|
Barbados |
|
|
Bangladesh |
|
|
Belgium |
|
|
Burkina Faso |
|
|
Bulgaria |
|
|
Bahrain |
|
|
Burundi |
|
|
Benin |
|
|
Saint Barthélemy |
|
|
Bermuda |
|
|
Brunei Darussalam |
|
|
Bolivia (Plurinational State of) |
|
|
Bonaire, Sint Eustatius and Saba |
|
|
Brazil |
|
|
Bahamas |
|
|
Bhutan |
|
|
Bouvet Island |
|
|
Botswana |
|
|
Belarus |
|
|
Belize |
|
|
Canada |
|
|
Cocos (Keeling) Islands |
|
|
Congo, Democratic Republic of the |
|
|
Central African Republic |
|
|
Congo |
|
|
Switzerland |
|
|
Côte d'Ivoire |
|
|
Cook Islands |
|
|
Chile |
|
|
Cameroon |
|
|
China |
|
|
Colombia |
|
|
Costa Rica |
|
|
Cuba |
|
|
Cabo Verde |
|
|
Curaçao |
|
|
Christmas Island |
|
|
Cyprus |
|
|
Czechia |
|
|
Germany |
|
|
Djibouti |
|
|
Denmark |
|
|
Dominica |
|
|
Dominican Republic |
|
|
Algeria |
|
|
Ecuador |
|
|
Estonia |
|
|
Egypt |
|
|
Western Sahara |
|
|
Eritrea |
|
|
Spain |
|
|
Ethiopia |
|
|
Finland |
|
|
Fiji |
|
|
Falkland Islands (Malvinas) |
|
|
Micronesia (Federated States of) |
|
|
Faroe Islands |
|
|
France |
|
|
Gabon |
|
|
France, Metropolitan |
|
|
United Kingdom of Great Britain and Northern Ireland |
|
|
Grenada |
|
|
Georgia |
|
|
French Guiana |
|
|
Guernsey |
|
|
Ghana |
|
|
Gibraltar |
|
|
Greenland |
|
|
Gambia |
|
|
Guinea |
|
|
Guadeloupe |
|
|
Equatorial Guinea |
|
|
Greece |
|
|
South Georgia and the South Sandwich Islands |
|
|
Guatemala |
|
|
Guam |
|
|
Guinea-Bissau |
|
|
Guyana |
|
|
Hong Kong |
|
|
Heard Island and McDonald Islands |
|
|
Honduras |
|
|
Croatia |
|
|
Haiti |
|
|
Hungary |
|
|
Indonesia |
|
|
Ireland |
|
|
Israel |
|
|
Isle of Man |
|
|
India |
|
|
British Indian Ocean Territory |
|
|
Iraq |
|
|
Iran (Islamic Republic of) |
|
|
Iceland |
|
|
Italy |
|
|
Jersey |
|
|
Jamaica |
|
|
Jordan |
|
|
Japan |
|
|
Kenya |
|
|
Kyrgyzstan |
|
|
Cambodia |
|
|
Kiribati |
|
|
Comoros |
|
|
Saint Kitts and Nevis |
|
|
Korea (Democratic People's Republic of) |
|
|
Korea, Republic of |
|
|
Kuwait |
|
|
Cayman Islands |
|
|
Kazakhstan |
|
|
Lao People's Democratic Republic |
|
|
Lebanon |
|
|
Saint Lucia |
|
|
Liechtenstein |
|
|
Sri Lanka |
|
|
Liberia |
|
|
Lesotho |
|
|
Lithuania |
|
|
Luxembourg |
|
|
Latvia |
|
|
Libya |
|
|
Morocco |
|
|
Monaco |
|
|
Moldova, Republic of |
|
|
Montenegro |
|
|
Saint Martin (French part) |
|
|
Madagascar |
|
|
Marshall Islands |
|
|
North Macedonia |
|
|
Mali |
|
|
Myanmar |
|
|
Mongolia |
|
|
Macao |
|
|
Northern Mariana Islands |
|
|
Martinique |
|
|
Mauritania |
|
|
Montserrat |
|
|
Malta |
|
|
Mauritius |
|
|
Maldives |
|
|
Malawi |
|
|
Mexico |
|
|
Malaysia |
|
|
Mozambique |
|
|
Namibia |
|
|
New Caledonia |
|
|
Niger |
|
|
Norfolk Island |
|
|
Nigeria |
|
|
Nicaragua |
|
|
Netherlands |
|
|
Norway |
|
|
Nepal |
|
|
Nauru |
|
|
Niue |
|
|
New Zealand |
|
|
Oman |
|
|
Panama |
|
|
Peru |
|
|
French Polynesia |
|
|
Papua New Guinea |
|
|
Philippines |
|
|
Pakistan |
|
|
Poland |
|
|
Saint Pierre and Miquelon |
|
|
Pitcairn |
|
|
Puerto Rico |
|
|
Palestine, State of |
|
|
Portugal |
|
|
Palau |
|
|
Paraguay |
|
|
Qatar |
|
|
Réunion |
|
|
Romania |
|
|
Serbia |
|
|
Russian Federation |
|
|
Rwanda |
|
|
Saudi Arabia |
|
|
Solomon Islands |
|
|
Seychelles |
|
|
Sudan |
|
|
Sweden |
|
|
Singapore |
|
|
Saint Helena, Ascension and Tristan da Cunha |
|
|
Slovenia |
|
|
Svalbard and Jan Mayen |
|
|
Slovakia |
|
|
Sierra Leone |
|
|
San Marino |
|
|
Senegal |
|
|
Somalia |
|
|
Suriname |
|
|
South Sudan |
|
|
Sao Tome and Principe |
|
|
El Salvador |
|
|
Sint Maarten (Dutch part) |
|
|
Syrian Arab Republic |
|
|
Eswatini |
|
|
Turks and Caicos Islands |
|
|
Chad |
|
|
French Southern Territories |
|
|
Togo |
|
|
Thailand |
|
|
Tajikistan |
|
|
Tokelau |
|
|
Timor-Leste |
|
|
Turkmenistan |
|
|
Tunisia |
|
|
Tonga |
|
|
Turkey |
|
|
East Timor |
|
|
Trinidad and Tobago |
|
|
Tuvalu |
|
|
Taiwan, Province of China |
|
|
Tanzania, United Republic of |
|
|
Ukraine |
|
|
Uganda |
|
|
United States Minor Outlying Islands |
|
|
United States of America |
|
|
Uruguay |
|
|
Uzbekistan |
|
|
Holy See |
|
|
Saint Vincent and the Grenadines |
|
|
Venezuela (Bolivarian Republic of) |
|
|
Virgin Islands (British) |
|
|
Virgin Islands (U.S.) |
|
|
Viet Nam |
|
|
Vanuatu |
|
|
Wallis and Futuna |
|
|
Samoa |
|
|
Kosovo |
|
|
Yemen |
|
|
Mayotte |
|
|
South Africa |
|
|
Zambia |
|
|
Zimbabwe |
Example
"AD"
CreateBotBlackListInput
Description
Create a black list countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the black list countermeasure is enabled. Default = true |
types - [BotBlackListBindingInput!]
|
List of black list bindings. |
Example
{"enabled": false, "types": [BotBlackListBindingInput]}
CreateBotCAPTCHAInput
Description
Create a CAPTCHA countermeasure.
Fields
| Input Field | Description |
|---|---|
resources - [BotCAPTCHABindingInput!]
|
List of CAPTCHA bindings. |
Example
{"resources": [BotCAPTCHABindingInput]}
CreateBotDeviceFingerprintInput
Description
Create a device fingerprint countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the device fingerprint countermeasure is enabled. Default = true |
response - BotResponse!
|
Response to be taken. |
action - BotDeviceFingerprintAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
Example
{"enabled": true, "response": "NONE", "action": "DROP"}
CreateBotIPReputationInput
Description
Create an IP reputation countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the IP reputation countermeasure is enabled. Default = true |
categories - [BotIPReputationBindingInput!]
|
List of IP reputation bindings. |
Example
{
"enabled": false,
"categories": [BotIPReputationBindingInput]
}
CreateBotProfileInput
Description
Create a new bot profile.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the bot profile is enabled. Default = true |
blackList - CreateBotBlackListInput
|
The black list countermeasure settings. |
whiteList - CreateBotWhiteListInput
|
The white list countermeasure settings. |
ipReputation - CreateBotIPReputationInput
|
The IP reputation countermeasure settings. |
rateLimit - CreateBotRateLimitInput
|
The rate limit countermeasure settings. |
deviceFingerprint - CreateBotDeviceFingerprintInput
|
The device fingerprint countermeasure settings. |
botTrap - CreateBotTrapInput
|
The bot trap countermeasure settings. |
tps - CreateBotTPSInput
|
The TPS countermeasure settings. |
captcha - CreateBotCAPTCHAInput
|
The CAPTCHA countermeasure settings. |
signatures - CreateBotSignaturesInput
|
The bot signatures settings. |
Example
{
"enabled": true,
"blackList": CreateBotBlackListInput,
"whiteList": CreateBotWhiteListInput,
"ipReputation": CreateBotIPReputationInput,
"rateLimit": CreateBotRateLimitInput,
"deviceFingerprint": CreateBotDeviceFingerprintInput,
"botTrap": CreateBotTrapInput,
"tps": CreateBotTPSInput,
"captcha": CreateBotCAPTCHAInput,
"signatures": CreateBotSignaturesInput
}
CreateBotRateLimitInput
Description
Create a rate limit countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the rate limit countermeasure is enabled. Default = true |
resources - [BotRateLimitBindingInput!]
|
List of rate limit bindings. |
Example
{
"enabled": false,
"resources": [BotRateLimitBindingInput]
}
CreateBotSignaturesInput
Description
Create bot signatures.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether bot signatures are enabled. Default = true |
configuredBaseSignatures - [ConfiguredBaseBotSignatureInput!]
|
List of bot signatures. |
Example
{
"enabled": true,
"configuredBaseSignatures": [
ConfiguredBaseBotSignatureInput
]
}
CreateBotTPSInput
Description
Create a TPS countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the TPS countermeasure is enabled. Default = true |
resources - [BotTPSBindingInput!]
|
List of TPS bindings. |
Example
{"enabled": true, "resources": [BotTPSBindingInput]}
CreateBotTrapInput
Description
Create a bot trap countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the bot trap countermeasure is enabled. Default = true |
response - BotResponse!
|
Response to be taken. |
action - BotTrapAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
insertionURLs - [BotTrapBindingInput!]
|
List of bot trap bindings. |
Example
{
"enabled": false,
"response": "NONE",
"action": "DROP",
"insertionURLs": [BotTrapBindingInput]
}
CreateBotWhiteListInput
Description
Create a white list countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the white list countermeasure is enabled. Default = true |
types - [BotWhiteListBindingInput!]
|
List of white list bindings. |
Example
{"enabled": true, "types": [BotWhiteListBindingInput]}
CreateBufferOverflowInput
Description
Create a buffer overflow countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
maxURLLength - UnsignedInt16!
|
Maximum URL length (in characters, allowed range 0-65535) of the protected web sites. Requests with longer URLs will be blocked. Default = 1024 |
maxHeaderLength - UnsignedInt16!
|
Maximum HTTP header length (in characters, allowed range 0-65535) in requests to the protected web sites. Requests with longer headers will be blocked. Default = 4096 |
maxCookieLength - UnsignedInt16!
|
Maximum cookie length (in character, allowed range 0-65535) in requests to the protected web sites. Requests with longer cookie lengths will be blocked. Default = 4096 |
threshold - ThresholdInput
|
Appsec Threshold configuration for buffer overflow violations. |
Example
{
"action": "NONE",
"maxURLLength": UnsignedInt16,
"maxHeaderLength": UnsignedInt16,
"maxCookieLength": UnsignedInt16,
"threshold": ThresholdInput
}
CreateCSRFSettingsInput
Description
Create a cross-site request forgery countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. Default = false |
relaxationRules - [CSRFRelaxationRuleInput!]
|
A list of CSRF relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for CSRF violations. |
Example
{
"action": "NONE",
"learn": false,
"relaxationRules": [CSRFRelaxationRuleInput],
"threshold": ThresholdInput
}
CreateCertificateInput
Description
Create a certificate.
Fields
| Input Field | Description |
|---|---|
companyDName - String
|
The identifier of the owning company. |
name - String!
|
Name of the certificate. |
keyPEM - String!
|
Private key, in PEM format. |
keyPass - String
|
Password, only required if keyPEM is encrypted. |
certPEM - String!
|
Public certificate, and any intermediate, together in PEM format. |
Example
{
"companyDName": "abc123",
"name": "xyz789",
"keyPEM": "xyz789",
"keyPass": "abc123",
"certPEM": "xyz789"
}
CreateCertificateOutput
Description
Output from creating a certificate.
Fields
| Field Name | Description |
|---|---|
certificate - Certificate!
|
The created Certificate. |
Example
{"certificate": Certificate}
CreateCommandInjectionInput
Description
Create a command injection countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
commandInjectionType - CommandInjectionType!
|
A command injection type. |
relaxationRules - [CommandInjectionRelaxationRuleInput!]
|
A list of command injection relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for command injection violations. |
Example
{
"action": "NONE",
"commandInjectionType": "COMMAND_KEYWORD",
"relaxationRules": [
CommandInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
CreateCompanyNotificationConfigurationInput
Description
Create a Company notification configuration.
Fields
| Input Field | Description |
|---|---|
company - String!
|
Company dname identifier. |
Example
{"company": "xyz789"}
CreateCompanyNotificationConfigurationOutput
Description
Output from creating a Company notification configuration.
Fields
| Field Name | Description |
|---|---|
configuration - CompanyNotificationConfiguration!
|
Example
{"configuration": CompanyNotificationConfiguration}
CreateContentTypeInput
Description
Create a content type countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. Default = false |
relaxationRules - [ContentTypeRelaxationRuleInput!]
|
A list of content type relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for content type violations. |
Example
{
"action": "NONE",
"learn": true,
"relaxationRules": [ContentTypeRelaxationRuleInput],
"threshold": ThresholdInput
}
CreateCookieConsistencyInput
Description
Create a cookie consistency countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. Default = false |
relaxationRules - [CookieConsistencyRelaxationRuleInput!]
|
A list of relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for cookie consistency violations. |
Example
{
"action": "NONE",
"learn": false,
"relaxationRules": [
CookieConsistencyRelaxationRuleInput
],
"threshold": ThresholdInput
}
CreateDenyURLInput
Description
Create a deny URL countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
regexRules - [DenyURLRuleInput!]
|
A list of deny URL regex rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for deny URL violations. |
Example
{
"action": "NONE",
"regexRules": [DenyURLRuleInput],
"threshold": ThresholdInput
}
CreateDraftACLInput
CreateDraftACLOutput
CreateFieldFormatInput
Description
Create a field format countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. Default = false |
type - FieldFormatType!
|
Allowed types for this field. |
minLength - UnsignedInt16!
|
Minimum length of the field (in characters, allowed range 0-65535). Please note that distinguishing an integer from an alpha character requires at least one character. Default = 0 |
maxLength - UnsignedInt16!
|
Maximum length of the field (in characters, allowed range 0-65535). Please note that distinguishing an integer from an alpha character requires at least one character. Default = 65535 |
enforcementRules - [FieldFormatEnforcementRuleInput!]
|
A list of enforcement rules. These are tightening rules, in order to relax some rules you need to remove them from this list. |
threshold - ThresholdInput
|
Appsec Threshold configuration for field format violations. |
Example
{
"action": "NONE",
"learn": true,
"type": "ANY",
"minLength": UnsignedInt16,
"maxLength": UnsignedInt16,
"enforcementRules": [FieldFormatEnforcementRuleInput],
"threshold": ThresholdInput
}
CreateFormFieldConsistencyInput
Description
Create a form field consistency countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. Default = false |
sessionlessFieldConsistency - SessionlessFieldConsistency!
|
When turned on, it checks only the web form structure. |
fieldConsistencyExemptions - [FormFieldConsistencyRuleInput!]
|
A list of exemption rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for form field consistency violations. |
Example
{
"action": "NONE",
"learn": true,
"sessionlessFieldConsistency": "ON",
"fieldConsistencyExemptions": [
FormFieldConsistencyRuleInput
],
"threshold": ThresholdInput
}
CreateHTMLSQLInjectionInput
Description
Create an HTML SQL injection countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. Default = false |
checkSQLWildChars - Boolean!
|
Whether to check for form fields that contain SQL wild chars. |
sqlInjectionType - SQLInjectionType!
|
A SQL injection type. |
exemptCommentsWith - CommentExemption!
|
Exempts all comments of the given type. |
sqliGrammar - Boolean!
|
Enable SQL Injection grammar |
relaxationRules - [HTMLSQLInjectionRelaxationRuleInput!]
|
A list of XML SQL injection relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for HTML SQL injection violations. |
Example
{
"action": "NONE",
"learn": false,
"checkSQLWildChars": true,
"sqlInjectionType": "NONE",
"exemptCommentsWith": "CHECK_ALL",
"sqliGrammar": false,
"relaxationRules": [
HTMLSQLInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
CreateHTMLXSSInput
Description
Create an HTML cross-site scripting countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. Default = false |
checkCompleteURLs - Boolean!
|
A flag to enforce checks for complete URLs for cross-site scripts, instead of just the query portions of URLs. Default = false |
relaxationRules - [HTMLXSSRelaxationRuleInput!]
|
A list of HTML cross-site scripting relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for HTML cross-site scripting violations. |
Example
{
"action": "NONE",
"learn": true,
"checkCompleteURLs": true,
"relaxationRules": [HTMLXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
CreateHTTPRFCProfileInput
Description
Create an HTTP RFC Profile countermeasure.
Fields
| Input Field | Description |
|---|---|
action - HTTPRFCProfileAction!
|
Action to be taken when there is a non-compliant request. Default = BLOCK |
threshold - ThresholdInput
|
Appsec Threshold configuration for HTTP RFC violations. |
Example
{"action": "BLOCK", "threshold": ThresholdInput}
CreateJSONCommandInjectionSettingsInput
Description
Create a JSON command injection Settings Input.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
commandInjectionType - CommandInjectionType!
|
A Command injection type. |
relaxationRules - [JSONCommandInjectionRelaxationRuleInput!]
|
A list of command injection rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for json command injection violations. |
Example
{
"action": "NONE",
"commandInjectionType": "COMMAND_KEYWORD",
"relaxationRules": [
JSONCommandInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
CreateJSONCrossSiteScriptingSettingsInput
Description
Create a JSON cross-site scripting settings input to protect applications from XSS Attacks through JSON requests
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
relaxationRules - [JSONXSSRelaxationRuleInput!]
|
A list of JSON XSS rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for JSON XSS violations. |
Example
{
"action": "NONE",
"relaxationRules": [JSONXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
CreateJSONDenialOfServiceSettingsInput
Description
Create a JSON Denial of Service Settings input to protect applications from Denial of Service Attacks through JSON requests
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
enforcementRule - JSONDoSEnforcementRuleInput
|
A paginated list of SQL Injection rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for JSON DOS violations. |
Example
{
"action": "NONE",
"enforcementRule": JSONDoSEnforcementRuleInput,
"threshold": ThresholdInput
}
CreateJSONSQLInjectionSettingsInput
Description
Create a JSON SQL Injection Settings input to protect applications from SQL Injection attacks through JSON requests
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
sqlInjectionType - SQLInjectionType!
|
A SQL injection type. |
sqliGrammar - Boolean!
|
Enable SQL Injection grammar. |
relaxationRules - [JSONSQLInjectionRelaxationRuleInput!]
|
A paginated list of SQL Injection rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for JSON SQL injection violations. |
Example
{
"action": "NONE",
"sqlInjectionType": "NONE",
"sqliGrammar": false,
"relaxationRules": [
JSONSQLInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
CreateJSONSettingsInput
Description
Create a JSON Security Settings input to protect JSON Applications
Fields
| Input Field | Description |
|---|---|
jsonSQLInjectionSettings - CreateJSONSQLInjectionSettingsInput
|
JSON SQL Injection Settings. |
jsonDenialOfServiceSettings - CreateJSONDenialOfServiceSettingsInput
|
JSON Denial Of Service Settings. |
jsonCrossSiteScriptingSettings - CreateJSONCrossSiteScriptingSettingsInput
|
JSON Cross Site Scripting Settings. |
jsonCommandInjectionSettings - CreateJSONCommandInjectionSettingsInput
|
JSON Command Injection Settings. |
Example
{
"jsonSQLInjectionSettings": CreateJSONSQLInjectionSettingsInput,
"jsonDenialOfServiceSettings": CreateJSONDenialOfServiceSettingsInput,
"jsonCrossSiteScriptingSettings": CreateJSONCrossSiteScriptingSettingsInput,
"jsonCommandInjectionSettings": CreateJSONCommandInjectionSettingsInput
}
CreateNetworkControlsInput
Description
Create network controls.
Fields
| Input Field | Description |
|---|---|
blockedCountries - [CountryCode!]
|
A list of blocked countries. |
ipFilterList - [IPFilterInput!]
|
A list of ip filters. |
Example
{
"blockedCountries": ["AD"],
"ipFilterList": [IPFilterInput]
}
CreateOneTimeExecutiveReportConfigurationInput
Description
Input Configuration to create a one time reporting job.
Fields
| Input Field | Description |
|---|---|
dName - String!
|
The unique, primary identifier for the company. |
name - String!
|
Name of Report Configuration. |
description - String
|
Description of Report Configuration. |
includeWAF - Boolean
|
Specifies whether to include WAF violation metrics in generated report. |
includeBot - Boolean
|
Specifies whether to include Bot detection/mitigation metrics in generated report. |
includeDDOS - Boolean
|
Specifies whether to include DDOS mitigation metrics in generated report. |
notification - ExecutiveReportNotificationDetailsInput
|
Contains email addresses of recipients of generated report. |
enabled - Boolean
|
Specifies whether this configuration should generate reports or not. Default = true |
from - Time!
|
Specifies the start of time range from when to pull metrics data for the requested features. |
to - Time!
|
Specifies the end of time range until when to pull metrics data for the requested features. |
Example
{
"dName": "xyz789",
"name": "abc123",
"description": "abc123",
"includeWAF": true,
"includeBot": false,
"includeDDOS": false,
"notification": ExecutiveReportNotificationDetailsInput,
"enabled": true,
"from": "10:15:30Z",
"to": "10:15:30Z"
}
CreateOneTimeExecutiveReportConfigurationOutput
Description
Output of creation of a one time report configuration.
Fields
| Field Name | Description |
|---|---|
configuration - OneTimeExecutiveReportConfiguration!
|
One time reporting configuration |
Example
{"configuration": OneTimeExecutiveReportConfiguration}
CreatePOSTBodyInput
Description
Create a POST BODY limit countermeasure.
Fields
| Input Field | Description |
|---|---|
limit - UnsignedInt32!
|
A post body size limit value. Default = 4294967295 |
threshold - ThresholdInput
|
Appsec Threshold configuration for post body limit violations. |
Example
{
"limit": UnsignedInt32,
"threshold": ThresholdInput
}
CreatePolicyInput
Description
Create a Policy.
Fields
| Input Field | Description |
|---|---|
companyDName - String
|
The identifier of the owning company. |
name - String!
|
The name of the policy. |
wafProfile - CreateWAFProfileInput
|
The WAF profile associated to this policy. |
networkControls - CreateNetworkControlsInput
|
The network controls associated to this policy. |
responderPolicies - [ResponderPolicyInput!]
|
The responder polices associated to this policy. |
appSecThresholds - [AppSecThresholdInput!]
|
The appsec thresholds associated to this policy. |
trustedSources - [TrustedSourceInput!]
|
The trusted IP sources associated to this policy. Traffic at these sources are used by the learning feature to generate recommendations. |
botProfile - CreateBotProfileInput
|
The bot profile associated to this policy. |
Example
{
"companyDName": "xyz789",
"name": "xyz789",
"wafProfile": CreateWAFProfileInput,
"networkControls": CreateNetworkControlsInput,
"responderPolicies": [ResponderPolicyInput],
"appSecThresholds": [AppSecThresholdInput],
"trustedSources": [TrustedSourceInput],
"botProfile": CreateBotProfileInput
}
CreatePolicyOutput
Description
Returned when creating a policy.
Fields
| Field Name | Description |
|---|---|
policy - Policy!
|
The created policy. |
Example
{"policy": Policy}
CreateProxyInput
Description
Create a proxy.
Fields
| Input Field | Description |
|---|---|
companyDName - String
|
Company the proxy configuration belongs to. |
name - String!
|
Friendly name of the proxy configuration. Typically set to the hostname being proxied to the service. |
ipVersion - IPVersion!
|
The IP version of this host. |
vServers - [VServerInput!]
|
The back-end origin servers, ports and protocols that bind it to the front-end port. |
policyIDs - [String!]
|
A list of policies associated with this proxy. |
Example
{
"companyDName": "abc123",
"name": "xyz789",
"ipVersion": "IPV4",
"vServers": [VServerInput],
"policyIDs": ["abc123"]
}
CreateProxyOutput
Description
Output from creating a proxy.
Fields
| Field Name | Description |
|---|---|
proxy - Proxy!
|
The created proxy. |
Example
{"proxy": Proxy}
CreateProxyPlusAllowedIPsInput
Description
Create IP Whitelist.
Fields
| Input Field | Description |
|---|---|
cidrs - [CIDR!]
|
Example
{"cidrs": [CIDR]}
CreateProxyPlusBackendInput
CreateProxyPlusBackendsInput
Description
Input to create a list of backends.
Fields
| Input Field | Description |
|---|---|
resources - [CreateProxyPlusBackendInput!]!
|
The backends of the proxy plus service. |
Example
{"resources": [CreateProxyPlusBackendInput]}
CreateProxyPlusCertificateInput
Description
Input used to create Proxy Plus Certificate.
Fields
| Input Field | Description |
|---|---|
companyDName - String
|
The identifier of the owning company. |
name - String!
|
Name of the certificate. |
keyPEM - String!
|
Private key, in PEM format. |
keyPass - String
|
Password, only required if keyPEM is encrypted. |
certPEM - String!
|
Public certificate, and any intermediate, together in PEM format. |
Example
{
"companyDName": "xyz789",
"name": "abc123",
"keyPEM": "xyz789",
"keyPass": "abc123",
"certPEM": "xyz789"
}
CreateProxyPlusCertificateOutput
Description
Output after creating a Proxy Plus Certificate.
Fields
| Field Name | Description |
|---|---|
certificate - ProxyPlusCertificate!
|
The created proxy plus certificate. |
Example
{"certificate": ProxyPlusCertificate}
CreateProxyPlusDeniedCountriesInput
Description
Create denied countries.
Fields
| Input Field | Description |
|---|---|
countryCodes - [CountryCode!]
|
A list of denied countries. |
Example
{"countryCodes": ["AD"]}
CreateProxyPlusDeniedIPsInput
Description
Create IP Blacklist.
Fields
| Input Field | Description |
|---|---|
cidrs - [CIDR!]
|
Example
{"cidrs": [CIDR]}
CreateProxyPlusPolicyInput
Description
Create a proxy plus policy.
Fields
| Input Field | Description |
|---|---|
companyDName - String
|
The identifier of the owning company. |
name - String!
|
The name of the proxy plus policy. |
deniedCountries - CreateProxyPlusDeniedCountriesInput
|
The denied countries associated to this proxy plus policy. |
allowedIPs - CreateProxyPlusAllowedIPsInput
|
The IP whitelist associated to this proxy plus policy. |
deniedIPs - CreateProxyPlusDeniedIPsInput
|
The IP blacklist associated to this proxy plus policy. |
proxies - CreateProxyPlusPolicyProxyLinkInput
|
The proxy plus proxies associated to this proxy plus policy. |
Example
{
"companyDName": "xyz789",
"name": "abc123",
"deniedCountries": CreateProxyPlusDeniedCountriesInput,
"allowedIPs": CreateProxyPlusAllowedIPsInput,
"deniedIPs": CreateProxyPlusDeniedIPsInput,
"proxies": CreateProxyPlusPolicyProxyLinkInput
}
CreateProxyPlusPolicyOutput
Description
A created proxy plus policy response.
Fields
| Field Name | Description |
|---|---|
policy - ProxyPlusPolicy!
|
The proxy plus policy that was created. |
Example
{"policy": ProxyPlusPolicy}
CreateProxyPlusPolicyProxyLinkInput
Description
Link proxy plus proxies to a policy, when creating said policy.
Fields
| Input Field | Description |
|---|---|
proxyIDs - [String]!
|
The IDs of proxy plus proxies associated with a specific Policy. |
Example
{"proxyIDs": ["abc123"]}
CreateProxyPlusProxyInput
Description
Input used to create Proxy Plus Proxy.
Example
{
"name": "abc123",
"companyDName": "xyz789",
"policyID": "abc123"
}
CreateProxyPlusProxyOutput
Description
Output from creating Proxy Plus Proxy.
Fields
| Field Name | Description |
|---|---|
proxy - ProxyPlusProxy!
|
The proxy plus proxy that was created. |
Example
{"proxy": ProxyPlusProxy}
CreateProxyPlusServiceInput
Description
The input to create a proxy plus service.
Fields
| Input Field | Description |
|---|---|
name - String!
|
The name of the proxy plus service. |
proxyID - String!
|
The ID of the proxy plus proxy that the service belongs to. |
companyDName - String
|
The identifier of the owning company. |
listenerPort - Int!
|
The port that the proxy plus service listens on. |
listenerProtocol - ProxyPlusProtocol!
|
The protocol that the proxy plus service listens to. |
backends - CreateProxyPlusBackendsInput
|
The backend applications of the proxy plus service. |
xffHeader - String
|
The XFF Header of the proxy plus service. |
proxyProtocol - PROXYProtocol
|
PROXY Protocol version used by the proxy plus service. |
monitored - Boolean!
|
The monitoring status of the service. |
hstsEnabled - Boolean
|
HTTP Strict Transport Security (HSTS) enabled for the proxy plus service. |
hstsMaxAge - Int
|
HTTP Strict Transport Security (HSTS) max age for the proxy plus service. |
hstsPreload - Boolean
|
HTTP Strict Transport Security (HSTS) preload for the proxy plus service. |
hstsIncludeSubdomains - Boolean
|
HTTP Strict Transport Security (HSTS) include subdomains for the proxy plus service. |
sniEnabled - Boolean
|
Server Name Indication (SNI) enabled for the proxy plus service. |
sniCommonName - String
|
Server Name Indication (SNI) common name for the proxy plus service. |
sslCertificateID - String
|
The SSL certificate associated to the proxy plus service. |
persistenceType - ProxyPlusPersistenceType!
|
The persistence type of the proxy plus service. |
loadBalanceMethod - ProxyPlusLoadBalanceMethod!
|
The load balance method of the proxy plus service. |
Example
{
"name": "xyz789",
"proxyID": "abc123",
"companyDName": "abc123",
"listenerPort": 987,
"listenerProtocol": "HTTP",
"backends": CreateProxyPlusBackendsInput,
"xffHeader": "xyz789",
"proxyProtocol": "DISABLED",
"monitored": false,
"hstsEnabled": false,
"hstsMaxAge": 123,
"hstsPreload": false,
"hstsIncludeSubdomains": true,
"sniEnabled": false,
"sniCommonName": "xyz789",
"sslCertificateID": "xyz789",
"persistenceType": "SOURCE_IP",
"loadBalanceMethod": "ROUND_ROBIN"
}
CreateProxyPlusServiceOutput
Description
Output from creating a proxy plus service.
Fields
| Field Name | Description |
|---|---|
service - ProxyPlusService!
|
The proxy plus service that was updated. |
Example
{"service": ProxyPlusService}
CreateRecurringExecutiveReportConfigurationInput
Description
Input for a create recurring report configuration operation.
Fields
| Input Field | Description |
|---|---|
dName - String!
|
The unique, primary identifier for the company. |
name - String!
|
Name of Report Configuration. |
description - String
|
Description of Report Configuration. |
includeWAF - Boolean
|
Specifies whether to include WAF violation metrics in generated report. |
includeBot - Boolean
|
Specifies whether to include Bot detection/mitigation metrics in generated report. |
includeDDOS - Boolean
|
Specifies whether to include DDOS mitigation metrics in generated report. |
notification - ExecutiveReportNotificationDetailsInput
|
Contains email addresses of recipients of generated report. |
enabled - Boolean
|
Specifies whether this configuration should generate reports or not. Default = true |
from - Time
|
Specifies the time when the first report should be generated. |
to - Time
|
Specifies the time when the last report in this series should be generated. The configuration expires after this time. |
period - ExecutiveReportPeriodInput!
|
Specifies the time period for which metrics need to be looked up for the requested features. |
Example
{
"dName": "xyz789",
"name": "abc123",
"description": "abc123",
"includeWAF": true,
"includeBot": true,
"includeDDOS": true,
"notification": ExecutiveReportNotificationDetailsInput,
"enabled": true,
"from": "10:15:30Z",
"to": "10:15:30Z",
"period": "PRIOR_WEEKLY"
}
CreateRecurringExecutiveReportConfigurationOutput
Description
Represents output of a create recurring executive report configuration operation.
Fields
| Field Name | Description |
|---|---|
configuration - RecurringExecutiveReportConfiguration!
|
Configuration of recurring report job. |
Example
{"configuration": RecurringExecutiveReportConfiguration}
CreateSAMLInput
Description
Input needed to create a SAML connection in Auth0.
Fields
| Input Field | Description |
|---|---|
dName - String!
|
Company DName. |
domain - [String!]
|
List of Domain Names. |
signInURL - String!
|
Login URL for redirect. |
userIDAttributes - String
|
User Attributes. |
sslCertificate - String!
|
SSL Certificate of the IDP. |
signatureRequest - Boolean
|
Signature requested from IDP. |
signatureAlgorithm - Algorithm
|
Algorithm used in signature. |
signatureDigestAlgorithm - Algorithm
|
DigestAlgorithm used in signature. |
protocolBinding - Protocol
|
Protocol Binding. |
requestTemplate - String
|
Request template in XML format. |
tenant - String!
|
Tenant name. |
Example
{
"dName": "xyz789",
"domain": ["abc123"],
"signInURL": "abc123",
"userIDAttributes": "xyz789",
"sslCertificate": "abc123",
"signatureRequest": true,
"signatureAlgorithm": "SHA256",
"signatureDigestAlgorithm": "SHA256",
"protocolBinding": "HTTP_REDIRECT",
"requestTemplate": "xyz789",
"tenant": "abc123"
}
CreateSemicolonFieldSeparatorInput
Description
Create a Semicolon field separator countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the countermeasure is enabled. Default = false |
Example
{"enabled": true}
CreateUserInput
Description
Create a User.
Example
{
"email": "abc123",
"firstName": "abc123",
"lastName": "xyz789",
"jobTitle": "xyz789",
"phone": "abc123",
"mobile": "abc123",
"roles": ["PRIMARY_ADMIN"],
"company": "abc123"
}
CreateUserNotificationConfigurationInput
Description
Create a User notification configuration.
Example
{
"userID": "xyz789",
"company": "xyz789"
}
CreateUserNotificationConfigurationOutput
Description
Output from Creating a User notification configuration.
Fields
| Field Name | Description |
|---|---|
configuration - UserNotificationConfiguration!
|
Example
{"configuration": UserNotificationConfiguration}
CreateUserOutput
Description
Returned when creating a user.
Fields
| Field Name | Description |
|---|---|
user - User!
|
The created user. |
Example
{"user": User}
CreateWAFProfileInput
Description
Create a WAF profile.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the WAF profile is enabled. Default = true |
postBody - CreatePOSTBodyInput
|
Limits the request payload size. |
httpRFCProfile - CreateHTTPRFCProfileInput
|
Check requests for HTTP RFC non compliance. |
semicolonFieldSeparator - CreateSemicolonFieldSeparatorInput
|
Allow or disallow semicolon field separator between request fields. |
denyURL - CreateDenyURLInput
|
The deny URL countermeasure settings. |
bufferOverflow - CreateBufferOverflowInput
|
The buffer overflow countermeasure settings. |
cookieConsistency - CreateCookieConsistencyInput
|
The cookie consistency countermeasure settings. |
fieldFormat - CreateFieldFormatInput
|
The field format countermeasure settings. |
fieldConsistency - CreateFormFieldConsistencyInput
|
The form field consistency countermeasure settings. |
csrfSettings - CreateCSRFSettingsInput
|
The CSRF countermeasure settings. |
contentType - CreateContentTypeInput
|
The content type countermeasure settings. |
htmlSQLInjection - CreateHTMLSQLInjectionInput
|
The HTML SQL Injection countermeasure settings. |
xmlSQLInjection - CreateXMLSQLInjectionInput
|
The XML SQL Injection countermeasure settings. |
commandInjection - CreateCommandInjectionInput
|
The Command Injection countermeasure settings. |
crossSiteScripting - CreateHTMLXSSInput
|
The HTML cross-site scripting countermeasure settings. |
xmlCrossSiteScripting - CreateXMLXSSInput
|
The XML cross-site scripting countermeasure settings. |
jsonSettings - CreateJSONSettingsInput
|
The JSON related countermeasure settings. |
wsiSettings - CreateWSISettingsInput
|
The web service interoperability countermeasure settings. |
xmlFormat - CreateXMLFormatInput
|
The XML format countermeasure settings. |
xmlSOAPFault - CreateXMLSOAPFaultInput
|
The XML SOAP fault countermeasure settings. |
signatures - CreateWAFSignaturesInput
|
The WAF signatures settings. |
Example
{
"enabled": false,
"postBody": CreatePOSTBodyInput,
"httpRFCProfile": CreateHTTPRFCProfileInput,
"semicolonFieldSeparator": CreateSemicolonFieldSeparatorInput,
"denyURL": CreateDenyURLInput,
"bufferOverflow": CreateBufferOverflowInput,
"cookieConsistency": CreateCookieConsistencyInput,
"fieldFormat": CreateFieldFormatInput,
"fieldConsistency": CreateFormFieldConsistencyInput,
"csrfSettings": CreateCSRFSettingsInput,
"contentType": CreateContentTypeInput,
"htmlSQLInjection": CreateHTMLSQLInjectionInput,
"xmlSQLInjection": CreateXMLSQLInjectionInput,
"commandInjection": CreateCommandInjectionInput,
"crossSiteScripting": CreateHTMLXSSInput,
"xmlCrossSiteScripting": CreateXMLXSSInput,
"jsonSettings": CreateJSONSettingsInput,
"wsiSettings": CreateWSISettingsInput,
"xmlFormat": CreateXMLFormatInput,
"xmlSOAPFault": CreateXMLSOAPFaultInput,
"signatures": CreateWAFSignaturesInput
}
CreateWAFSignaturesInput
Description
Create WAF signatures for a Policy.
Fields
| Input Field | Description |
|---|---|
configuredBaseSignatures - [ConfiguredBaseWAFSignatureInput!]
|
A list of signatures for a policy configured from a list of available base signatures. |
customSignatures - [CustomWAFSignatureInput!]
|
A list of custom signatures created for a policy. |
Example
{
"configuredBaseSignatures": [
ConfiguredBaseWAFSignatureInput
],
"customSignatures": [CustomWAFSignatureInput]
}
CreateWSISettingsInput
Description
Create a web services interoperability countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. Default = false |
standards - [WSIStandardInput!]
|
A list of WSI standards. |
threshold - ThresholdInput
|
Appsec Threshold configuration for WSI violations. |
Example
{
"action": "NONE",
"learn": true,
"standards": [WSIStandardInput],
"threshold": ThresholdInput
}
CreateXMLFormatInput
Description
Create an XML format countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
threshold - ThresholdInput
|
Appsec Threshold configuration for XML format violations. |
Example
{"action": "NONE", "threshold": ThresholdInput}
CreateXMLSOAPFaultInput
Description
Create an XML SOAP fault countermeasure.
Fields
| Input Field | Description |
|---|---|
action - XMLSOAPFaultAction!
|
Action to be taken. |
threshold - ThresholdInput
|
Appsec Threshold configuration for XML format violations. |
Example
{"action": "NONE", "threshold": ThresholdInput}
CreateXMLSQLInjectionInput
Description
Create an HTML SQL injection countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
checkSQLWildChars - Boolean!
|
Whether to check for form fields that contain SQL wild chars. |
sqlInjectionType - SQLInjectionType!
|
An XML SQL injection type. |
exemptCommentsWith - CommentExemption!
|
Exempts all comments of the given type. |
relaxationRules - [XMLSQLInjectionRelaxationRuleInput!]
|
A list of XML SQL injection relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for XML SQL injection violations. |
Example
{
"action": "NONE",
"checkSQLWildChars": false,
"sqlInjectionType": "NONE",
"exemptCommentsWith": "CHECK_ALL",
"relaxationRules": [XMLSQLInjectionRelaxationRuleInput],
"threshold": ThresholdInput
}
CreateXMLXSSInput
Description
Create an XML cross-site scripting countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
relaxationRules - [XMLXSSRelaxationRuleInput!]
|
A list of XML cross-site scripting relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for XML cross-site scripting violations. |
Example
{
"action": "NONE",
"relaxationRules": [XMLXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
CustomWAFSignature
Description
A WAF custom signature.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
category - String!
|
Category of the signature. |
description - String!
|
Description of the signature. |
requestRules - [SignatureRequestRule!]
|
List of request rules. |
responseRules - [SignatureResponseRule!]
|
List of response rules. |
Example
{
"action": "NONE",
"category": "abc123",
"description": "xyz789",
"requestRules": [SignatureRequestRule],
"responseRules": [SignatureResponseRule]
}
CustomWAFSignatureFilterInput
CustomWAFSignatureInput
Description
Specify a WAF custom signature.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
category - String!
|
Category of the signature. |
description - String!
|
Description of the signature. |
requestRules - [SignatureRequestRuleInput!]
|
List of request rules. |
responseRules - [SignatureResponseRuleInput!]
|
List of response rules. |
Example
{
"action": "NONE",
"category": "xyz789",
"description": "xyz789",
"requestRules": [SignatureRequestRuleInput],
"responseRules": [SignatureResponseRuleInput]
}
CustomWAFSignaturesWithPagination
Description
A list of WAF custom signatures with pagination.
Fields
| Field Name | Description |
|---|---|
results - [CustomWAFSignature!]
|
A list of custom signatures. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [CustomWAFSignature],
"pageInfo": Pagination
}
CustomerFilterInput
Description
Filters queries for customers.
Fields
| Input Field | Description |
|---|---|
dNamePrefix - String
|
Prefix to search for companies with the same substring prefix in their dNames. |
corporateNameSubstring - String
|
Search for companies with the same substring in their corporateName. |
maxDepth - Int!
|
Specifies how many levels of resellers or companies of resellers should be retrieved. A value of zero will retrieve all levels. Default = |
includeDeleted - Boolean!
|
Specifies whether deleted companies should be included in the query results. Default = false |
includeDisabled - Boolean!
|
Specifies whether companies disabled in the portal should be included in the query results. Default = false |
activationState - FeatureActivationState
|
Filter to specify whether the requested feature on which search is carried out is purchased and/or enabled in the portal. |
bgpAlwaysOn - FeatureActivationState
|
Filter to include companies that have the BGP Always On offering purchased and/or enabled in the portal. |
bgpOnDemand - FeatureActivationState
|
Filter to include companies that have the BGP On Demand offering purchased and/or enabled in the portal. |
detectionAndAlertingActivation - FeatureActivationState
|
Filter to include companies that have the Detection and Alerting offering purchased and/or enabled in the portal. |
wafActivation - FeatureActivationState
|
Filter to include companies that have the Web Application Firewall offering purchased and/or enabled in the portal. |
proxyActivation - FeatureActivationState
|
Filter to include companies that have the L7 Proxy offering purchased and/or enabled in the portal. |
proxyPlusActivation - FeatureActivationState
|
Filter to include companies that have the Proxy Plus offering purchased and/or enabled in the portal. |
Example
{
"dNamePrefix": "xyz789",
"corporateNameSubstring": "abc123",
"maxDepth": 123,
"includeDeleted": false,
"includeDisabled": true,
"activationState": FeatureActivationState,
"bgpAlwaysOn": FeatureActivationState,
"bgpOnDemand": FeatureActivationState,
"detectionAndAlertingActivation": FeatureActivationState,
"wafActivation": FeatureActivationState,
"proxyActivation": FeatureActivationState,
"proxyPlusActivation": FeatureActivationState
}
DDOSAlert
Description
An alert sent in response to an DDoS attack, system error, configuration issue, etc.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of the alert. |
providerAlertID - String!
|
The Arbor Created ID. |
details - DDOSAlertDetails
|
The details of the alert. |
detailsTraffic - AlertDetailsTraffic
|
The traffic details of the alert. |
company - Company!
|
The company object. |
start - Time!
|
The start time of the alert |
end - Time
|
The end time of the alert. A non-zero value of end time means that the alert has ended or finished. |
severity - Severity!
|
An indication of how critical the Alert is. |
type - AlertType!
|
A boolean value that indicates whether or not the alert is an Infrastructure alert |
eventID - String
|
The event associated with the alert. |
Example
{
"id": "xyz789",
"providerAlertID": "abc123",
"details": DDOSDNAAlertDetails,
"detailsTraffic": AlertDetailsTraffic,
"company": Company,
"start": "10:15:30Z",
"end": "10:15:30Z",
"severity": "HIGH",
"type": "DNA",
"eventID": "xyz789"
}
DDOSAlertDetails
DDOSAlertsAggregated
Fields
| Field Name | Description |
|---|---|
severity - Severity!
|
|
details - DDOSAlertsAggregatedDetails
|
|
detailsTraffic - AlertDetailsTraffic
|
Example
{
"severity": "HIGH",
"details": DDOSAlertsAggregatedDetails,
"detailsTraffic": AlertDetailsTraffic
}
DDOSAlertsAggregatedDetails
Fields
| Field Name | Description |
|---|---|
severityPercent - Float!
|
|
misuseTypes - [String!]!
|
Example
{
"severityPercent": 987.65,
"misuseTypes": ["xyz789"]
}
DDOSBGPDownAlertDetails
Example
{
"startEventID": 123,
"endEventID": 123,
"sessionName": "abc123",
"node": "xyz789",
"sourceIP": "xyz789",
"destinationIP": "abc123",
"location": "xyz789"
}
DDOSCloudSignalFaultAlertDetails
Fields
| Field Name | Description |
|---|---|
description - String
|
Example
{"description": "xyz789"}
DDOSCloudSignalMitigationRequestAlertDetails
Fields
| Field Name | Description |
|---|---|
prefixes - [String!]
|
|
annotations - [Annotation!]
|
|
appliances - [String!]!
|
Example
{
"prefixes": ["abc123"],
"annotations": [Annotation],
"appliances": ["abc123"]
}
DDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Possible Types
| DDOSCountermeasure Types |
|---|
Example
{
"name": "xyz789",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
DDOSDNAAlertDetails
Fields
| Field Name | Description |
|---|---|
mitigationIDs - [String!]!
|
|
annotations - [Annotation!]
|
|
alertClassification - AlertClassification!
|
|
countries - [CountryCode]!
|
|
deviceGID - String!
|
|
elements - [Element!]!
|
|
hostAddress - String!
|
|
impactBoundary - String!
|
|
impactBPS - Float!
|
|
impactPPS - Float!
|
|
ipVersion - IPVersion!
|
|
routerStatistics - [RouterStatistics!]!
|
|
severityPercent - Float!
|
|
severityThreshold - Float!
|
|
severityUnit - TrafficRateUnit!
|
|
subType - DNAAlertSubType!
|
|
managedObjectName - String!
|
|
siteCountry - String!
|
|
siteName - String!
|
|
siteCode - String!
|
|
misuseTypes - [String!]!
|
|
misuseTypesRates - [MisuseType!]!
|
Example
{
"mitigationIDs": ["xyz789"],
"annotations": [Annotation],
"alertClassification": "POSSIBLE_ATTACK",
"countries": ["AD"],
"deviceGID": "abc123",
"elements": [Element],
"hostAddress": "abc123",
"impactBoundary": "xyz789",
"impactBPS": 987.65,
"impactPPS": 123.45,
"ipVersion": "IPV4",
"routerStatistics": [RouterStatistics],
"severityPercent": 123.45,
"severityThreshold": 123.45,
"severityUnit": "BPS",
"subType": "AUTO_CLASSIFY_RESTART",
"managedObjectName": "abc123",
"siteCountry": "xyz789",
"siteName": "xyz789",
"siteCode": "xyz789",
"misuseTypes": ["abc123"],
"misuseTypesRates": [MisuseType]
}
DDOSFilter
DDOSFilterList
Description
DDOS Filter Lists as defined by the user or inline within a template.
Fields
| Field Name | Description |
|---|---|
id - String!
|
Identifier of the filter list, either the filter ID or the template ID. |
filterType - FilterType!
|
Indicates whether this filter list is user defined or an inline filter. |
company - Company!
|
The company object. |
name - String!
|
Name of the filter list. |
description - String
|
The description of the filter list. |
listType - FilterListType!
|
Type of data contained in this Filter List. |
listTypeLabel - String!
|
Display label for the type of data contained in this Filter List. |
usedInTemplate - Boolean!
|
Indicates if this Filter List is used in a Template. |
usedInAutoMitigation - Boolean!
|
Indicates if this Filter List is used in an Auto Mitigation. |
entries - [String!]!
|
Array of filter list entries based on the value of the listType attribute:" BLACK_WHITE_IPV4: IPv4 FCAP expressions BLACK_WHITE_IPV6: IPv6 FCAP expressions ADDRESS_IPV4: IPv4 CIDRs or addresses ADDRESS_IPV6: IPv6 CIDRs or addresses IP_LOCATION: Two-letter ISO 3166 country codes |
Possible Types
| DDOSFilterList Types |
|---|
Example
{
"id": "xyz789",
"filterType": "INLINE",
"company": Company,
"name": "abc123",
"description": "abc123",
"listType": "black_white",
"listTypeLabel": "abc123",
"usedInTemplate": false,
"usedInAutoMitigation": false,
"entries": ["xyz789"]
}
DDOSFlowDownAlertDetails
Fields
| Field Name | Description |
|---|---|
description - String
|
Example
{"description": "xyz789"}
DDOSMitigation
Description
Represents a DDOS Mitigation.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of this mitigaiton. |
alertsAggregated - DDOSAlertsAggregated
|
|
name - String!
|
|
ipVersion - IPVersion!
|
|
providerMitigationID - String!
|
|
activePrefixes - [CIDR!]
|
|
activeDestinationIPs - [CIDR!]
|
Use activePrefixes.
|
historicalPrefixes - [CIDR!]
|
|
historicalDestinationIPs - [CIDR!]
|
Use historicalPrefixes.
|
countermeasures - [DDOSCountermeasure!]!
|
|
traffic - [TrafficData!]
|
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
sites - [SiteTrafficData!]
|
|
alerts - [DDOSAlert]
|
|
managedObject - ManagedObject
|
|
annotations - [Annotation]
|
|
mitigationTemplate - MitigationTemplate
|
|
company - Company!
|
The company object. |
start - Time!
|
The start time of the mitigaiton |
end - Time
|
The end time of the mitigation. A non-zero value of end time means that the mitigation has ended or finished. |
event - Event
|
The event associated with this mitigation. |
Example
{
"id": "xyz789",
"alertsAggregated": DDOSAlertsAggregated,
"name": "abc123",
"ipVersion": "IPV4",
"providerMitigationID": "abc123",
"activePrefixes": [CIDR],
"activeDestinationIPs": [CIDR],
"historicalPrefixes": [CIDR],
"historicalDestinationIPs": [CIDR],
"countermeasures": [DDOSCountermeasure],
"traffic": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"sites": [SiteTrafficData],
"alerts": [DDOSAlert],
"managedObject": ManagedObject,
"annotations": [Annotation],
"mitigationTemplate": MitigationTemplate,
"company": Company,
"start": "10:15:30Z",
"end": "10:15:30Z",
"event": Event
}
DDOSOnNetworkAlertDetails
Fields
| Field Name | Description |
|---|---|
mitigationIDs - [String!]!
|
|
annotations - [Annotation!]
|
|
alertClassification - AlertClassification!
|
|
countries - [CountryCode]!
|
|
deviceGID - String!
|
|
elements - [Element!]!
|
|
hostAddress - String!
|
|
impactBoundary - String!
|
|
impactBPS - Float!
|
|
impactPPS - Float!
|
|
ipVersion - IPVersion!
|
|
routerStatistics - [RouterStatistics!]!
|
|
severityPercent - Float!
|
|
severityThreshold - Float!
|
|
severityUnit - TrafficRateUnit!
|
|
subType - OnNetworkAlertSubType!
|
|
managedObjectName - String!
|
|
siteCountry - String!
|
|
siteName - String!
|
|
siteCode - String!
|
|
misuseTypes - [String!]!
|
|
misuseTypesRates - [MisuseType!]!
|
Example
{
"mitigationIDs": ["xyz789"],
"annotations": [Annotation],
"alertClassification": "POSSIBLE_ATTACK",
"countries": ["AD"],
"deviceGID": "abc123",
"elements": [Element],
"hostAddress": "xyz789",
"impactBoundary": "xyz789",
"impactBPS": 123.45,
"impactPPS": 123.45,
"ipVersion": "IPV4",
"routerStatistics": [RouterStatistics],
"severityPercent": 987.65,
"severityThreshold": 123.45,
"severityUnit": "BPS",
"subType": "DOS",
"managedObjectName": "abc123",
"siteCountry": "abc123",
"siteName": "abc123",
"siteCode": "abc123",
"misuseTypes": ["xyz789"],
"misuseTypesRates": [MisuseType]
}
DDOSSNMPDownAlertDetails
Fields
| Field Name | Description |
|---|---|
description - String
|
Example
{"description": "abc123"}
DDOSTunnelAlertDetails
Fields
| Field Name | Description |
|---|---|
nodeName - String
|
|
status - String
|
|
ifAlias - String
|
|
meta - GREInterface
|
Example
{
"nodeName": "abc123",
"status": "xyz789",
"ifAlias": "xyz789",
"meta": GREInterface
}
DNAAlertSubType
Description
Detected DNA attack.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"AUTO_CLASSIFY_RESTART"
DNSAuthDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
mode - String!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"mode": "abc123"
}
DNSMalformedDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
DNSNxRateLimitingDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
traffic - [TrafficData!]
|
Example
{
"name": "xyz789",
"id": "abc123",
"company": Company,
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"traffic": [TrafficData]
}
DNSObjectRateLimitingDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
limit - Int!
|
Example
{
"name": "abc123",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"limit": 987
}
DNSRateLimitingDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
limit - Int!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"limit": 123
}
DNSRegexDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
matchDirection - String!
|
Example
{
"name": "xyz789",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"matchDirection": "abc123"
}
DNSScopingDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
applyOnMatch - Boolean!
|
Example
{
"name": "abc123",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"applyOnMatch": true
}
DeleteCandidateACLInput
DeleteCandidateACLOutput
Description
Returned when deleting a Candidate ACL.
Fields
| Field Name | Description |
|---|---|
companyDName - String!
|
The identifier of the Candidate ACL that will be deleted. |
Example
{"companyDName": "abc123"}
DeleteCertificateInput
Description
Input for deleting a certificate.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the certificate to delete. |
Example
{"id": "abc123"}
DeleteCertificateOutput
Description
Output from deleting a certificate.
Fields
| Field Name | Description |
|---|---|
deletedCertificateID - String!
|
ID of the deleted certificate. |
Example
{"deletedCertificateID": "xyz789"}
DeleteCompanyUsersInput
Description
Delete users for a company.
Fields
| Input Field | Description |
|---|---|
dName - String!
|
The DName of the company. |
Example
{"dName": "abc123"}
DeleteCompanyUsersOutput
Description
A deleted company users response.
Fields
| Field Name | Description |
|---|---|
deletedUsers - [User!]
|
The deleted users. |
Example
{"deletedUsers": [User]}
DeleteDraftACLInput
Description
Delete a Draft ACL.
Fields
| Input Field | Description |
|---|---|
companyDName - String!
|
The identifier of the owning company. |
Example
{"companyDName": "xyz789"}
DeleteDraftACLOutput
Description
Returned when deleting a Draft ACL.
Fields
| Field Name | Description |
|---|---|
companyDName - String!
|
The identifier of the Draft ACL that will be deleted. |
Example
{"companyDName": "abc123"}
DeleteExecutiveReportInput
Description
Input required to delete a generated executive report.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the generated executive report to be deleted. |
Example
{"id": "xyz789"}
DeleteExecutiveReportOutput
Description
Represents a deleted executive report.
Fields
| Field Name | Description |
|---|---|
deletedExecutiveReportID - String!
|
ID of the generated executive report that was deleted. |
Example
{"deletedExecutiveReportID": "xyz789"}
DeleteOneTimeExecutiveReportConfigurationInput
Description
Input required to delete a one time executive report configuration.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the executive report configuration to be deleted. |
Example
{"id": "abc123"}
DeleteOneTimeExecutiveReportConfigurationOutput
Description
One time executive report configuration that was deleted.
Fields
| Field Name | Description |
|---|---|
deletedOneTimeExecutiveReportConfigurationID - String!
|
ID of the deleted one time executive report configuration. |
Example
{
"deletedOneTimeExecutiveReportConfigurationID": "abc123"
}
DeletePolicyInput
Description
Delete a policy.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the policy to be deleted. |
Example
{"id": "xyz789"}
DeletePolicyOutput
Description
A deleted policy response.
Fields
| Field Name | Description |
|---|---|
deletedPolicyID - String!
|
ID of the policy deleted. |
Example
{"deletedPolicyID": "abc123"}
DeleteProxyInput
DeleteProxyOutput
Description
Output from deleting a proxy.
Example
{
"deletedProxyID": "xyz789",
"permanentlyDeleted": true
}
DeleteProxyPlusCertificateInput
DeleteProxyPlusCertificateOutput
Description
Output after deleting a Proxy Plus Certificate.
Fields
| Field Name | Description |
|---|---|
deletedProxyPlusCertificateID - String!
|
The deleted proxy plus certificate. |
Example
{"deletedProxyPlusCertificateID": "xyz789"}
DeleteProxyPlusPolicyInput
DeleteProxyPlusPolicyOutput
Description
A deleted proxy plus policy response.
Fields
| Field Name | Description |
|---|---|
deletedProxyPlusPolicyID - String!
|
ID of the policy deleted. |
Example
{"deletedProxyPlusPolicyID": "xyz789"}
DeleteProxyPlusProxyInput
DeleteProxyPlusProxyOutput
Description
Output from deleting Proxy Plus Proxy.
Fields
| Field Name | Description |
|---|---|
deletedProxyPlusProxyID - String!
|
ID of the proxy plus proxy that was deleted. |
Example
{"deletedProxyPlusProxyID": "xyz789"}
DeleteProxyPlusServiceInput
DeleteProxyPlusServiceOutput
Description
Output from deleting Proxy Plus Service.
Fields
| Field Name | Description |
|---|---|
deletedProxyPlusServiceID - String!
|
ID of the proxy plus service that was deleted. |
Example
{"deletedProxyPlusServiceID": "abc123"}
DeleteRecurringExecutiveReportConfigurationInput
Description
Input required to delete a recurring executive report configuration.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the one time executive report configuration to be deleted. |
Example
{"id": "abc123"}
DeleteRecurringExecutiveReportConfigurationOutput
Description
Represents a deleted recurring executive report configuration.
Fields
| Field Name | Description |
|---|---|
deletedRecurringExecutiveReportConfigurationID - String!
|
ID of the deleted recurring executive report configuration. |
Example
{
"deletedRecurringExecutiveReportConfigurationID": "xyz789"
}
DeleteRunningACLInput
DeleteRunningACLOutput
Description
Returned when deleting a Running ACL.
Fields
| Field Name | Description |
|---|---|
companyDName - String!
|
The identifier of the Running ACL that will be deleted. |
Example
{"companyDName": "abc123"}
DeleteUserInput
Description
Delete a user.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the user to be deleted. |
Example
{"id": "xyz789"}
DeleteUserOutput
Description
A deleted user response.
Fields
| Field Name | Description |
|---|---|
deletedUserID - String!
|
ID of the user deleted. |
Example
{"deletedUserID": "abc123"}
DenyURL
Description
A deny URL countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
regexRules - DenyURLRulesWithPagination
|
A paginated list of deny URL regex rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for deny URL violations. |
Example
{
"action": "NONE",
"regexRules": DenyURLRulesWithPagination,
"threshold": AppSecThreshold
}
DenyURLRule
Description
A Deny URL Regex Rule.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the rule is enabled. |
type - DenyURLType!
|
Type of the Deny URL. |
denyURL - String
|
The Deny URL text value. Value will be empty in case of ALL Deny URL Type. |
Example
{
"enabled": false,
"type": "CUSTOM",
"denyURL": "xyz789"
}
DenyURLRuleInput
Description
Create a Deny URL Regex Rule.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the rule is enabled. Default = true |
type - DenyURLType!
|
Type of the Deny URL. |
denyURL - String
|
The Deny URL text value. Value will be null in case of ALL Deny URL Type. |
Example
{
"enabled": true,
"type": "CUSTOM",
"denyURL": "abc123"
}
DenyURLRulesWithPagination
Description
A paginated list for deny URL rules.
Fields
| Field Name | Description |
|---|---|
results - [DenyURLRule!]
|
A list of deny URL rules. |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [DenyURLRule],
"pageInfo": Pagination
}
DenyURLType
Description
Allowed list of values for the Deny URL Regex Rule Type.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"CUSTOM"
DetectionAndAlertingPackage
Description
Specifies Detection and Alerting configuration for company.
Fields
| Field Name | Description |
|---|---|
companyDName - String!
|
The identifier of the owning company. |
routers - [Router!]
|
List of routers configured for detection and alerting. |
managedObjects - [ManagedObject!]
|
List of managed objects configured for detection and alerting. |
enabled - Boolean!
|
Whether D&A is enabled for the Company. |
escalationNotes - String
|
Useful notes about this configuration. |
Example
{
"companyDName": "abc123",
"routers": [Router],
"managedObjects": [ManagedObject],
"enabled": true,
"escalationNotes": "abc123"
}
DeviceGroup
DraftACL
Description
Email elements
Fields
| Field Name | Description |
|---|---|
welcomeOutroText - String!
|
Welcome Outro text for company that marks the end of page content. |
welcomeIntroText - String!
|
Welcome Intro text for company that marks the beginnig of page content. |
resetOutroText - String!
|
Reset Outro text for company. |
resetIntroText - String!
|
Reset Intro text for company. |
fromAddr - String!
|
From Address to display for company. |
resetSignatureText - String!
|
Reset Signature to display for company. |
welcomeSignatureText - String!
|
Welcome signature text to display for company. |
Example
{
"welcomeOutroText": "abc123",
"welcomeIntroText": "abc123",
"resetOutroText": "abc123",
"resetIntroText": "xyz789",
"fromAddr": "xyz789",
"resetSignatureText": "abc123",
"welcomeSignatureText": "abc123"
}
Element
Fields
| Field Name | Description |
|---|---|
type - String!
|
|
attributes - [Attribute!]!
|
Example
{
"type": "xyz789",
"attributes": [Attribute]
}
EmailConfiguration
Description
Represents the Email channel-specific configuration.
Fields
| Field Name | Description |
|---|---|
emailAddresses - [String!]
|
The email addresses that we send email notifications to. |
Example
{"emailAddresses": ["xyz789"]}
EmailConfigurationInput
Description
Represents the Email channel-specific configuration input.
Fields
| Input Field | Description |
|---|---|
emailAddresses - [String!]
|
The email addresses that we send email notifications to. |
Example
{"emailAddresses": ["abc123"]}
Event
Description
Represents the event object.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of the event. |
company - Company!
|
The company object. |
start - Time!
|
The start time of the event |
end - Time
|
The end time of the event. A non-zero value of end time means that the event has ended or finished. |
activePrefixes - [CIDR!]!
|
The list of active prefixes. |
historicalPrefixes - [CIDR!]!
|
The list of historical prefixes. |
destinationIPs - [CIDR!]
|
Use activePrefixes and historicalPrefixes.
|
providers - [MitigationType!]
|
The provider(s) of the event. |
mitigations - MitigationsWithPagination!
|
The list of mitigations associated with an event. |
Arguments
|
|
mitigation - Mitigation
|
Details of a specific mitigation. Use mitigations providing ID in filter.
|
Arguments
|
|
managedObjects - [ManagedObject!]
|
The list of managed objects impacted (DDoS event only). |
Example
{
"id": "xyz789",
"company": Company,
"start": "10:15:30Z",
"end": "10:15:30Z",
"activePrefixes": [CIDR],
"historicalPrefixes": [CIDR],
"destinationIPs": [CIDR],
"providers": ["DDOS"],
"mitigations": MitigationsWithPagination,
"mitigation": Mitigation,
"managedObjects": [ManagedObject]
}
EventDimension
Description
One of the sorted order fields.
Values
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the START time. |
|
|
The ascending order based on the END time. |
Example
"START"
EventFilterInput
Description
The filters that can be applied to scope the list of events.
Fields
| Input Field | Description |
|---|---|
id - String
|
The identifier of an event. |
active - Boolean
|
The filter to fetch active or finished events. By default all events are retrieved. When active is set to true, only active events are fetched. When active is set to false, only finished events are fetched. |
prefixes - [CIDR!]
|
The prefix(es) that you would like to filter events. |
alertid - String
|
The identifier for an alert associated with an event. |
providers - [MitigationType!]
|
A provider(s) that you would like to filter events on. |
Example
{
"id": "xyz789",
"active": true,
"prefixes": [CIDR],
"alertid": "xyz789",
"providers": ["DDOS"]
}
EventSortBy
Description
EventsSortBy sorting.
Fields
| Input Field | Description |
|---|---|
dimension - EventDimension!
|
The dimension to sort by. . Default = START |
direction - SortDirection!
|
The direction to sort in. . Default = DESCENDING |
Example
{"dimension": "START", "direction": "ASCENDING"}
EventsWithPagination
Description
Represents the list of events along with pagination details.
Fields
| Field Name | Description |
|---|---|
results - [Event!]
|
The list of events. |
pageInfo - Pagination!
|
The pagination details. |
Example
{
"results": [Event],
"pageInfo": Pagination
}
ExecutiveReport
Description
Defines a Report.
Fields
| Field Name | Description |
|---|---|
reportBody - String!
|
Generated report. |
id - String!
|
ID of the generated report. |
generatedTimestamp - Time
|
Timestamp when report was generated successfully or was marked as failed. |
configuration - ExecutiveReportConfiguration!
|
Details of Report configuration that generated this report. |
status - ExecutiveReportStatus!
|
Status of report generation. |
statusDetails - [String!]
|
Additional information if any on report generation status, like notification errors etc. |
Example
{
"reportBody": "abc123",
"id": "abc123",
"generatedTimestamp": "10:15:30Z",
"configuration": OneTimeExecutiveReportConfiguration,
"status": "SUCCESS",
"statusDetails": ["xyz789"]
}
ExecutiveReportConfiguration
Description
Union type combining one time and recurring report configurations.
Types
| Union Types |
|---|
Example
OneTimeExecutiveReportConfiguration
ExecutiveReportConfigurationFilterInput
Description
Report configuration filter input for report configuration queries.
Fields
| Input Field | Description |
|---|---|
id - String
|
Report config ID to search on. |
reportType - ExecutiveReportType
|
Type of report generated by requested configuration. |
includeDisabled - Boolean
|
If true, will include disabled report configurations in the result set. Default = false |
includeExpired - Boolean
|
If true, will include expired report configurations in the result set. Default = false |
name - String
|
Substring search of name |
excludeWAF - Boolean
|
If true, will exclude configurations generating a WAF violation summary in their reports. Default = false |
excludeBot - Boolean
|
If true, will exclude configurations generating a Bot mitigation summary in their reports. Default = false |
excludeDDoS - Boolean
|
If true, will exclude configurations generating a DDoS mitigation summary in their reports. Default = false |
from - Time
|
Will include report configurations created from and after this timestamp. |
to - Time
|
Will include report configuration created until this timestamp. |
Example
{
"id": "xyz789",
"reportType": "ONE_TIME",
"includeDisabled": true,
"includeExpired": true,
"name": "xyz789",
"excludeWAF": true,
"excludeBot": false,
"excludeDDoS": false,
"from": "10:15:30Z",
"to": "10:15:30Z"
}
ExecutiveReportFilterInput
Description
Input filter for Report queries.
Fields
| Input Field | Description |
|---|---|
id - String
|
Report ID to search on. |
startDate - Time
|
Query for reports by date range start timestamp. |
endDate - Time
|
Query for reports by date range end timestamp. |
reportType - ExecutiveReportType
|
Query by report type (one-time/recurring). |
reportConfigurationName - String
|
Query by the report configuration name. |
Example
{
"id": "abc123",
"startDate": "10:15:30Z",
"endDate": "10:15:30Z",
"reportType": "ONE_TIME",
"reportConfigurationName": "xyz789"
}
ExecutiveReportNotificationDetails
Description
Notification configuration for report recipients.
Fields
| Field Name | Description |
|---|---|
emailList - [String!]
|
List of email recipients |
Example
{"emailList": ["abc123"]}
ExecutiveReportNotificationDetailsInput
Description
Input notification configuration for report receipients.
Fields
| Input Field | Description |
|---|---|
emailList - [String!]
|
List of email recipients |
Example
{"emailList": ["xyz789"]}
ExecutiveReportPeriod
Description
Periodicity of report generation.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"PRIOR_WEEKLY"
ExecutiveReportPeriodInput
Description
Periodicity of report generation supplied as input.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"PRIOR_WEEKLY"
ExecutiveReportStatus
Description
Status of report generation.
Values
| Enum Value | Description |
|---|---|
|
|
Indicates successful report generation and notification. |
|
|
Indicates failed report generation. |
|
|
Indicates successful report generation but failed notification. |
|
|
Indicates report generation is in progress. |
Example
"SUCCESS"
ExecutiveReportType
Description
Type of report.
Values
| Enum Value | Description |
|---|---|
|
|
One time report. |
|
|
Recurring report. |
Example
"ONE_TIME"
ExecutiveReportsWithPagination
Description
Paginated reports.
Fields
| Field Name | Description |
|---|---|
results - [ExecutiveReport!]
|
List of report configurations. |
pageInfo - Pagination!
|
Pagination settings. |
Example
{
"results": [ExecutiveReport],
"pageInfo": Pagination
}
Feature
Description
Feature type along with its negotiation status.
Fields
| Field Name | Description |
|---|---|
name - FeatureType!
|
Specifies a feature/offering (DDOS/BGP On Demand/etc) to filter search results on. |
activationStatus - ActivationStatus!
|
Specifies a combination of whether the offering is purchased and/or enabled in the portal. |
Example
{
"name": "DDOS_AND_APPLICATION_SECURITY",
"activationStatus": "EDIT_UNDER_REVIEW"
}
FeatureActivationState
Description
Filter for a feature's enabled and contract statuses.
Example
{"enabled": false, "entitled": true}
FeatureType
Description
A feature purchased by a customer.
Values
| Enum Value | Description |
|---|---|
|
|
Represents Web Application Firewall feature for customer. |
|
|
Represents Hybrid Appliance for DDoS mitigation for customer. |
|
|
Assures unlimited mitigations for customer. |
|
|
Represents Additional Router for BGP routes for customer. |
|
|
Additional Router for BGP routes for customer. |
|
|
Assures one free mitigation contract for customer. |
|
|
Assures three free mitigation contracts for customer. |
|
|
Represents that BGP mitigation is always on for customer. |
|
|
Represents that BGP mitigation is available upon demand for customer. |
|
|
Represents Web proxy (Virtual IPs) feature for customer. |
Example
"DDOS_AND_APPLICATION_SECURITY"
FieldConsistencyRuleCountsWithPagination
Description
Field consistency learning rule counts.
Fields
| Field Name | Description |
|---|---|
results - [FormFieldConsistencyRuleCount!]
|
|
pageInfo - Pagination!
|
Example
{
"results": [FormFieldConsistencyRuleCount],
"pageInfo": Pagination
}
FieldConsistencyRulesWithPagination
Description
A paginated list of Form Field consistency exemption rules.
Fields
| Field Name | Description |
|---|---|
results - [FormFieldConsistencyRule!]
|
A list of exemption rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [FormFieldConsistencyRule],
"pageInfo": Pagination
}
FieldFormat
Description
A field format countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. |
type - FieldFormatType!
|
Allowed types for this field. |
minLength - UnsignedInt16
|
Minimum length of the field (in characters). |
maxLength - UnsignedInt16
|
Maximum length of the field (in characters). |
enforcementRules - FieldFormatEnforcementRulesWithPagination
|
A paginated list of enforcement rules. These are tightening rules, in order to relax some rules you need to remove them from this list. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for field format violations. |
Example
{
"action": "NONE",
"learn": true,
"type": "ANY",
"minLength": UnsignedInt16,
"maxLength": UnsignedInt16,
"enforcementRules": FieldFormatEnforcementRulesWithPagination,
"threshold": AppSecThreshold
}
FieldFormatEnforcementRule
Description
A field format enforcement rule.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the field format is enabled. |
isFormFieldRegex - Boolean!
|
Whether a form field name is in regex format. |
formFieldName - String!
|
The form field name. |
actionURL - String!
|
The action URL of the web form. |
fieldType - FieldFormatType!
|
The field type from the allowed list. |
minLength - UnsignedInt16
|
Minimum length of the field (in characters). This field is set ONLY when field type is present. |
maxLength - UnsignedInt16
|
Maximum length of the field (in characters). This field is set ONLY when field type is present. |
Example
{
"enabled": false,
"isFormFieldRegex": false,
"formFieldName": "abc123",
"actionURL": "xyz789",
"fieldType": "ANY",
"minLength": UnsignedInt16,
"maxLength": UnsignedInt16
}
FieldFormatEnforcementRuleInput
Description
Create a field format enforcement rule.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the field format is enabled. Default = true |
isFormFieldRegex - Boolean!
|
Whether the form field name is in regex format. Default = false |
formFieldName - String!
|
The form field name. |
actionURL - String!
|
The action URL of the web form. |
fieldType - FieldFormatType!
|
The field type from the allowed list. |
minLength - UnsignedInt16!
|
Minimum length of the field (in characters). Default = 0 |
maxLength - UnsignedInt16!
|
Maximum length of the field (in characters). Default = 65535 |
Example
{
"enabled": false,
"isFormFieldRegex": false,
"formFieldName": "abc123",
"actionURL": "xyz789",
"fieldType": "ANY",
"minLength": UnsignedInt16,
"maxLength": UnsignedInt16
}
FieldFormatEnforcementRulesWithPagination
Description
A paginated list of field format enforcement rules.
Fields
| Field Name | Description |
|---|---|
results - [FieldFormatEnforcementRule!]
|
List of field format rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [FieldFormatEnforcementRule],
"pageInfo": Pagination
}
FieldFormatRuleCount
Description
Field format rule count.
Fields
| Field Name | Description |
|---|---|
rule - LearnedFieldFormatRule!
|
|
count - UnsignedInt32!
|
Example
{
"rule": LearnedFieldFormatRule,
"count": UnsignedInt32
}
FieldFormatRuleCountsWithPagination
Description
Field format learning rule counts.
Fields
| Field Name | Description |
|---|---|
results - [FieldFormatRuleCount!]
|
|
pageInfo - Pagination!
|
Example
{
"results": [FieldFormatRuleCount],
"pageInfo": Pagination
}
FieldFormatType
Description
Allowed list of field format types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"ANY"
FilterListDimension
Description
One of the sorted order fields.
Values
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the NAME. |
|
|
The ascending order based on the DESCRIPTION. |
|
|
The ascending order based on the LIST_TYPE. |
|
|
The ascending order based on the USED_IN_TEMPLATE. |
|
|
The ascending order based on the USED_IN_AUTOMITIGATION. |
Example
"NAME"
FilterListSortBy
Description
FilterListSortBy sorting.
Fields
| Input Field | Description |
|---|---|
dimension - FilterListDimension!
|
The dimension to sort by. Default = NAME |
direction - SortDirection!
|
The direction to sort in. Default = DESCENDING |
Example
{"dimension": "NAME", "direction": "ASCENDING"}
FilterListType
Description
Types of Filter Lists.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"black_white"
FilterListsFilterInput
FilterListsWithPagination
Description
Represents the list of filter lists along with pagination details.
Fields
| Field Name | Description |
|---|---|
results - [DDOSFilterList!]
|
The list of filter lists. |
pageInfo - Pagination!
|
The pagination details. |
Example
{
"results": [DDOSFilterList],
"pageInfo": Pagination
}
FilterManagedObject
FilterTemplate
Fields
| Field Name | Description |
|---|---|
id - String!
|
The ID of the Template as defined in Arbor. |
name - String!
|
Name of the template. |
managedObjects - [FilterManagedObject]
|
Set of managed objects referenced by the template object. |
Example
{
"id": "abc123",
"name": "xyz789",
"managedObjects": [FilterManagedObject]
}
FilterType
Description
Identifies the Filter List as Inline or User defined.
Values
| Enum Value | Description |
|---|---|
|
|
Filter is defined inline inside an Arbor Template. |
|
|
Filter is defined as an Arbor Filter List. |
Example
"INLINE"
Fingerprint
Float
Description
The Float scalar type represents signed double-precision fractional values as specified by IEEE 754.
Example
987.65
FlowConfig
Description
Flow Configuration
Fields
| Field Name | Description |
|---|---|
exportIP - IPAddress!
|
Flow export IP address. |
alertEnabled - Boolean!
|
Flow up/down notification. |
alertTimeout - String!
|
Configured flow alert timeout. |
Example
{
"exportIP": IPAddress,
"alertEnabled": true,
"alertTimeout": "xyz789"
}
FormFieldConsistency
Description
Represents Form field consistency countermeasure. It verifies that the web forms were not modified inappropriately by the client.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. |
sessionlessFieldConsistency - SessionlessFieldConsistency!
|
When turned on, it checks only the web form structure. |
fieldConsistencyExemptions - FieldConsistencyRulesWithPagination
|
A paginated list of exemption rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for form field consistency violations. |
Example
{
"action": "NONE",
"learn": true,
"sessionlessFieldConsistency": "ON",
"fieldConsistencyExemptions": FieldConsistencyRulesWithPagination,
"threshold": AppSecThreshold
}
FormFieldConsistencyRule
Description
A form field consistency exemption rule.
Example
{
"enabled": false,
"isFormFieldRegex": false,
"formFieldName": "abc123",
"actionURL": "abc123"
}
FormFieldConsistencyRuleCount
Description
Field consistency rule count.
Fields
| Field Name | Description |
|---|---|
rule - LearnedFormFieldConsistencyRule!
|
|
count - UnsignedInt32!
|
Example
{
"rule": LearnedFormFieldConsistencyRule,
"count": UnsignedInt32
}
FormFieldConsistencyRuleInput
Description
A form field consistency exemption rule.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the field consistency exemption is enabled. Default = true |
isFormFieldRegex - Boolean!
|
Whether the form field name is in regex format. Default = false |
formFieldName - String!
|
The form field name. |
actionURL - String!
|
The action URL of the web form. |
Example
{
"enabled": true,
"isFormFieldRegex": true,
"formFieldName": "xyz789",
"actionURL": "abc123"
}
FormFieldSignatureRule
Description
A WAF custom signature form field rule.
Fields
| Field Name | Description |
|---|---|
fieldNameFormat - SignatureRuleFormat!
|
A form field name format from the allowed list of formats. |
fieldName - String
|
The field name used in this rule. |
urlFormat - SignatureRuleFormat!
|
A url format from the allowed list of formats. |
url - String
|
The url used in this rule. |
Example
{
"fieldNameFormat": "ANY",
"fieldName": "xyz789",
"urlFormat": "ANY",
"url": "abc123"
}
FormFieldSignatureRuleInput
Description
Create a WAF custom signature form field rule.
Fields
| Input Field | Description |
|---|---|
fieldNameFormat - SignatureRuleFormat!
|
A form field name format from the allowed list of formats. Default = ANY |
fieldName - String
|
The field name used in this rule. |
urlFormat - SignatureRuleFormat!
|
A url format from the allowed list of formats. Default = ANY |
url - String
|
The url used in this rule. |
Example
{
"fieldNameFormat": "ANY",
"fieldName": "xyz789",
"urlFormat": "ANY",
"url": "xyz789"
}
GREInterface
GeoLocation
Description
Represents a geographic location.
Fields
| Field Name | Description |
|---|---|
continent - String
|
The continent of the location. |
countryName - String
|
The country name of the location. |
countryCode - CountryCode
|
The country code of the location. |
region - String
|
The region of the location. |
state - String
|
The state of the location. |
stateCode - String
|
The state code of the location. |
city - String
|
The city of the location. |
postal - String
|
The postal code of the location. |
timezone - String
|
The timezone of the location. |
areaCode - String
|
The area code of the location. |
latitude - Float
|
The latitude of the location. |
longitude - Float
|
The longitude of the location. |
Example
{
"continent": "xyz789",
"countryName": "abc123",
"countryCode": "AD",
"region": "xyz789",
"state": "xyz789",
"stateCode": "xyz789",
"city": "abc123",
"postal": "xyz789",
"timezone": "abc123",
"areaCode": "xyz789",
"latitude": 123.45,
"longitude": 123.45
}
HECConfiguration
Description
Represents the HTTP event collector channel-specific configuration.
Fields
| Field Name | Description |
|---|---|
URL - String!
|
The customer URL that we send HEC messages to. |
authorization - AuthorizationHeader
|
Non-secret view of the Authorization header for HEC. |
Example
{
"URL": "xyz789",
"authorization": AuthorizationHeader
}
HECConfigurationInput
Description
Represents the HTTP event collector channel-specific configuration input.
Fields
| Input Field | Description |
|---|---|
URL - String!
|
The customer URL that we send HEC messages to. |
authorization - AuthorizationHeaderInput
|
Write-only Authorization header for HEC. |
Example
{
"URL": "xyz789",
"authorization": AuthorizationHeaderInput
}
HTMLLocation
Description
Allowed list of values for an HTML location.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"FORM_FIELD"
HTMLSQLInjection
Description
An HTML SQL injection countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. |
checkSQLWildChars - Boolean!
|
Whether to check for form fields that contain SQL wild chars. |
sqlInjectionType - SQLInjectionType!
|
A SQL injection type. |
exemptCommentsWith - CommentExemption!
|
Exempt all comments of the given type. |
sqliGrammar - Boolean!
|
Enable SQL Injection grammar |
relaxationRules - HTMLSQLInjectionRelaxationRulesWithPagination
|
A paginated list of SQL Injection rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for HTML SQL injection violations. |
Example
{
"action": "NONE",
"learn": true,
"checkSQLWildChars": true,
"sqlInjectionType": "NONE",
"exemptCommentsWith": "CHECK_ALL",
"sqliGrammar": true,
"relaxationRules": HTMLSQLInjectionRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
HTMLSQLInjectionRelaxationRule
Description
An HTML SQL injection relaxation rule.
Fields
| Field Name | Description |
|---|---|
name - String!
|
Name of the web form field, cookie, or HTTP header to relax. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex - Boolean!
|
Whether the name is in regex format. |
url - String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
location - HTMLLocation
|
Location that should be examined by the rule. |
valueType - ValueType
|
The HTML value type. |
isValueExpressionRegex - Boolean
|
Whether the value expression is in regex format. |
valueExpression - String
|
The value expression. |
Example
{
"name": "xyz789",
"enabled": true,
"isNameRegex": true,
"url": "abc123",
"location": "FORM_FIELD",
"valueType": "KEYWORD",
"isValueExpressionRegex": true,
"valueExpression": "abc123"
}
HTMLSQLInjectionRelaxationRuleInput
Description
An HTML SQL injection relaxation rule.
Fields
| Input Field | Description |
|---|---|
name - String!
|
Name of the web form field, cookie, or HTTP header to relax. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. Default = true |
isNameRegex - Boolean!
|
Whether the name is in regex format. Default = false |
url - String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
location - HTMLLocation
|
The location that should be examined by the rule. |
valueType - ValueType
|
The HTML value type. |
isValueExpressionRegex - Boolean
|
Whether the value expression is in regex format. Default = false |
valueExpression - String
|
The value expression. |
Example
{
"name": "xyz789",
"enabled": false,
"isNameRegex": false,
"url": "xyz789",
"location": "FORM_FIELD",
"valueType": "KEYWORD",
"isValueExpressionRegex": false,
"valueExpression": "abc123"
}
HTMLSQLInjectionRelaxationRulesWithPagination
Description
A paginated list of SQL injection relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [HTMLSQLInjectionRelaxationRule!]
|
A list of relaxation rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [HTMLSQLInjectionRelaxationRule],
"pageInfo": Pagination
}
HTMLSQLInjectionRuleCount
Description
HTML SQL injection rule count.
Fields
| Field Name | Description |
|---|---|
rule - LearnedHTMLSQLInjectionRule!
|
|
count - UnsignedInt32!
|
Example
{
"rule": LearnedHTMLSQLInjectionRule,
"count": UnsignedInt32
}
HTMLSQLInjectionRuleCountsWithPagination
Description
Counts of learned HTML SQL injection relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [HTMLSQLInjectionRuleCount!]
|
|
pageInfo - Pagination!
|
Example
{
"results": [HTMLSQLInjectionRuleCount],
"pageInfo": Pagination
}
HTMLXSS
Description
An HTML cross-site scripting countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. |
checkCompleteURLs - Boolean
|
A flag to enforce checks for complete URLs for cross-site scripts, instead of just the query portions of URLs. |
relaxationRules - HTMLXSSRelaxationRulesWithPagination
|
A paginated list of HTML XSS relaxation rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for HTML cross-site scripting violations. |
Example
{
"action": "NONE",
"learn": false,
"checkCompleteURLs": false,
"relaxationRules": HTMLXSSRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
HTMLXSSLocation
Description
Allowed list of values for an HTML location in case of HTML XSS.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"FORM_FIELD"
HTMLXSSRelaxationRule
Description
An HTML XSS relaxation rule.
Fields
| Field Name | Description |
|---|---|
name - String!
|
Name of the web form field, cookie, or HTTP header to relax. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex - Boolean!
|
Whether the name is in regex format. |
url - String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
location - HTMLXSSLocation
|
The location that should be examined by the rule. |
valueType - XSSValueType
|
The XSS value type. |
isValueExpressionRegex - Boolean
|
Whether the value expression is in regex format. |
valueExpression - String
|
The value expression. |
Example
{
"name": "abc123",
"enabled": true,
"isNameRegex": true,
"url": "abc123",
"location": "FORM_FIELD",
"valueType": "TAG",
"isValueExpressionRegex": false,
"valueExpression": "xyz789"
}
HTMLXSSRelaxationRuleInput
Description
An HTML XSS relaxation rule.
Fields
| Input Field | Description |
|---|---|
name - String!
|
Name of the web form field, cookie, or HTTP header to relax. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. Default = true |
isNameRegex - Boolean!
|
Whether the name is in regex format. Default = false |
url - String!
|
If the item to be exempted is a web form field, the action URL for the web form. |
location - HTMLXSSLocation
|
The location that should be examined by the rule. |
valueType - XSSValueType
|
The HTML value type. |
isValueExpressionRegex - Boolean
|
Whether the value expression is in regex format. Default = false |
valueExpression - String
|
The value expression. |
Example
{
"name": "abc123",
"enabled": false,
"isNameRegex": false,
"url": "xyz789",
"location": "FORM_FIELD",
"valueType": "TAG",
"isValueExpressionRegex": true,
"valueExpression": "abc123"
}
HTMLXSSRelaxationRulesWithPagination
Description
A paginated list of HTML cross-site scripting relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [HTMLXSSRelaxationRule!]
|
A list of HTML XSS relaxation rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [HTMLXSSRelaxationRule],
"pageInfo": Pagination
}
HTMLXSSRuleCount
Description
HTML XSS rule count.
Fields
| Field Name | Description |
|---|---|
rule - LearnedHTMLXSSRule!
|
|
count - UnsignedInt32!
|
Example
{
"rule": LearnedHTMLXSSRule,
"count": UnsignedInt32
}
HTMLXSSRuleCountsWithPagination
Description
HTML XSS learning rules.
Fields
| Field Name | Description |
|---|---|
results - [HTMLXSSRuleCount!]
|
|
pageInfo - Pagination!
|
Example
{
"results": [HTMLXSSRuleCount],
"pageInfo": Pagination
}
HTTPMalformedDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
enabled - Boolean!
|
|
level - String!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"enabled": true,
"level": "abc123"
}
HTTPObjectDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
enabled - Boolean!
|
|
limit - Int!
|
Example
{
"name": "xyz789",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"enabled": true,
"limit": 123
}
HTTPRFCProfile
Description
A HTTP RFC Profile countermeasure. This setting is used when certain scenarios might need to bypass or block non RFC compliant request.
Fields
| Field Name | Description |
|---|---|
action - HTTPRFCProfileAction!
|
Action to be taken when there is a non compliant request. |
threshold - AppSecThreshold
|
Appsec Threshold configuration for HTTP RFC violations. |
Example
{"action": "BLOCK", "threshold": AppSecThreshold}
HTTPRFCProfileAction
Description
Allowed list of values for HTTP RFC Profile action.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"BLOCK"
HTTPRequestDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
HTTPScopingDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
applyOnMatch - Boolean!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"applyOnMatch": true
}
HeaderSignatureRule
Description
A WAF custom signature header rule.
Fields
| Field Name | Description |
|---|---|
headerNameFormat - SignatureRuleFormat!
|
A header name format from the allowed list of formats. |
headerName - String
|
The header name used in this rule. |
Example
{
"headerNameFormat": "ANY",
"headerName": "xyz789"
}
HeaderSignatureRuleInput
Description
Create a WAF custom signature header rule.
Fields
| Input Field | Description |
|---|---|
headerNameFormat - SignatureRuleFormat!
|
A header name format from the allowed list of formats. Default = ANY |
headerName - String
|
The header name used in this rule. |
Example
{
"headerNameFormat": "ANY",
"headerName": "abc123"
}
HostDetectionSetting
Description
Host Detection Setting.
Fields
| Field Name | Description |
|---|---|
misuseType - MisuseTypeSetting!
|
The misuse type. |
name - String!
|
The name of the misuse type |
enabled - String!
|
A flag indicating if the misuse type is enabled. |
triggerRate - String!
|
The trigger rate for the misuse type that must be exceeded before generating an alert. |
highSeverityRate - String!
|
The misuse type traffic rate use to differentiate between low, medium and high severity alert. |
Example
{
"misuseType": "CHARGEN_AMP",
"name": "abc123",
"enabled": "xyz789",
"triggerRate": "xyz789",
"highSeverityRate": "abc123"
}
ID
Description
The ID scalar type represents a unique identifier, often used to refetch an object or as key for a cache. The ID type appears in a JSON response as a String; however, it is not intended to be human-readable. When expected as an input type, any string (such as "4") or integer (such as 4) input value will be accepted as an ID.
Example
"4"
IDPInfo
IPAddress
Description
IPAddress represents a generic IP address
Fields
| Field Name | Description |
|---|---|
string - String!
|
A string representation of the IP address. |
version - IPVersion!
|
The nominal IP version of the address. Note that v4 addresses encoded in v6 format will report IPV6 |
strictVersion - IPVersion!
|
The reduced IP version of the address. V4 addresses encoded in v6 format will report IPV4 |
Example
{
"string": "abc123",
"version": "IPV4",
"strictVersion": "IPV4"
}
IPAddressFilterListDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "xyz789",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
IPAddressInput
Description
IPAddressInput is used to specify a generic IP address. One and only one field can be specified.
Fields
| Input Field | Description |
|---|---|
ipv4Address - IPv4Address
|
for an IPV4 version address |
ipv6Address - IPv6Address
|
for an IPV6 version address |
Example
{
"ipv4Address": IPv4Address,
"ipv6Address": IPv6Address
}
IPFilter
IPFilterFilterInput
Description
Represents properties we can filter the IP filter list by.
Example
{"cidr": CIDR, "isBlocked": true, "version": "IPV4"}
IPFilterInput
IPFiltersWithPagination
Description
Contains the paginated list of IP filters.
Fields
| Field Name | Description |
|---|---|
results - [IPFilter!]
|
List of IP filters. |
pageInfo - Pagination!
|
The results paging information. |
Example
{
"results": [IPFilter],
"pageInfo": Pagination
}
IPInfo
Description
Represents IP Intelligence information for a given IP address.
Fields
| Field Name | Description |
|---|---|
address - IPAddress
|
The IP address of interest. |
location - GeoLocation
|
The IP location metadata. |
network - IPNetwork
|
The IP network. |
reputation - IPReputation
|
The IP reputation. |
Example
{
"address": IPAddress,
"location": GeoLocation,
"network": IPNetwork,
"reputation": IPReputation
}
IPLocationFilterListDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
dropMatchedOrUnmatched - String!
|
Example
{
"name": "abc123",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"dropMatchedOrUnmatched": "abc123"
}
IPLocationPolicingDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "xyz789",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
IPNetwork
Description
IP Network information.
Fields
| Field Name | Description |
|---|---|
organization - String
|
The organization of the network. |
carrier - String
|
The carrier of the network. |
asn - UnsignedInt32
|
The ASN number. |
Example
{
"organization": "abc123",
"carrier": "xyz789",
"asn": UnsignedInt32
}
IPReputation
Description
IP Reputation score.
Example
{
"realScore": 123.45,
"riskScore": 987.65,
"classification": ["abc123"]
}
IPVersion
Description
IP version
Values
| Enum Value | Description |
|---|---|
|
|
IP v4 (32 bits, Four dot-separated octets) |
|
|
IP v6 (128 bits, Eight colon-separated hextets, with shorthand for expressing IPv4 addresses) |
Example
"IPV4"
IPv4Address
Description
An IPv4 address.
Example
IPv4Address
IPv6Address
Description
An IPv6 address.
Example
IPv6Address
InlineFilter
Fields
| Field Name | Description |
|---|---|
id - String!
|
Since this is an Inline Filter, the ID is the ID of the Template where it is defined. |
filterType - FilterType!
|
Indicates whether this filter list is user defined or an inline filter. |
company - Company!
|
The company object. |
name - String!
|
Name of the filter list. |
description - String
|
The description of the filter list. |
listType - FilterListType!
|
Type of data contained in this Filter List. |
listTypeLabel - String!
|
Display label for the type of data contained in this Filter List. |
usedInTemplate - Boolean!
|
Indicates if this Filter List is used in a Template. |
usedInAutoMitigation - Boolean!
|
Indicates if this Filter List is used in an Auto Mitigation. |
entries - [String!]!
|
Array of filter list entries based on the value of the listType attribute:" BLACK_WHITE_IPV4: IPv4 FCAP expressions BLACK_WHITE_IPV6: IPv6 FCAP expressions ADDRESS_IPV4: IPv4 CIDRs or addresses ADDRESS_IPV6: IPv6 CIDRs or addresses IP_LOCATION: Two-letter ISO 3166 country codes |
managedObjects - [FilterManagedObject]!
|
A set of Managed Objects referenced by this Filter |
Example
{
"id": "abc123",
"filterType": "INLINE",
"company": Company,
"name": "xyz789",
"description": "xyz789",
"listType": "black_white",
"listTypeLabel": "abc123",
"usedInTemplate": true,
"usedInAutoMitigation": false,
"entries": ["xyz789"],
"managedObjects": [FilterManagedObject]
}
Int
Description
The Int scalar type represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1.
Example
987
Int64
Example
Int64
Interface
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
traffic - [TrafficData!]!
|
Example
{
"name": "xyz789",
"traffic": [TrafficData]
}
InvalidPacketsDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
JSONCommandInjectionRelaxationRule
JSONCommandInjectionRelaxationRuleInput
JSONCommandInjectionRelaxationRulesWithPagination
Description
A paginated list of JSON command injection relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [JSONCommandInjectionRelaxationRule!]
|
A list of relaxation rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [JSONCommandInjectionRelaxationRule],
"pageInfo": Pagination
}
JSONCommandInjectionSettings
Description
JSON command injection Settings
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
commandInjectionType - CommandInjectionType!
|
A Command injection type. |
relaxationRules - JSONCommandInjectionRelaxationRulesWithPagination
|
A paginated list of command injection rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for JSON command injection violations. |
Example
{
"action": "NONE",
"commandInjectionType": "COMMAND_KEYWORD",
"relaxationRules": JSONCommandInjectionRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
JSONCrossSiteScriptingSettings
Description
JSON cross-site scripting settings to protect applications from XSS Attacks through JSON requests
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
relaxationRules - JSONXSSRelaxationRulesWithPagination
|
A paginated list of SQL Injection rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for JSON XSS violations. |
Example
{
"action": "NONE",
"relaxationRules": JSONXSSRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
JSONDenialOfServiceSettings
Description
JSON Denial of Service Settings to protect applications from Denial of Service Attacks through JSON requests
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
enforcementRule - JSONDoSEnforcementRule
|
A DOS Enforcement rules. |
threshold - AppSecThreshold
|
Appsec Threshold configuration for JSON DOS violations. |
Example
{
"action": "NONE",
"enforcementRule": JSONDoSEnforcementRule,
"threshold": AppSecThreshold
}
JSONDoSEnforcementRule
Description
A JSON Denial of Service enforcement rule.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the relaxation rule is enabled. |
jsonMaxArrayLength - UnsignedInt32
|
JSON maximum array length in bytes. |
jsonMaxContainerDepth - UnsignedInt32
|
JSON maximum container depth in bytes. |
jsonMaxDocumentLength - UnsignedInt32
|
JSON maximum document length in bytes. |
jsonMaxObjectKeyCount - UnsignedInt32
|
JSON maximum object key count in bytes. |
jsonMaxObjectKeyLength - UnsignedInt32
|
JSON maximum object key length in bytes. |
jsonMaxStringLength - UnsignedInt32
|
JSON maximum object string length in bytes. |
Example
{
"enabled": true,
"jsonMaxArrayLength": UnsignedInt32,
"jsonMaxContainerDepth": UnsignedInt32,
"jsonMaxDocumentLength": UnsignedInt32,
"jsonMaxObjectKeyCount": UnsignedInt32,
"jsonMaxObjectKeyLength": UnsignedInt32,
"jsonMaxStringLength": UnsignedInt32
}
JSONDoSEnforcementRuleInput
Description
A JSON Denial of Service enforcement rule input.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the relaxation rule is enabled. |
jsonMaxArrayLength - UnsignedInt32
|
JSON maximum array length in bytes. |
jsonMaxContainerDepth - UnsignedInt32
|
JSON maximum container depth in bytes. |
jsonMaxDocumentLength - UnsignedInt32
|
JSON maximum document length in bytes. |
jsonMaxObjectKeyCount - UnsignedInt32
|
JSON maximum object key count in bytes. |
jsonMaxObjectKeyLength - UnsignedInt32
|
JSON maximum object key length in bytes. |
jsonMaxStringLength - UnsignedInt32
|
JSON maximum object string length in bytes. |
Example
{
"enabled": true,
"jsonMaxArrayLength": UnsignedInt32,
"jsonMaxContainerDepth": UnsignedInt32,
"jsonMaxDocumentLength": UnsignedInt32,
"jsonMaxObjectKeyCount": UnsignedInt32,
"jsonMaxObjectKeyLength": UnsignedInt32,
"jsonMaxStringLength": UnsignedInt32
}
JSONSQLInjectionRelaxationRule
JSONSQLInjectionRelaxationRuleInput
JSONSQLInjectionRelaxationRulesWithPagination
Description
A paginated list of JSON SQL injection relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [JSONSQLInjectionRelaxationRule!]
|
A list of relaxation rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [JSONSQLInjectionRelaxationRule],
"pageInfo": Pagination
}
JSONSQLInjectionSettings
Description
JSON SQL Injection Settings to protect applications from SQL Injection attacks through JSON requests
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
sqlInjectionType - SQLInjectionType!
|
A SQL injection type. |
sqliGrammar - Boolean!
|
Enable SQL Injection grammar |
relaxationRules - JSONSQLInjectionRelaxationRulesWithPagination
|
A paginated list of SQL Injection rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for JSON SQL injection violations. |
Example
{
"action": "NONE",
"sqlInjectionType": "NONE",
"sqliGrammar": true,
"relaxationRules": JSONSQLInjectionRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
JSONSettings
Description
JSON Security Settings to protect JSON Applications
Fields
| Field Name | Description |
|---|---|
jsonSQLInjectionSettings - JSONSQLInjectionSettings
|
JSON SQL Injection Settings. |
jsonDenialOfServiceSettings - JSONDenialOfServiceSettings
|
JSON Denial of Service Settings. |
jsonCrossSiteScriptingSettings - JSONCrossSiteScriptingSettings
|
JSON Cross Site Scripting Settings. |
jsonCommandInjectionSettings - JSONCommandInjectionSettings
|
JSON Command Injection Settings. |
Example
{
"jsonSQLInjectionSettings": JSONSQLInjectionSettings,
"jsonDenialOfServiceSettings": JSONDenialOfServiceSettings,
"jsonCrossSiteScriptingSettings": JSONCrossSiteScriptingSettings,
"jsonCommandInjectionSettings": JSONCommandInjectionSettings
}
JSONXSSRelaxationRule
JSONXSSRelaxationRuleInput
JSONXSSRelaxationRulesWithPagination
Description
A paginated list of JSON XSS relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [JSONXSSRelaxationRule!]
|
A list of relaxation rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [JSONXSSRelaxationRule],
"pageInfo": Pagination
}
LearnedCSRFSettingsRule
LearnedContentTypeRule
LearnedCookieConsistencyRule
LearnedFieldFormatRule
Description
A learned field format rule.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the rule is enabled. |
formFieldName - String!
|
Name of the form field. |
actionURL - String!
|
Action URL. |
fieldType - String!
|
Type of field. |
minLength - UnsignedInt32!
|
Minimum length. |
maxLength - UnsignedInt32!
|
Maximum length. |
Example
{
"enabled": false,
"formFieldName": "abc123",
"actionURL": "abc123",
"fieldType": "xyz789",
"minLength": UnsignedInt32,
"maxLength": UnsignedInt32
}
LearnedFormFieldConsistencyRule
LearnedHTMLSQLInjectionRule
Description
A learned HTML SQL injection rule.
Example
{
"name": "abc123",
"enabled": true,
"url": "abc123",
"location": "xyz789",
"valueType": "xyz789",
"valueExpression": "xyz789"
}
LearnedHTMLXSSRule
Description
A learned HTML XSS rule.
Example
{
"name": "abc123",
"enabled": false,
"url": "abc123",
"location": "abc123",
"valueType": "abc123",
"valueExpression": "xyz789"
}
LearnedWSISettingsRule
LearningRules
Description
Rules that are being learned, from items that were set to 'Learn' mode.
Fields
| Field Name | Description |
|---|---|
cookieConsistencyRules - CookieConsistencyRuleCountsWithPagination
|
|
Arguments
|
|
fieldFormatRules - FieldFormatRuleCountsWithPagination
|
|
Arguments
|
|
fieldConsistencyRules - FieldConsistencyRuleCountsWithPagination
|
|
Arguments
|
|
csrfSettingsRules - CSRFSettingsRuleCountsWithPagination
|
|
Arguments
|
|
contentTypeRules - ContentTypeRuleCountsWithPagination
|
|
Arguments
|
|
htmlSQLInjectionRules - HTMLSQLInjectionRuleCountsWithPagination
|
|
Arguments
|
|
crossSiteScriptingRules - HTMLXSSRuleCountsWithPagination
|
|
Arguments
|
|
wsiSettingsRules - WSISettingsRuleCountsWithPagination
|
|
Arguments
|
|
Example
{
"cookieConsistencyRules": CookieConsistencyRuleCountsWithPagination,
"fieldFormatRules": FieldFormatRuleCountsWithPagination,
"fieldConsistencyRules": FieldConsistencyRuleCountsWithPagination,
"csrfSettingsRules": CSRFSettingsRuleCountsWithPagination,
"contentTypeRules": ContentTypeRuleCountsWithPagination,
"htmlSQLInjectionRules": HTMLSQLInjectionRuleCountsWithPagination,
"crossSiteScriptingRules": HTMLXSSRuleCountsWithPagination,
"wsiSettingsRules": WSISettingsRuleCountsWithPagination
}
LegacyApplicationService
Description
Application services that make up the back end of the virtual server.
Fields
| Field Name | Description |
|---|---|
port - UnsignedInt16!
|
The port number for the application service. |
protocol - ProxyProtocol!
|
The protocol type used for this virtual server's front and back ends. |
origin - String!
|
The IP address for the application service. |
Example
{
"port": UnsignedInt16,
"protocol": "HTTP",
"origin": "xyz789"
}
LegacyCertificateBinding
Description
Certificate information for a back end.
Example
{"certificateID": "xyz789", "sni": true}
LegacyProxy
Description
A proxy configured on hardware appliances.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of this proxy. |
createdAt - Time!
|
Time when this proxy was created. |
updatedAt - Time!
|
Time when this proxy was last updated. |
deletedAt - Time
|
Time when this proxy was deleted. |
company - Company!
|
Company for which this proxy is configured. |
name - String!
|
Friendly name of the proxy configuration. Typically set to the hostname being proxied to the services. |
ip - IPAddress!
|
IP or hostname. |
ipVersion - IPVersion!
|
The IP version of this host. |
vServers - [LegacyVServer!]
|
List of virtual servers configured for this proxy for delivering services. |
readOnly - Boolean!
|
Indicates whether the configuration of this proxy can be updated by the customer. |
provisioningStatus - ProxyProvisioningStatus
|
The provisioning status of this proxy. |
Example
{
"id": "xyz789",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"deletedAt": "10:15:30Z",
"company": Company,
"name": "abc123",
"ip": IPAddress,
"ipVersion": "IPV4",
"vServers": [LegacyVServer],
"readOnly": true,
"provisioningStatus": "IN_PROGRESS"
}
LegacyTLSOptions
Description
TLS settings for the virtual server that is using TLS/SSL.
Fields
| Field Name | Description |
|---|---|
minTLSVersion - MinTLSVersion!
|
Minimum TLS versions to support. |
forceBackendSNI - Boolean!
|
Forces back-end SNI support between the proxy and the origin, sending the specified common name to initiate SNI to the back end. |
commonName - String
|
Common name to be sent with request to back-end origin(s). |
hstsEnabled - Boolean!
|
Flag indicating whether or not to follow HTTP Strict Transport Security. |
hstsMaxAge - UnsignedInt32!
|
MaxAge parameter for HSTS. |
hstsPreload - Boolean!
|
Flag indicating whether to include preload parameter in HSTS. |
hstsIncludeSubdomains - Boolean!
|
Flag indicating whether to include subdomains parameter in HSTS. |
Example
{
"minTLSVersion": "V_1_0",
"forceBackendSNI": false,
"commonName": "xyz789",
"hstsEnabled": false,
"hstsMaxAge": UnsignedInt32,
"hstsPreload": true,
"hstsIncludeSubdomains": true
}
LegacyVServer
Description
A virtual server, part of a legacy hardward proxy configuration.
Fields
| Field Name | Description |
|---|---|
port - UnsignedInt16!
|
The virtual server's front-end port. |
protocol - ProxyProtocol!
|
Protocol type used for the front and back ends. |
company - Company!
|
Company the proxy configuration belongs to. |
loadBalanceMethod - ProxyLoadBalanceMethod!
|
Method used to load-balance connections to application services. |
persistenceType - ProxyLoadBalancePersistenceType!
|
A session persistence type to apply to requests. |
xffHeader - String!
|
The name of the 'forwarded-for' header. |
sp - Boolean!
|
Ensure connections to the server occur at a rate that the server can handle. |
tcpb - Boolean!
|
Use TCP Buffering for the service. |
tlsOptions - LegacyTLSOptions
|
TLS/SSL protocol options. |
certificateBindings - [LegacyCertificateBinding!]
|
Certficate(s) for this virtual server. |
applicationServices - [LegacyApplicationService!]
|
Application services that make up this virtual server's back end. |
Example
{
"port": UnsignedInt16,
"protocol": "HTTP",
"company": Company,
"loadBalanceMethod": "LEAST_CONNECTION",
"persistenceType": "SOURCE_IP",
"xffHeader": "abc123",
"sp": true,
"tcpb": true,
"tlsOptions": LegacyTLSOptions,
"certificateBindings": [LegacyCertificateBinding],
"applicationServices": [LegacyApplicationService]
}
Link
LogTime
Description
The Date/Time format used for Violation logs time fields is UTC time with trailing zeroes for subfraction millseconds value.
Example
LogTime
MFAPackage
Description
Specifies Multi Factor Authentication configuration for company.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether multi-factor authentication (MFA) is enabled for the Company. |
Example
{"enabled": false}
ManagedObject
Description
Managed Objects
Fields
| Field Name | Description |
|---|---|
id - String!
|
Identifier of the managed object. |
company - Company!
|
|
name - String!
|
|
elements - [ManagedObjectElement!]
|
List of elements that associate traffic with the managed object. |
elementType - ManagedObjectElementType
|
The type of traffic association criteria for the elements. |
mitigationTemplates - [MitigationTemplate!]
|
List of mitigation templates associated |
types - [ManagedObjectType!]
|
List of managed object type. |
sharedHostDetectionSettings - SharedHostDetectionSettings
|
Shared host detection settings. |
Example
{
"id": "xyz789",
"company": Company,
"name": "abc123",
"elements": [ManagedObjectElementSimple],
"elementType": "ADVANCED",
"mitigationTemplates": [MitigationTemplate],
"types": ["DNA"],
"sharedHostDetectionSettings": SharedHostDetectionSettings
}
ManagedObjectElement
Description
The type of the element for associating traffic with the managed object.
Types
| Union Types |
|---|
Example
ManagedObjectElementSimple
ManagedObjectElementGroup
ManagedObjectElementSimple
Description
The type of the element that contains only a single value.
Fields
| Field Name | Description |
|---|---|
value - String!
|
The single value of the element. |
Example
{"value": "xyz789"}
ManagedObjectElementType
Description
The type of traffic association criteria for an element.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"ADVANCED"
ManagedObjectFilterInput
Fields
| Input Field | Description |
|---|---|
types - [ManagedObjectType!]
|
Example
{"types": ["DNA"]}
ManagedObjectMitigationTemplateType
Description
Mitigation Template types for Managed Objects.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"MANUAL_IPV4"
ManagedObjectType
Description
Types of Managed Objects.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"DNA"
Map
Example
Map
MinTLSVersion
Description
Supported Minimum TLS version.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"V_1_0"
MisuseType
Description
Misuse type.
Fields
| Field Name | Description |
|---|---|
misuseTypeName - String!
|
|
misuseTypeTriggerRate - [String!]!
|
|
actualRate - [String!]!
|
|
highSeverityRate - [String!]!
|
Example
{
"misuseTypeName": "xyz789",
"misuseTypeTriggerRate": ["xyz789"],
"actualRate": ["abc123"],
"highSeverityRate": ["abc123"]
}
MisuseTypeSetting
Description
Misuse type setting.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"CHARGEN_AMP"
Mitigation
Description
Represents a Mitigation.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of this mitigaiton. |
company - Company!
|
The company object. |
start - Time!
|
The start time of the mitigaiton |
end - Time
|
The end time of the mitigation. A non-zero value of end time means that the mitigation has ended or finished. |
event - Event
|
The event associated with this mitigation. |
Possible Types
| Mitigation Types |
|---|
Example
{
"id": "xyz789",
"company": Company,
"start": "10:15:30Z",
"end": "10:15:30Z",
"event": Event
}
MitigationDetailsTrafficSeries
Fields
| Field Name | Description |
|---|---|
field - TrafficField!
|
|
unit - String!
|
|
points - [MitigationTrafficTimeSeriesPoint]
|
Example
{
"field": "IN_BITS",
"unit": "abc123",
"points": [MitigationTrafficTimeSeriesPoint]
}
MitigationDimension
Description
One of the sorted order fields.
Values
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the START time. |
|
|
The ascending order based on the END time. |
Example
"START"
MitigationFilterInput
Description
The filters that can be applied to scope the list of mitigations.
Fields
| Input Field | Description |
|---|---|
id - String
|
The identifier of the mitigation |
active - Boolean
|
Include active mitigations when set to true or inactive when set to false. By default, all mitigations are fetched regardless of whether they are active or not. |
providers - [MitigationType!]
|
A provider(s) that you would like to filter events on. |
managedObjectID - String
|
A managed object ID that you would like to filter events on. |
Example
{
"id": "xyz789",
"active": true,
"providers": ["DDOS"],
"managedObjectID": "abc123"
}
MitigationSortBy
Description
EventsSortBy sorting.
Fields
| Input Field | Description |
|---|---|
dimension - MitigationDimension!
|
The dimension to sort by. . Default = START |
direction - SortDirection!
|
The direction to sort in. . Default = DESCENDING |
Example
{"dimension": "START", "direction": "ASCENDING"}
MitigationTemplate
Description
Mitigation Templates
Fields
| Field Name | Description |
|---|---|
id - String!
|
Identifier for this Mitigation Template. |
company - Company!
|
|
deviceGroup - DeviceGroup
|
Device group |
ipVersion - IPVersion
|
|
filterList - [DDOSFilter!]
|
List of filters configured for this template |
inlineFilters - [String!]
|
The inline filter entries. |
denyAllowFilterLists - [DDOSFilter!]
|
List of deny/allow filter lists configured for this template. |
deniedFingerprints - [Fingerprint!]
|
List of fingerprints configured for this template. |
ipAddressPassFilterLists - [DDOSFilter!]
|
List of IP address pass filter lists for this template. |
ipAddressDropFilterLists - [DDOSFilter!]
|
List of IP address drop filter lists for this template. |
name - String
|
Miitigation template name. |
type - ManagedObjectMitigationTemplateType
|
Miitigation template type for the managed object. |
Example
{
"id": "abc123",
"company": Company,
"deviceGroup": DeviceGroup,
"ipVersion": "IPV4",
"filterList": [DDOSFilter],
"inlineFilters": ["xyz789"],
"denyAllowFilterLists": [DDOSFilter],
"deniedFingerprints": [Fingerprint],
"ipAddressPassFilterLists": [DDOSFilter],
"ipAddressDropFilterLists": [DDOSFilter],
"name": "xyz789",
"type": "MANUAL_IPV4"
}
MitigationTrafficTimeSeriesPoint
MitigationType
Description
Allowed mitigation type values. These types are also sometimes called providers
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"DDOS"
MitigationsWithPagination
Description
Represents the list of mitigations along with pagination details.
Fields
| Field Name | Description |
|---|---|
results - [Mitigation!]
|
The list of mitigations. |
pageInfo - Pagination!
|
The pagination details. |
Example
{
"results": [Mitigation],
"pageInfo": Pagination
}
NetworkControls
Description
Network controls for a given policy.
Fields
| Field Name | Description |
|---|---|
blockedCountries - [CountryCode!]
|
A list of blocked countries. |
ipFilterList - IPFiltersWithPagination
|
A paginated list of ip filters. |
Arguments
|
|
Example
{
"blockedCountries": ["AD"],
"ipFilterList": IPFiltersWithPagination
}
NetworkNode
Description
A collection of devices and services located together in one physical location.
Example
{
"iataCode": "abc123",
"description": "abc123"
}
NetworkNodeFilterInput
Description
Reducing list of or choosing specific nodes.
Example
{
"iataCode": "xyz789",
"includeDeleted": true
}
NotificationCategory
Description
NotificationCategory field values that can be included.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"CLOUD_FIREWALL_SUBMITTED"
NotificationConfiguration
Description
Represents a Notification Configuration.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of this notification configuration. |
company - Company!
|
The company object. |
createdAt - Time!
|
The time that the notification configuration was created at. |
updatedAt - Time!
|
The time that the notification configuration was last updated at |
categories - [CategoryConfiguration!]!
|
The list of global category notification configurations. |
Possible Types
| NotificationConfiguration Types |
|---|
Example
{
"id": "xyz789",
"company": Company,
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"categories": [CategoryConfiguration]
}
NotificationConfigurationFilterInput
Description
A filter input to constrain the queried results of notification configurations.
Fields
| Input Field | Description |
|---|---|
id - String
|
The identifier of the notification configuration. |
companyConfiguration - Boolean
|
By default, the company configuration is returned as a part of the results. This flag indicates whether to return the company notification configuration in the results. Default = true |
userConfigurations - Boolean
|
By default, the user notification configurations are not returned as a part of the results. This flag must be set to true to indicate whether the user notification configurations belonging to the company should be returned. Default = false |
userIDs - [String!]
|
Retrieve notification configurations for specific user service IDs. |
Example
{
"id": "xyz789",
"companyConfiguration": false,
"userConfigurations": true,
"userIDs": ["xyz789"]
}
NotificationConfigurationsWithPagination
Description
Represents the list of notification configurations along with pagination details.
Fields
| Field Name | Description |
|---|---|
results - [NotificationConfiguration!]!
|
The list of notification configurations. |
pageInfo - Pagination
|
The pagination details. |
Example
{
"results": [NotificationConfiguration],
"pageInfo": Pagination
}
NotificationDimension
Description
NotificationDimension the order that we can order notification configurations by.
Values
| Enum Value | Description |
|---|---|
|
|
The ascending order based on the createdAt time. |
|
|
The ascending order based on the updatedAt time. |
Example
"CREATED_AT"
NotificationRecord
Description
NotificationRecord collection.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of the notification record. |
createdAt - Time!
|
Time when the notification record was created. |
updatedAt - Time!
|
Time when the notification record was updated. |
company - Company!
|
Company the notification record belongs to. |
category - NotificationCategory!
|
Notification category that the record is a part of. |
subject - String!
|
Subject line of the notification record. |
content - String!
|
Content text of the notification record. |
reads - [String!]
|
List of users who read this notification. |
Example
{
"id": "xyz789",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"company": Company,
"category": "CLOUD_FIREWALL_SUBMITTED",
"subject": "abc123",
"content": "abc123",
"reads": ["abc123"]
}
NotificationRecordFilterInput
Description
A filter input to constrain the queried results of notification records.
Fields
| Input Field | Description |
|---|---|
id - String
|
The identifier of the notification record. |
categories - [NotificationCategory!]
|
List of categories to retrieve notification records for. |
unread - Boolean
|
A flag indicating to return read or unread notification records. |
Example
{
"id": "xyz789",
"categories": ["CLOUD_FIREWALL_SUBMITTED"],
"unread": false
}
NotificationRecordsWithPagination
Description
NotificationRecordsWithPagination represents the list of notification records along with pagination details.
Fields
| Field Name | Description |
|---|---|
results - [NotificationRecord!]!
|
The list of notification records. |
pageInfo - Pagination
|
The pagination details. |
Example
{
"results": [NotificationRecord],
"pageInfo": Pagination
}
NotificationSortBy
Description
NotificationSortBy of notification configurations.
Fields
| Input Field | Description |
|---|---|
dimension - NotificationDimension!
|
The dimension to sort by. Default = CREATED_AT |
direction - SortDirection!
|
The direction to sort in. Default = DESCENDING |
Example
{"dimension": "CREATED_AT", "direction": "ASCENDING"}
NotificationsWhiteLabel
Description
Whitelabel and domain elements for notifications.
Fields
| Field Name | Description |
|---|---|
whiteLabel - WhiteLabel!
|
Contains whitelabel specifications for this company's notifications. |
managementDomain - String!
|
Management domain name for this company's notifications. |
Example
{
"whiteLabel": WhiteLabel,
"managementDomain": "abc123"
}
OnNetworkAlertSubType
Description
Detected DDoS attack.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"DOS"
OneTimeExecutiveReportConfiguration
Description
One time report configuration.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of one time report configuration. |
name - String!
|
Name of one time report configuration. |
description - String
|
Description of Report Configuration. |
reportType - ExecutiveReportType!
|
Type of report. |
includeWAF - Boolean
|
If true, includes WAF violation summary in report. |
includeBot - Boolean
|
If true, includes Bot mitigation summary in report. |
includeDDOS - Boolean
|
If true, includes DDOS mitigation summary in report. |
notification - ExecutiveReportNotificationDetails
|
Email recepient list to send reports to. |
createdAt - Time
|
Timestamp when report is created. |
enabled - Boolean
|
If enabled, this configuration will generate a report. |
from - Time
|
Starting timestamp for metrics to be pulled from. |
to - Time
|
Ending timestamp for metrics to be pulled from. |
Example
{
"id": "xyz789",
"name": "abc123",
"description": "abc123",
"reportType": "ONE_TIME",
"includeWAF": true,
"includeBot": false,
"includeDDOS": false,
"notification": ExecutiveReportNotificationDetails,
"createdAt": "10:15:30Z",
"enabled": true,
"from": "10:15:30Z",
"to": "10:15:30Z"
}
OneTimeExecutiveReportConfigurationsWithPagination
Description
Paginated One time report configurations.
Fields
| Field Name | Description |
|---|---|
results - [OneTimeExecutiveReportConfiguration!]
|
List of one time report configurations. |
pageInfo - Pagination!
|
Pagination settings. |
Example
{
"results": [OneTimeExecutiveReportConfiguration],
"pageInfo": Pagination
}
OpenHybridAlert
Description
An alert that can be sent via an API call.totalItems
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of the alert. |
company - Company!
|
The company object. |
start - Time!
|
The start time of the alert |
end - Time
|
The end time of the alert. A non-zero value of end time means that the alert has ended or finished. |
severity - Severity!
|
An indication of how critical the Alert is. |
type - AlertType!
|
A boolean value that indicates whether or not the alert is an Infrastructure alert |
Example
{
"id": "abc123",
"company": Company,
"start": "10:15:30Z",
"end": "10:15:30Z",
"severity": "HIGH",
"type": "DNA"
}
POSTBody
Description
A POST BODY limit countermeasure.
Fields
| Field Name | Description |
|---|---|
limit - UnsignedInt32!
|
A post body size limit value. |
threshold - AppSecThreshold
|
Appsec Threshold configuration for post body limit violations. |
Example
{
"limit": UnsignedInt32,
"threshold": AppSecThreshold
}
PROXYProtocol
Description
PROXY Protocol enum.
Values
| Enum Value | Description |
|---|---|
|
|
PROXY Protocol is disabled. |
|
|
PROXY Protocol version 1. |
|
|
PROXY Protocol version 2. |
Example
"DISABLED"
PacketHeaderFilterDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
Pagination
Description
Represents pagination.
Fields
| Field Name | Description |
|---|---|
totalItems - UnsignedInt64!
|
The number of items that would have been returned if pagination hadn't been applied. |
pageNumber - UnsignedInt32!
|
Current page number. |
itemsPerPage - UnsignedInt32!
|
Number of items per page. |
Example
{
"totalItems": UnsignedInt64,
"pageNumber": UnsignedInt32,
"itemsPerPage": UnsignedInt32
}
PayloadDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
traffic - [TrafficData!]
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"traffic": [TrafficData]
}
PerConnectionFloodProtectionDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
enabled - Boolean!
|
|
maximumBPS - Int!
|
|
maximumPPS - Int!
|
|
enforcement - String!
|
Example
{
"name": "xyz789",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"enabled": true,
"maximumBPS": 987,
"maximumPPS": 123,
"enforcement": "abc123"
}
Person
Policy
Description
A configurable set of options that can be employed to secure Company assets.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of the policy. |
company - Company!
|
The name of the company. |
learningRules - LearningRules
|
Learning rules associated with the Policy. |
createdAt - Time!
|
The time at which the policy was created. |
updatedAt - Time!
|
The time at which the policy was updated. |
deletedAt - Time
|
The time at which the policy was deleted. |
name - String!
|
The name of the policy. |
key - String!
|
A unique string representing a policy. |
wafProfile - WAFProfile
|
The WAF profile associated to this policy. |
networkControls - NetworkControls
|
The network controls associated to this policy. |
responderPolicies - [ResponderPolicy!]
|
The responder polices associated to this policy. |
appSecThresholds - [AppSecThreshold!]
|
The appsec thresholds associated to this policy. |
trustedSources - TrustedSourcesWithPagination
|
The trusted IP sources associated to this policy. Traffic at these sources are used by the learning feature to generate recommendations. |
Arguments
|
|
botProfile - BotProfile
|
The bot profile associated to this policy. |
proxies - [Proxy!]
|
A list of proxies using this policy. |
Arguments
|
|
Example
{
"id": "xyz789",
"company": Company,
"learningRules": LearningRules,
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"deletedAt": "10:15:30Z",
"name": "abc123",
"key": "abc123",
"wafProfile": WAFProfile,
"networkControls": NetworkControls,
"responderPolicies": [ResponderPolicy],
"appSecThresholds": [AppSecThreshold],
"trustedSources": TrustedSourcesWithPagination,
"botProfile": BotProfile,
"proxies": [Proxy]
}
PolicyFilterInput
Description
Filter a list of policies.
Example
{
"id": "xyz789",
"key": "xyz789",
"includeDeleted": true
}
PortRange
Fields
| Field Name | Description |
|---|---|
high - UnsignedInt64
|
|
low - UnsignedInt64
|
Example
{
"high": UnsignedInt64,
"low": UnsignedInt64
}
Protocol
Description
Protocol Binding used.
Values
| Enum Value | Description |
|---|---|
|
|
Redirect used. |
|
|
Post used. |
Example
"HTTP_REDIRECT"
ProtocolBaselineDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
ProvisioningStatus
Values
| Enum Value | Description |
|---|---|
|
|
There is no proxy plus configuration in place to provision. |
|
|
The proxy plus configuration is currently being provisioned. |
|
|
The proxy plus configuration has been successfully provisioned. |
|
|
The proxy plus configuration encountered an error during provisioning. |
Example
"NO_CONFIG"
Proxy
Description
A proxy configuration.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of this proxy. |
company - Company!
|
Company the proxy configuration belongs to. |
vServerStatus - [VServerStatus!]
|
Status values for the vServers. |
createdAt - Time!
|
Time proxy was created. |
updatedAt - Time!
|
Time proxy was updated. |
deletedAt - Time
|
Time proxy was deleted. |
name - String!
|
Friendly name of the proxy configuration. Typically set to the hostname being proxied to the service. |
ip - IPAddress!
|
IP or hostname. |
ipVersion - IPVersion!
|
The IP version of this host. |
vServers - [VServer!]
|
The back-end origin servers, ports and protocols that bind it to the front-end port. |
policies - [Policy!]
|
A list of policies associated with this proxy. |
Example
{
"id": "xyz789",
"company": Company,
"vServerStatus": [VServerStatus],
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"deletedAt": "10:15:30Z",
"name": "xyz789",
"ip": IPAddress,
"ipVersion": "IPV4",
"vServers": [VServer],
"policies": [Policy]
}
ProxyFilterInput
Description
Input required if extra criteria are needed to constrain the queried results.
Example
{"id": "xyz789", "includeDeleted": true}
ProxyLoadBalanceMethod
Description
Load-balancing options.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"LEAST_CONNECTION"
ProxyLoadBalancePersistenceType
Description
Type of session persistence to apply to requests.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"SOURCE_IP"
ProxyPackage
Description
Per-Company Proxy settings.
Fields
| Field Name | Description |
|---|---|
dName - String!
|
The identifier of the owning company. |
managedObjects - [ManagedObject!]
|
List of proxy managed objects. |
enabled - Boolean!
|
Whether proxy access is enabled for the Company. |
proxyType - ProxyType
|
Specifies type of proxy (hardware/cloud/none) for this company. |
vipCategory - String!
|
Specifies the Virtual IP Category for this company. |
vipPoolAllocationLimit - UnsignedInt32!
|
Specifies the max number of Virtual IPs that can be allocated to this company. |
networkEnabled - Boolean!
|
Specifies whether the VIP network is enabled. |
enableHTTPSPacketInspection - Boolean!
|
Specifies whether HTTPS packet introspection is turned on. |
policyEnabled - Boolean!
|
Specifies whether L7 policies are enabled for Virtual IPs. |
wafEnabled - Boolean!
|
Specifies whether Web Application Firewall is enabled for this company's Virtual IPs. |
basicWAFEnabled - Boolean!
|
Specifies whether the basic Web Application Firewall offering is enabled for this company's VIPs. |
ultraWAFEnabled - Boolean!
|
Specifies whether the Ultra Web Application Firewall offering is enabled for this company's VIPs. |
botEnabled - Boolean!
|
Specifies whether the Bot Management offering is enabled for this company's VIPs. |
apiEnabled - Boolean!
|
Specifies whether the Ultra API offering is enabled for this company's VIPs. |
edgeEnabled - Boolean!
|
Specifies whether the Ultra Edge offering is enabled for this company's VIPs. |
maxWAFSignatures - UnsignedInt16!
|
Specifies the max number of signatures allowed for this company for its Web Application Firewall. |
maxSSLCertificates - UnsignedInt16!
|
Specifies the max number of SSL certificates that can be configured for this company on all its VIPs combined. |
Example
{
"dName": "abc123",
"managedObjects": [ManagedObject],
"enabled": false,
"proxyType": "NONE",
"vipCategory": "abc123",
"vipPoolAllocationLimit": UnsignedInt32,
"networkEnabled": false,
"enableHTTPSPacketInspection": true,
"policyEnabled": true,
"wafEnabled": true,
"basicWAFEnabled": true,
"ultraWAFEnabled": false,
"botEnabled": true,
"apiEnabled": true,
"edgeEnabled": false,
"maxWAFSignatures": UnsignedInt16,
"maxSSLCertificates": UnsignedInt16
}
ProxyPlusBackend
ProxyPlusCertificate
Description
A SSL certificate used by Proxy Plus Proxies.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The ID of the certificate. |
company - Company!
|
Company the proxy plus certificate belongs to. |
name - String!
|
The name of the certificate. |
linksTo - String
|
The intermediate certificate that links to the certificate. |
isIntermediate - Boolean!
|
Whether or not the certificate is an intermediate. |
fingerprint - String!
|
The hash of the certificate. |
commonName - String!
|
The common name of the certificate. |
issuer - String!
|
The issuer name of the certificate. |
root - String!
|
The root certificate name. |
sanNames - [String!]
|
SAN Names belonging to the certificate. |
issued - Time!
|
The time at which the certificate was issued. |
expiration - Time!
|
The time at which the certificate will expire. |
nod - String!
|
The name of the certificate on the devices. |
proxies - [ProxyPlusProxy!]
|
The proxy plus proxies associated to this certificate. |
createdAt - Time!
|
The creation time of the proxy plus SSL certificate. |
deletedAt - Time
|
The time at which the proxy plus SSL Certificate was deleted. |
Example
{
"id": "abc123",
"company": Company,
"name": "xyz789",
"linksTo": "xyz789",
"isIntermediate": true,
"fingerprint": "xyz789",
"commonName": "xyz789",
"issuer": "abc123",
"root": "xyz789",
"sanNames": ["xyz789"],
"issued": "10:15:30Z",
"expiration": "10:15:30Z",
"nod": "xyz789",
"proxies": [ProxyPlusProxy],
"createdAt": "10:15:30Z",
"deletedAt": "10:15:30Z"
}
ProxyPlusCertificateFilterInput
Description
Input to filter Proxy Plus Certificates.
Example
{"id": "xyz789", "includeDeleted": true}
ProxyPlusConfigurationChangesLock
Description
The lock status of the Proxy Configuration Service.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of the lock. |
createdAt - Time!
|
Time at which the lock was created. |
updatedAt - Time!
|
Time at which the lock was updated. |
started - Time!
|
Time at which the lock started. |
ended - Time
|
Time at which the lock ended. |
lockedBy - String!
|
User that created this lock. |
unlockedBy - String
|
User that unlocked this lock. |
Example
{
"id": "xyz789",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"started": "10:15:30Z",
"ended": "10:15:30Z",
"lockedBy": "xyz789",
"unlockedBy": "xyz789"
}
ProxyPlusConfigurationChangesLockResponse
Description
The lock status of the Proxy Configuration Service.
Fields
| Field Name | Description |
|---|---|
timestamp - Time!
|
Time at which the status last changed. |
status - ProxyPlusConfigurationChangesLockStatus!
|
Current status of the lock. |
Example
{
"timestamp": "10:15:30Z",
"status": "UNKNOWN"
}
ProxyPlusConfigurationChangesLockStatus
Description
List of possible ProxyPlusConfigurationChangesLockResponse statuses.
Values
| Enum Value | Description |
|---|---|
|
|
Should never be encountered, used in manual adjustments only. |
|
|
Locked |
|
|
Unlocked |
Example
"UNKNOWN"
ProxyPlusLoadBalanceMethod
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"ROUND_ROBIN"
ProxyPlusPackage
Description
Specifies Proxy Plus configuration for company.
Fields
| Field Name | Description |
|---|---|
companyDName - String!
|
The identifier of the owning company. |
enabled - Boolean!
|
Whether Proxy Plus is enabled for the Company. |
vipCategory - String!
|
The VIP Category for Proxy Plus. |
vipPoolAllocationLimit - UnsignedInt32!
|
The max number of VIPs that can be allocated for Proxy Plus. |
Example
{
"companyDName": "xyz789",
"enabled": false,
"vipCategory": "abc123",
"vipPoolAllocationLimit": UnsignedInt32
}
ProxyPlusPersistenceType
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"SOURCE_IP"
ProxyPlusPolicy
Description
A proxy plus policy
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of the proxy plus policy. |
company - Company!
|
The name of the company that the proxy plus policy belongs to. |
name - String!
|
The name of the proxy plus policy. |
proxies - [ProxyPlusProxy!]
|
The list of proxies associated to this proxy plus policy. |
deniedCountries - [CountryCode!]
|
The list of countries blocked for this policy. |
allowedIPs - [CIDR!]
|
The list of IPs whitelisted for this policy. |
deniedIPs - [CIDR!]
|
The list of IPs blacklisted for this policy. |
createdAt - Time!
|
The time at which the proxy plus policy was created. |
updatedAt - Time!
|
The time at which the proxy plus policy was updated. |
deletedAt - Time
|
The time at which the proxy plus policy was deleted. |
Example
{
"id": "xyz789",
"company": Company,
"name": "abc123",
"proxies": [ProxyPlusProxy],
"deniedCountries": ["AD"],
"allowedIPs": [CIDR],
"deniedIPs": [CIDR],
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"deletedAt": "10:15:30Z"
}
ProxyPlusPolicyFilterInput
Description
Filter a list of proxy plus policies.
Example
{"id": "xyz789", "includeDeleted": true}
ProxyPlusProtocol
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"HTTP"
ProxyPlusProvisioningStatus
Fields
| Field Name | Description |
|---|---|
company - Company!
|
Company the proxy plus provisioning status belongs to. |
status - ProvisioningStatus!
|
The current provisioning status. |
provisionedAt - Time
|
The time the proxy plus configuration was last successfully provisioned. |
provisioningStartedAt - Time
|
The time the most recent configuration provisioning started. |
Example
{
"company": Company,
"status": "NO_CONFIG",
"provisionedAt": "10:15:30Z",
"provisioningStartedAt": "10:15:30Z"
}
ProxyPlusProxy
Description
A proxy plus proxy.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of the proxy plus proxy. |
name - String!
|
The name of the proxy plus proxy. |
company - Company!
|
Company the proxy plus proxy belongs to. |
policy - ProxyPlusPolicy
|
The proxy plus policy associated to this proxy plus proxy. |
ip - IPAddress!
|
The IP address of the proxy plus proxy. |
ipVersion - IPVersion!
|
The IP version of the proxy plus proxy ip. |
services - [ProxyPlusService!]
|
The services being sent traffic from the proxy plus proxy. |
createdAt - Time!
|
The creation time of the proxy plus proxy. |
updatedAt - Time!
|
The most recent update time of the proxy plus proxy. |
deletedAt - Time
|
The time that the proxy plus proxy was deleted. |
status - Status!
|
Example
{
"id": "xyz789",
"name": "abc123",
"company": Company,
"policy": ProxyPlusPolicy,
"ip": IPAddress,
"ipVersion": "IPV4",
"services": [ProxyPlusService],
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"deletedAt": "10:15:30Z",
"status": "UP"
}
ProxyPlusProxyFilterInput
Description
Filter a list of proxy plus proxies.
Example
{"id": "xyz789", "includeDeleted": false}
ProxyPlusService
Description
A proxy plus service.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The ID of the proxy plus service. |
company - Company!
|
Company the proxy plus service belongs to. |
name - String!
|
The name of the proxy plus service. |
proxy - ProxyPlusProxy!
|
The proxy plus proxy that the service belongs to. |
listenerPort - Int!
|
The port that the proxy plus service listens on. |
listenerProtocol - ProxyPlusProtocol!
|
The protocol that the proxy plus service listens to. |
backends - [ProxyPlusBackend!]
|
The backends that the proxy plus service points to. |
xffHeader - String
|
The XFF Header of the proxy plus service. |
proxyProtocol - PROXYProtocol
|
PROXY Protocol version used by the proxy plus service. |
monitored - Boolean!
|
The monitoring status of the service. |
hstsEnabled - Boolean
|
HTTP Strict Transport Security (HSTS) enabled for the proxy plus service. |
hstsMaxAge - Int
|
HTTP Strict Transport Security (HSTS) max age for the proxy plus service. |
hstsPreload - Boolean
|
HTTP Strict Transport Security (HSTS) preload for the proxy plus service. |
hstsIncludeSubdomains - Boolean
|
HTTP Strict Transport Security (HSTS) include subdomains for the proxy plus service. |
sniEnabled - Boolean
|
Server Name Indication (SNI) enabled for the proxy plus service. |
sniCommonName - String
|
Server Name Indication (SNI) common name for the proxy plus service. |
sslCertificate - ProxyPlusCertificate
|
The SSL certificate associated to the proxy plus service. |
persistenceType - ProxyPlusPersistenceType!
|
The persistence type of the proxy plus service. |
loadBalanceMethod - ProxyPlusLoadBalanceMethod!
|
The load balance method of the proxy plus service. |
createdAt - Time!
|
The creation time of the proxy plus service. |
updatedAt - Time!
|
The most recent update time of the proxy plus service. |
deletedAt - Time
|
The time that the proxy plus service was deleted. |
status - Status!
|
Example
{
"id": "abc123",
"company": Company,
"name": "abc123",
"proxy": ProxyPlusProxy,
"listenerPort": 123,
"listenerProtocol": "HTTP",
"backends": [ProxyPlusBackend],
"xffHeader": "abc123",
"proxyProtocol": "DISABLED",
"monitored": false,
"hstsEnabled": true,
"hstsMaxAge": 123,
"hstsPreload": false,
"hstsIncludeSubdomains": false,
"sniEnabled": false,
"sniCommonName": "xyz789",
"sslCertificate": ProxyPlusCertificate,
"persistenceType": "SOURCE_IP",
"loadBalanceMethod": "ROUND_ROBIN",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"deletedAt": "10:15:30Z",
"status": "UP"
}
ProxyPlusServiceFilterInput
Description
Input used to filter a list of proxy plus services.
Example
{
"id": "abc123",
"name": "abc123",
"includeDeleted": true
}
ProxyProtocol
Description
Allowed list of values for the front end protocol of a proxy.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"HTTP"
ProxyProvisioningStatus
Description
Possible states of a proxy provisioning.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"IN_PROGRESS"
ProxyType
Description
Defines type of proxy virtual IP offering.
Values
| Enum Value | Description |
|---|---|
|
|
Indicates no Proxy. |
|
|
Indicates VIPs on a hardware load balancer offering. |
|
|
Indicates VIPs on a cloud load balancer offering. |
Example
"NONE"
RawJSON
Example
RawJSON
RecurringExecutiveReportConfiguration
Description
Recurring report configuration.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of recurring report configuration. |
name - String!
|
Name of recurring report configuration. |
description - String
|
Description of Report Configuration. |
reportType - ExecutiveReportType!
|
Type of report. |
includeWAF - Boolean
|
If true, includes WAF violation summary in the report. |
includeBot - Boolean
|
If true, includes Bot mitigation summary in the report. |
includeDDOS - Boolean
|
If true, includes DDOS mitigation summary in the report. |
notification - ExecutiveReportNotificationDetails
|
List of email recepients of generated reports. |
createdAt - Time
|
Timestamp the report configuration was created at. |
enabled - Boolean
|
If true, this report configuration generates reports. |
from - Time
|
Timestamp from when the first report is generated by this configuration. |
to - Time
|
Timestamp when this report configuration will expire and won't be run after. |
period - ExecutiveReportPeriod!
|
Metric summary interval of report. |
Example
{
"id": "xyz789",
"name": "xyz789",
"description": "abc123",
"reportType": "ONE_TIME",
"includeWAF": false,
"includeBot": true,
"includeDDOS": false,
"notification": ExecutiveReportNotificationDetails,
"createdAt": "10:15:30Z",
"enabled": false,
"from": "10:15:30Z",
"to": "10:15:30Z",
"period": "PRIOR_WEEKLY"
}
RecurringExecutiveReportConfigurationsWithPagination
Description
Paginated recurring report configurations.
Fields
| Field Name | Description |
|---|---|
results - [RecurringExecutiveReportConfiguration!]
|
List of recurring report configurations. |
pageInfo - Pagination!
|
Pagination settings. |
Example
{
"results": [RecurringExecutiveReportConfiguration],
"pageInfo": Pagination
}
ResponderAction
Description
Allowed values for the responder action.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"DROP"
ResponderAnalyticsResponse
Fields
| Field Name | Description |
|---|---|
logs - ResponderLogsWithPagination
|
|
groups - [ResponderLogGroup!]
|
|
timeSeriesData - [ResponderLogTimeSeries!]
|
Example
{
"logs": ResponderLogsWithPagination,
"groups": [ResponderLogGroup],
"timeSeriesData": [ResponderLogTimeSeries]
}
ResponderField
Description
Allowed values for the responder match field.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"SOURCE_IP"
ResponderLog
Description
Represents a Responder Policy log.
Fields
| Field Name | Description |
|---|---|
timestamp - LogTime
|
The timestamp of the violation log. |
version - String
|
The version. |
responderAction - String
|
The responder_action that caused this violation log. |
cookies - String
|
The cookies in the original request. |
customer - String
|
The customer account dname. |
domain - String
|
The domain the request was intended for. |
destinationIP - IPAddress
|
The destination IP the request was intended for. |
sourceIP - IPAddress
|
The source IP the request was intended for. |
host - String
|
The hostname in the request. |
method - String
|
The HTTP method used. |
destinationPort - UnsignedInt16
|
The destination port the request was intended for. |
uri - String
|
The uri in the request. |
logType - ResponderLogType
|
The responder log type |
responderName - String
|
The responder name in our DB. This will be null for log type network_control. |
policyKey - String
|
The policy key tied to this responder. |
Example
{
"timestamp": LogTime,
"version": "xyz789",
"responderAction": "xyz789",
"cookies": "abc123",
"customer": "xyz789",
"domain": "xyz789",
"destinationIP": IPAddress,
"sourceIP": IPAddress,
"host": "xyz789",
"method": "abc123",
"destinationPort": UnsignedInt16,
"uri": "xyz789",
"logType": "NETWORK_CONTROL",
"responderName": "abc123",
"policyKey": "abc123"
}
ResponderLogDimension
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"URI"
ResponderLogFilterInput
Description
Represents a Responder log filter input.
Fields
| Input Field | Description |
|---|---|
destinationIP - IPAddressInput
|
The destination IP of the request. |
sourceIP - IPAddressInput
|
The source IP of the request. |
uri - String
|
The uri which cause the violation. |
responderAction - String
|
The responder action triggering the logs. |
logType - ResponderLogType
|
The responder log type |
all - String
|
When set, the application looks in all the filters (destionationIP,sourceIP,uri,responderAction) for the input string. |
Example
{
"destinationIP": IPAddressInput,
"sourceIP": IPAddressInput,
"uri": "xyz789",
"responderAction": "xyz789",
"logType": "NETWORK_CONTROL",
"all": "xyz789"
}
ResponderLogGroup
Description
A responder log group object.
Fields
| Field Name | Description |
|---|---|
key - String!
|
The group name. |
count - UnsignedInt32!
|
The count of responder logs in this group. |
Example
{
"key": "abc123",
"count": UnsignedInt32
}
ResponderLogGroupByField
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"URI"
ResponderLogGroupByInput
Fields
| Input Field | Description |
|---|---|
field - ResponderLogGroupByField!
|
|
direction - SortDirection!
|
The order of the groups listed (ascending or descending). Default = DESCENDING |
timeInterval - TimeInterval
|
Example
{
"field": "URI",
"direction": "ASCENDING",
"timeInterval": TimeInterval
}
ResponderLogSortBy
Description
Represents a responder log sort input.
Fields
| Input Field | Description |
|---|---|
dimension - ResponderLogDimension!
|
The dimension that will be used to sort the logs. |
direction - SortDirection!
|
The order of the sort (ascending or descending). Default = DESCENDING |
Example
{"dimension": "URI", "direction": "ASCENDING"}
ResponderLogTimeSeries
Fields
| Field Name | Description |
|---|---|
key - String!
|
|
cnt - UnsignedInt64!
|
|
ts - Time!
|
Example
{
"key": "abc123",
"cnt": UnsignedInt64,
"ts": "10:15:30Z"
}
ResponderLogType
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"NETWORK_CONTROL"
ResponderLogsWithPagination
Fields
| Field Name | Description |
|---|---|
results - [ResponderLog!]
|
|
pageInfo - Pagination!
|
Example
{
"results": [ResponderLog],
"pageInfo": Pagination
}
ResponderMatch
Description
A responder match in a given responder policy.
Fields
| Field Name | Description |
|---|---|
field - ResponderField!
|
The field name for the match. |
operand - ResponderOperand!
|
The operand to be used for the match. |
value - String!
|
The value to be used for the match. |
Example
{
"field": "SOURCE_IP",
"operand": "RATE_LIMIT",
"value": "abc123"
}
ResponderMatchInput
Description
Create a responder match in a given responder policy.
Fields
| Input Field | Description |
|---|---|
field - ResponderField!
|
The field name for the match. |
operand - ResponderOperand!
|
The operand to be used for the match. |
value - String!
|
The value to be used for the match. |
Example
{
"field": "SOURCE_IP",
"operand": "RATE_LIMIT",
"value": "abc123"
}
ResponderOperand
Description
Allowed values for the responder match operand.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"RATE_LIMIT"
ResponderPolicy
Description
A responder policy for a given policy.
Fields
| Field Name | Description |
|---|---|
name - String!
|
The name of the responder policy. |
responderMatches - [ResponderMatch!]
|
List of responder matches for this responder policy. |
action - ResponderAction!
|
Action to be taken when the responder matches are found. |
response - String
|
Response to be returned when the responder matches. NA when action is LOG OR DROP. Value is a URL when the action is REDIRECT_TO, value is a text found when action is when the action is RESPOND_WITH. |
Example
{
"name": "xyz789",
"responderMatches": [ResponderMatch],
"action": "DROP",
"response": "abc123"
}
ResponderPolicyInput
Description
Create a responder policy for a given policy.
Fields
| Input Field | Description |
|---|---|
name - String!
|
The name of the responder policy. |
responderMatches - [ResponderMatchInput!]
|
List of responder matches for this responder policy. |
action - ResponderAction!
|
Action to be taken when the responder matches are found. |
response - String
|
Response to be returned when the responder matches. NA when action is LOG OR DROP. Value is a URL when the action is REDIRECT_TO, value is a text found when action is when the action is RESPOND_WITH. |
Example
{
"name": "abc123",
"responderMatches": [ResponderMatchInput],
"action": "DROP",
"response": "xyz789"
}
Router
Description
Router Configuration
Fields
| Field Name | Description |
|---|---|
id - String!
|
Router identifier. |
name - String!
|
|
flowConfig - FlowConfig
|
Flow configuration. |
snmpConfig - SNMPConfig
|
SNMP configuration. |
company - Company!
|
The company object. |
Example
{
"id": "abc123",
"name": "abc123",
"flowConfig": FlowConfig,
"snmpConfig": SNMPConfig,
"company": Company
}
RouterStatistics
Fields
| Field Name | Description |
|---|---|
router - Router
|
|
traffic - [TrafficData!]!
|
|
interfaces - [Interface!]!
|
Example
{
"router": Router,
"traffic": [TrafficData],
"interfaces": [Interface]
}
RunBook
RunningACL
Description
The Running ACL.
Example
{
"id": "xyz789",
"configuration": "abc123",
"approvedDatetimestamp": "abc123"
}
RunningACLDeploymentStatus
Description
The deployment status of a running ACL.
Fields
| Field Name | Description |
|---|---|
deploymentState - ACLDeploymentState!
|
The overall deployment status of the running ACL. |
scrubbingCenters - [RunningACLScrubbingCenterDeploymentStatus!]
|
The deployment status of the running ACL by scrubbing center. |
Example
{
"deploymentState": "COMPLETE",
"scrubbingCenters": [
RunningACLScrubbingCenterDeploymentStatus
]
}
RunningACLScrubbingCenterDeploymentStatus
Description
The deployment status of a running ACL for a specific scrubbing center.
Fields
| Field Name | Description |
|---|---|
deploymentState - ACLDeploymentState!
|
The deployment state of an ACL for the corresponding scrubbing center. |
scrubbingCenter - String!
|
The three letter descriptor of the node. |
Example
{
"deploymentState": "COMPLETE",
"scrubbingCenter": "abc123"
}
SAMLConfigStatus
Description
Status of SAML configuration.
Values
| Enum Value | Description |
|---|---|
|
|
Configuration in Progress. |
|
|
Connection to IDP failed. |
|
|
Connection to IDP Passed and the user attributes are as expected. |
|
|
Domain name for SSO is set and enabled. |
Example
"IN_PROGRESS"
SAMLInput
Description
Input needed for update.
Fields
| Input Field | Description |
|---|---|
id - String!
|
Identifier of SSO Configuration. |
Example
{"id": "abc123"}
SAMLOutput
Description
Output of Create/Update/Commit SAML Mutation.
Fields
| Field Name | Description |
|---|---|
config - SSOConfig!
|
SSO Config in DB. |
Example
{"config": SSOConfig}
SIPMalformedDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
SIPRequestLimitingDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
SNMPConfig
Description
SNMP Configuration
Fields
| Field Name | Description |
|---|---|
community - String!
|
SNMP community settings. |
ipAddress - IPAddress!
|
SNMP server IP address. |
Example
{
"community": "abc123",
"ipAddress": IPAddress
}
SQLInjectionType
Description
Allowed list of injection types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"NONE"
SSOConfig
Description
SSOConfig Definition.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID for the ssoconfig. |
createdAt - Time!
|
Time Created. |
updatedAt - Time!
|
Time Updated. |
deletedAt - Time
|
Time Deleted. |
auth0ConnectionID - String
|
Auth0 Connection ID. |
connectionName - String!
|
Internally Generated Connection Name. |
domain - [String!]
|
Domain. |
signInURL - String
|
Sign in URL. |
userIDAttributes - String
|
UserID Attributes. |
sslCertificate - String!
|
SSL Certificate. |
signatureRequest - Boolean
|
Signature Info. |
signatureAlgorithm - Algorithm
|
Signature Algorithm. |
signatureDigestAlgorithm - Algorithm
|
Signature Digest Algorithm. |
protocolBinding - Protocol
|
Protocol Binding. |
requestTemplate - String
|
Request Template (XML). |
status - SAMLConfigStatus!
|
Status. |
tenant - String!
|
Tenant. |
Example
{
"id": "xyz789",
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"deletedAt": "10:15:30Z",
"auth0ConnectionID": "abc123",
"connectionName": "abc123",
"domain": ["abc123"],
"signInURL": "xyz789",
"userIDAttributes": "xyz789",
"sslCertificate": "abc123",
"signatureRequest": true,
"signatureAlgorithm": "SHA256",
"signatureDigestAlgorithm": "SHA256",
"protocolBinding": "HTTP_REDIRECT",
"requestTemplate": "abc123",
"status": "IN_PROGRESS",
"tenant": "xyz789"
}
SSOPackage
Description
Specifies SSO configuration for company.
Example
{
"companyDName": "abc123",
"config": SSOConfig,
"idpInfo": IDPInfo,
"enabled": true
}
SemicolonFieldSeparator
Description
A Semicolon field separator countermeasure.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean
|
Whether the countermeasure is enabled. |
Example
{"enabled": false}
SendACLChangeRequestInput
Description
Send an ACL Change Request.
Example
{
"companyDName": "xyz789",
"draftACLID": "xyz789",
"candidateACLID": "abc123"
}
SendACLChangeRequestOutput
SendEmailInput
SendEmailOutput
Description
Output from Sent Email.
Fields
| Field Name | Description |
|---|---|
statusCode - String!
|
Status code for the send email. |
Example
{"statusCode": "xyz789"}
SendTestNotificationInput
Description
Send Test Notification.
Fields
| Input Field | Description |
|---|---|
company - String!
|
Company dname identifier. |
Example
{"company": "xyz789"}
SendTestNotificationOutput
Description
Output from Sent Test Notification.
Fields
| Field Name | Description |
|---|---|
statusCode - String!
|
Status code for the test notification. |
Example
{"statusCode": "abc123"}
SendUserActivationEmailInput
Description
Send user activation email.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the user to send activation email. |
Example
{"id": "abc123"}
SendUserActivationEmailOutput
SendUserPasswordResetEmailInput
Description
Send user password reset email.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the user to send password reset email. |
Example
{"id": "xyz789"}
SendUserPasswordResetEmailOutput
SessionlessFieldConsistency
Description
Allowed values for SessionlessFieldConsistency. To use Sessionless Field Consistency on all web forms use ON. To use it only for forms submitted with the HTTP POST method, select POST_ONLY.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"ON"
Severity
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"HIGH"
ShapingDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
SignatureMatchFormat
Description
Allowed values for a custom signature match format.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"LITERAL"
SignatureRequestArea
Description
Allowed values for a custom signature request area.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"HTTP_URL"
SignatureRequestRule
Description
A WAF custom signature request rule.
Fields
| Field Name | Description |
|---|---|
area - SignatureRequestArea!
|
Area where this rule would apply. |
cookieRule - CookieSignatureRule
|
A cookie rule, if exists. For a given request rule, only one of cookie, header or form field can exist. |
headerRule - HeaderSignatureRule
|
A header rule , if exists. For a given request rule, only one of cookie, header or form field can exist. |
formFieldSignatureRule - FormFieldSignatureRule
|
A form field rule, if exists. For a given request rule, only one of cookie, header or form field can exist. |
matchFormat - SignatureMatchFormat!
|
A format for matching from allowed list of formats. |
match - String!
|
A match string. |
Example
{
"area": "HTTP_URL",
"cookieRule": CookieSignatureRule,
"headerRule": HeaderSignatureRule,
"formFieldSignatureRule": FormFieldSignatureRule,
"matchFormat": "LITERAL",
"match": "abc123"
}
SignatureRequestRuleInput
Description
Create a WAF custom signature request rule.
Fields
| Input Field | Description |
|---|---|
area - SignatureRequestArea!
|
Area where this rule would apply. |
cookieRule - CookieSignatureRuleInput
|
A cookie rule, if exists. For a given request rule, only one of cookie, header or form field can exist. |
headerRule - HeaderSignatureRuleInput
|
A header rule , if exists. For a given request rule, only one of cookie, header or form field can exist. |
formFieldSignatureRule - FormFieldSignatureRuleInput
|
A form field rule, if exists. For a given request rule, only one of cookie, header or form field can exist. |
matchFormat - SignatureMatchFormat!
|
A format for matching from allowed list of formats. |
match - String!
|
A match string. |
Example
{
"area": "HTTP_URL",
"cookieRule": CookieSignatureRuleInput,
"headerRule": HeaderSignatureRuleInput,
"formFieldSignatureRule": FormFieldSignatureRuleInput,
"matchFormat": "LITERAL",
"match": "abc123"
}
SignatureResponseArea
Description
Allowed values for a custom signature response area.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"HTTP_RESPONSE_HEADER"
SignatureResponseRule
Description
A WAF custom signature response rule.
Fields
| Field Name | Description |
|---|---|
area - SignatureResponseArea!
|
Area where this rule would apply. |
matchFormat - SignatureMatchFormat!
|
A format for matching from allowed list of formats. |
match - String!
|
A match string. |
Example
{
"area": "HTTP_RESPONSE_HEADER",
"matchFormat": "LITERAL",
"match": "abc123"
}
SignatureResponseRuleInput
Description
Create a WAF custom signature response rule.
Fields
| Input Field | Description |
|---|---|
area - SignatureResponseArea!
|
Area where this rule would apply. |
matchFormat - SignatureMatchFormat!
|
A format for matching from allowed list of formats. |
match - String!
|
A match string. |
Example
{
"area": "HTTP_RESPONSE_HEADER",
"matchFormat": "LITERAL",
"match": "abc123"
}
SignatureRuleFormat
Description
Allowed values for a custom signature rule format.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"ANY"
SiteTrafficData
Fields
| Field Name | Description |
|---|---|
name - String!
|
The name of the site. |
traffic - [TrafficData!]
|
Summary traffic data for the site. |
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
The timeseries traffic data for the site. |
Example
{
"name": "xyz789",
"traffic": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
SlackConfiguration
SlackConfigurationInput
SortDirection
Description
Allowed sort direction values.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"ASCENDING"
Status
Description
State possible status of an entity.
Values
| Enum Value | Description |
|---|---|
|
|
The entity is operational. |
|
|
The entity is down or non-operational. |
|
|
The entity state is not available. |
|
|
The entity is experiencing degraded performance. |
|
|
The entity is in a pending state. |
|
|
The entity is unmonitored. |
Example
"UP"
StatusByKey
StatusData
Fields
| Field Name | Description |
|---|---|
groupedBy - StatusDimension!
|
How the results are aggregated. |
values - [StatusValue!]
|
The results aggregated by the 'groupedBy' values. |
Example
{"groupedBy": "INTERFACE_PATH", "values": [StatusByKey]}
StatusDimension
Description
Different entities to group status by.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"INTERFACE_PATH"
StatusGroupBy
Description
Used to group different entities status.
Fields
| Input Field | Description |
|---|---|
dimension - StatusDimension!
|
Example
{"dimension": "INTERFACE_PATH"}
StatusOutput
Description
The status' of a company's entities.
Fields
| Field Name | Description |
|---|---|
company - Company!
|
The company object. |
data - StatusData!
|
The returned data for a company's entity's status. |
Example
{
"company": Company,
"data": StatusData
}
StatusValue
Description
Various types of grouped field/metric values.
Types
| Union Types |
|---|
Example
StatusByKey
String
Description
The String scalar type represents textual data, represented as UTF-8 character sequences. The String type is most often used by GraphQL to represent free-form human-readable text.
Example
"xyz789"
TCPConnectionLimitingDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
blacklist - Boolean!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
idleTimeout - Int!
|
|
ignoreIdle - Boolean!
|
|
maxConnections - Int!
|
Example
{
"name": "abc123",
"blacklist": true,
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"idleTimeout": 987,
"ignoreIdle": true,
"maxConnections": 123
}
TCPConnectionResetDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
TCPSYNAuthDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
TLSCipher
Description
Allowed list of TLS cipher suites.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"TLS1_AES_128_CBC_SHA"
TLSNegotiationDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
maxEarlyClose - Int!
|
|
clientCanAlert - Boolean!
|
|
maxPendSecs - Int!
|
|
maxCipherSuites - Int!
|
|
maxExtensions - Int!
|
|
minPendSecs - Int!
|
Example
{
"name": "xyz789",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"maxEarlyClose": 123,
"clientCanAlert": false,
"maxPendSecs": 123,
"maxCipherSuites": 987,
"maxExtensions": 987,
"minPendSecs": 987
}
TLSOptions
Description
These are TLS settings for a virtual server that is using TLS/SSL.
Fields
| Field Name | Description |
|---|---|
minTLSVersion - MinTLSVersion!
|
Minimum TLS versions to support. TLS 1.3 is support only for front end. |
forceBackendSNI - Boolean!
|
Forces back-end SNI support between the proxy and the origin, sending the specified common name to initiate SNI to the back end. |
commonName - String
|
Common name to be sent with request to back-end origin(s). |
hstsEnabled - Boolean!
|
Flag indicating whether or not to follow HTTP Strict Transport Security. |
hstsMaxAge - UnsignedInt32!
|
MaxAge parameter for HSTS in seconds. |
hstsPreload - Boolean!
|
Flag indicating whether to include preload parameter in HSTS. |
hstsIncludeSubdomains - Boolean!
|
Flag indicating whether to include subdomains parameter in HSTS. |
cipherSelection - CipherSelectionMode!
|
Cipher Selection options viz. DEFAULT or CUSTOM. |
ciphers - [TLSCipher!]
|
List of TLS ciphers. |
Example
{
"minTLSVersion": "V_1_0",
"forceBackendSNI": false,
"commonName": "xyz789",
"hstsEnabled": false,
"hstsMaxAge": UnsignedInt32,
"hstsPreload": true,
"hstsIncludeSubdomains": true,
"cipherSelection": "DEFAULT",
"ciphers": ["TLS1_AES_128_CBC_SHA"]
}
TLSOptionsInput
Description
Define TLS options for a virtual server.
Fields
| Input Field | Description |
|---|---|
minTLSVersion - MinTLSVersion!
|
Minimum TLS versions to support. |
forceBackendSNI - Boolean!
|
Forces back-end SNI support between the proxy and the origin, sending the specified common name to initiate SNI to the back end. Default = false |
commonName - String!
|
Common name to be sent with request to back end origin(s). |
hstsEnabled - Boolean!
|
Flag indicating to follow HTTP Strict Transport Security. Default = false |
hstsMaxAge - UnsignedInt32!
|
MaxAge parameter for HSTS in seconds. Default is 2 years. Default = 63072000 |
hstsPreload - Boolean!
|
Flag indicating whether to include preload parameter in HSTS. Default = false |
hstsIncludeSubdomains - Boolean!
|
Flag indicating whether to include subdomains parameter in HSTS. Default = false |
cipherSelection - CipherSelectionMode!
|
Cipher Selection options viz. DEFAULT or CUSTOM. Default = DEFAULT |
ciphers - [TLSCipher!]
|
List of TLS ciphers. At least one cipher should be selected for every version equal to and above the selected version. If not, default list of secure ciphers will be applied. |
Example
{
"minTLSVersion": "V_1_0",
"forceBackendSNI": false,
"commonName": "abc123",
"hstsEnabled": true,
"hstsMaxAge": UnsignedInt32,
"hstsPreload": true,
"hstsIncludeSubdomains": false,
"cipherSelection": "DEFAULT",
"ciphers": ["TLS1_AES_128_CBC_SHA"]
}
ThresholdInput
Description
Create a WAF Application Security (AppSec) Threshold.
Fields
| Input Field | Description |
|---|---|
count - UnsignedInt32!
|
Minimum number of violations for generating alerts.(allowed value range: 1-1000). |
bucketDurationSeconds - UnsignedInt32!
|
Time period within which the minimum number of violations need to occur in order to generate alerts. (allowed values : 60). Default = 60 |
Example
{
"count": UnsignedInt32,
"bucketDurationSeconds": UnsignedInt32
}
Time
Description
A generic UTC timestamp
Example
"10:15:30Z"
TimeInterval
Description
A time interval.
Fields
| Input Field | Description |
|---|---|
interval - UnsignedInt16!
|
The interval value. |
unit - TimeUnit!
|
The time units of the interval value. |
Example
{"interval": UnsignedInt16, "unit": "MINUTE"}
TimeUnit
Description
Allowed values for time unit.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"MINUTE"
TrafficByKey
Description
Values grouped by a non-timestammp key, with optional sub-grouping.
Fields
| Field Name | Description |
|---|---|
k - String!
|
The key associated with the value. |
v - Float
|
The value for the given key. Null returned for NaN and Infinity. |
vs - [TrafficValue!]
|
The values for the given key, broken down by sub-grouping, if any. |
Example
{
"k": "abc123",
"v": 987.65,
"vs": [TrafficByTime]
}
TrafficByTime
Description
Values grouped by a timestamp, with optional sub-grouping.
Fields
| Field Name | Description |
|---|---|
ts - Time!
|
The time associated with the value. |
v - Float
|
The value at the given time. Null returned for NaN and Infinity. |
vs - [TrafficValue!]
|
The values at the given time, broken down by sub-grouping, if any. |
Example
{
"ts": "10:15:30Z",
"v": 123.45,
"vs": [TrafficByTime]
}
TrafficData
Fields
| Field Name | Description |
|---|---|
id - ID!
|
A unique identifier per query or subscription. |
field - TrafficField!
|
The data type queried. |
metric - TrafficMetric!
|
The metric queried. |
groupedBy - [TrafficDimension!]
|
How the results are aggregated. |
value - Float
|
If no groupedBy is present, or the top-level groupedBy has includeRollup: true, this will be the overall value. Null returned for NaN and Infinity. |
values - [TrafficValue!]
|
The grouped field and metric values, if groupedBy is present. |
from - Time
|
The start time (inclusive) of the data fetched. |
to - Time
|
The end time (exclusive) of the data fetched. |
trafficType - TrafficType
|
The source of traffic. |
Example
{
"id": 4,
"field": "IN_BITS",
"metric": "AVERAGE",
"groupedBy": ["MINUTE"],
"value": 123.45,
"values": [TrafficByTime],
"from": "10:15:30Z",
"to": "10:15:30Z",
"trafficType": "ALL"
}
TrafficDimension
Description
Dimensions that results may be grouped by
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"MINUTE"
TrafficField
Description
Field values that can be included in TrafficData
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"IN_BITS"
TrafficFilterInput
Description
TrafficFilterInput is used to filter results.
Fields
| Input Field | Description |
|---|---|
trafficTypes - [TrafficType!]
|
Traffic type: PROXY, BGP, or ALL. Default = [ALL] |
Example
{"trafficTypes": ["ALL"]}
TrafficGroupBy
Description
TrafficGroupBy used to group mitigated traffic data.
Fields
| Input Field | Description |
|---|---|
dimension - TrafficDimension!
|
The specific dimension used to group the mitigated traffic data. |
Example
{"dimension": "MINUTE"}
TrafficMetric
Description
Metrics that can be reported for fields.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"AVERAGE"
TrafficOutput
Fields
| Field Name | Description |
|---|---|
company - Company!
|
The company object. |
data - TrafficData
|
List of clean traffic data. |
Example
{
"company": Company,
"data": TrafficData
}
TrafficRateUnit
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"BPS"
TrafficType
Description
Allowed TrafficType values.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"ALL"
TrafficValue
Description
Various types of grouped field/metric values.
Types
| Union Types |
|---|
Example
TrafficByTime
TrustedSource
TrustedSourceInput
Description
A trusted IP source.
Example
{
"enabled": false,
"cidr": CIDR,
"description": "abc123"
}
TrustedSourcesWithPagination
Description
A paginated list of trusted IP sources. Traffic at these sources are used by the learning feature to generate recommendations.
Fields
| Field Name | Description |
|---|---|
results - [TrustedSource!]
|
The trusted sources. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [TrustedSource],
"pageInfo": Pagination
}
Tunnel
Description
Network tunnel to send clean traffic through.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The unique identifier to distinguish tunnels. This identifier is same as the qualified device interface path. |
description - String!
|
Brief description generated by the system. |
customerDescription - String
|
Human-readable description. |
networkNodes - [NetworkNode!]
|
Physical interconnect points. |
devices - [String!]
|
Internal descriptors for network devices implementing the tunnel. |
type - TunnelType!
|
Tunnel type. |
interfacePath - String
|
Qualified Device Interface Path. |
destinationIPs - [CIDR!]
|
Destination IPs sent through this tunnel. |
tunnelSource - String
|
Tunnel source description. |
tunnelDestination - String
|
Tunnel destination description. |
addressV4 - [IPv4Address!]
|
IPv4 address of the tunnel, network-side. |
addressV6 - [IPv6Address!]
|
IPv6 address of the tunnel, network-side. |
customerAddressV4 - [IPv4Address!]
|
IPv4 address of the tunnel, customer-side. |
customerAddressV6 - [IPv6Address!]
|
IPv6 address of the tunnel, customer-side. |
Example
{
"id": "abc123",
"description": "xyz789",
"customerDescription": "abc123",
"networkNodes": [NetworkNode],
"devices": ["xyz789"],
"type": "GRE",
"interfacePath": "abc123",
"destinationIPs": [CIDR],
"tunnelSource": "abc123",
"tunnelDestination": "abc123",
"addressV4": [IPv4Address],
"addressV6": [IPv6Address],
"customerAddressV4": [IPv4Address],
"customerAddressV6": [IPv6Address]
}
TunnelType
Description
Tunnel type.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"GRE"
UDPReflectionAmpDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "xyz789",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
UDPSessionAuthDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
Example
{
"name": "abc123",
"id": "abc123",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries]
}
UnsignedInt16
Description
Unsigned int 16 type
Example
UnsignedInt16
UnsignedInt32
Description
Unsigned int 32 type
Example
UnsignedInt32
UnsignedInt64
Description
Unsigned int 64 type
Example
UnsignedInt64
UpdateAllUserNotificationRecordsInput
Description
Update all user notification records.
Fields
| Input Field | Description |
|---|---|
userID - String
|
User ID to mark all notification records read. |
Example
{"userID": "xyz789"}
UpdateAllUserNotificationRecordsOutput
Description
Output from updating all user notification records.
Fields
| Field Name | Description |
|---|---|
userID - String!
|
Example
{"userID": "abc123"}
UpdateBotBlackListInput
Description
Modify a black list countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the black list countermeasure is enabled. |
types - [BotBlackListBindingInput!]
|
List of black list bindings. |
Example
{"enabled": true, "types": [BotBlackListBindingInput]}
UpdateBotCAPTCHAInput
Description
Modify a CAPTCHA countermeasure.
Fields
| Input Field | Description |
|---|---|
resources - [BotCAPTCHABindingInput!]
|
List of CAPTCHA bindings. |
Example
{"resources": [BotCAPTCHABindingInput]}
UpdateBotDeviceFingerprintInput
Description
Modify a device fingerprint countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the device fingerprint countermeasure is enabled. |
response - BotResponse
|
Response to be taken. |
action - BotDeviceFingerprintAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
Example
{"enabled": false, "response": "NONE", "action": "DROP"}
UpdateBotIPReputationInput
Description
Modify an IP reputation countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the IP reputation countermeasure is enabled. |
categories - [BotIPReputationBindingInput!]
|
List of IP reputation bindings. |
Example
{
"enabled": true,
"categories": [BotIPReputationBindingInput]
}
UpdateBotProfileInput
Description
Modify a bot profile.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the bot profile is enabled. |
blackList - UpdateBotBlackListInput
|
The black list countermeasure settings. |
whiteList - UpdateBotWhiteListInput
|
The white list countermeasure settings. |
ipReputation - UpdateBotIPReputationInput
|
The IP reputation countermeasure settings. |
rateLimit - UpdateBotRateLimitInput
|
The rate limit countermeasure settings. |
deviceFingerprint - UpdateBotDeviceFingerprintInput
|
The device fingerprint countermeasure settings. |
botTrap - UpdateBotTrapInput
|
The bot trap countermeasure settings. |
tps - UpdateBotTPSInput
|
The TPS countermeasure settings. |
captcha - UpdateBotCAPTCHAInput
|
The CAPTCHA countermeasure settings. |
signatures - UpdateBotSignaturesInput
|
The bot signatures settings. |
Example
{
"enabled": true,
"blackList": UpdateBotBlackListInput,
"whiteList": UpdateBotWhiteListInput,
"ipReputation": UpdateBotIPReputationInput,
"rateLimit": UpdateBotRateLimitInput,
"deviceFingerprint": UpdateBotDeviceFingerprintInput,
"botTrap": UpdateBotTrapInput,
"tps": UpdateBotTPSInput,
"captcha": UpdateBotCAPTCHAInput,
"signatures": UpdateBotSignaturesInput
}
UpdateBotRateLimitInput
Description
Modify a rate limit countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the rate limit countermeasure is enabled. |
resources - [BotRateLimitBindingInput!]
|
List of rate limit bindings. |
Example
{"enabled": true, "resources": [BotRateLimitBindingInput]}
UpdateBotSignaturesInput
Description
Modify bot signatures.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether bot signatures are enabled. |
configuredBaseSignatures - [ConfiguredBaseBotSignatureInput!]
|
List of bot signatures. |
Example
{
"enabled": true,
"configuredBaseSignatures": [
ConfiguredBaseBotSignatureInput
]
}
UpdateBotTPSInput
Description
Modify a TPS countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the TPS countermeasure is enabled. |
resources - [BotTPSBindingInput!]
|
List of TPS bindings. |
Example
{"enabled": true, "resources": [BotTPSBindingInput]}
UpdateBotTrapInput
Description
Modify a bot trap countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the bot trap countermeasure is enabled. |
response - BotResponse
|
Response to be taken. |
action - BotTrapAction
|
Action to be taken. Can only be set if response is ACTION_AND_LOG. |
insertionURLs - [BotTrapBindingInput!]
|
List of bot trap bindings. |
Example
{
"enabled": false,
"response": "NONE",
"action": "DROP",
"insertionURLs": [BotTrapBindingInput]
}
UpdateBotWhiteListInput
Description
Modify a white list countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the white list countermeasure is enabled. |
types - [BotWhiteListBindingInput!]
|
List of white list bindings. |
Example
{"enabled": false, "types": [BotWhiteListBindingInput]}
UpdateBufferOverflowInput
Description
Modify a buffer overflow countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
maxURLLength - UnsignedInt16
|
Maximum URL length (in characters) of the protected web sites. Requests with longer URLs will be blocked. |
maxHeaderLength - UnsignedInt16
|
Maximum HTTP header length (in characters) in requests to the protected web sites. Requests with longer headers will be blocked. |
maxCookieLength - UnsignedInt16
|
Maximum cookie length (in character) in requests to the protected web sites. Requests with longer cookie lengths will be blocked. |
threshold - ThresholdInput
|
Appsec Threshold configuration for buffer overflow violations. |
Example
{
"action": "NONE",
"maxURLLength": UnsignedInt16,
"maxHeaderLength": UnsignedInt16,
"maxCookieLength": UnsignedInt16,
"threshold": ThresholdInput
}
UpdateCSRFSettingsInput
Description
Modify a cross-site request forgery countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
learn - Boolean
|
A flag to enable or disable learning. |
relaxationRules - [CSRFRelaxationRuleInput!]
|
A list of CSRF relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for CSRF violations. |
Example
{
"action": "NONE",
"learn": false,
"relaxationRules": [CSRFRelaxationRuleInput],
"threshold": ThresholdInput
}
UpdateCommandInjectionInput
Description
Modify a command injection countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
commandInjectionType - CommandInjectionType!
|
A command injection type. |
relaxationRules - [CommandInjectionRelaxationRuleInput!]
|
A list of command injection relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for command injection violations. |
Example
{
"action": "NONE",
"commandInjectionType": "COMMAND_KEYWORD",
"relaxationRules": [
CommandInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
UpdateCompanyNotificationConfigurationInput
Description
Update a Company notification configuration.
Fields
| Input Field | Description |
|---|---|
id - String
|
ID of the company notification configuration to be updated. |
company - String
|
Company dname identifier. |
enabled - Boolean
|
Enable or disable the company notification configuration. If empty it defaults to true. |
categories - [CategoryConfigurationInput!]
|
The list of global category notification configurations. |
channel - ChannelConfigurationInput
|
Global notification channel configurations. |
Example
{
"id": "xyz789",
"company": "abc123",
"enabled": true,
"categories": [CategoryConfigurationInput],
"channel": ChannelConfigurationInput
}
UpdateCompanyNotificationConfigurationOutput
Description
Output from updating a Company notification configuration.
Fields
| Field Name | Description |
|---|---|
configuration - CompanyNotificationConfiguration!
|
Example
{"configuration": CompanyNotificationConfiguration}
UpdateContentTypeInput
Description
Modify a content type countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
learn - Boolean
|
A flag to enable or disable learning. |
relaxationRules - [ContentTypeRelaxationRuleInput!]
|
A list of content type relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for content type violations. |
Example
{
"action": "NONE",
"learn": false,
"relaxationRules": [ContentTypeRelaxationRuleInput],
"threshold": ThresholdInput
}
UpdateCookieConsistencyInput
Description
Modify a cookie consistency countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
learn - Boolean
|
A flag to enable or disable learning. |
relaxationRules - [CookieConsistencyRelaxationRuleInput!]
|
A list of relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for cookie consistency violations. |
Example
{
"action": "NONE",
"learn": true,
"relaxationRules": [
CookieConsistencyRelaxationRuleInput
],
"threshold": ThresholdInput
}
UpdateDenyURLInput
Description
Modify a deny URL countermeasures configuration.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
regexRules - [DenyURLRuleInput!]
|
A list of deny URL regex rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for deny URL violations. |
Example
{
"action": "NONE",
"regexRules": [DenyURLRuleInput],
"threshold": ThresholdInput
}
UpdateFieldFormatInput
Description
Modify a field format countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
learn - Boolean
|
A flag to enable or disable learning. |
type - FieldFormatType
|
Allowed types for this field. |
minLength - UnsignedInt16
|
Minimum length of the field (in characters, allowed range 0-65535). Please note that distinguishing an integer from an alpha character requires at least one character. |
maxLength - UnsignedInt16
|
Maximum length of the field (in characters, allowed range 0-65535). Please note that distinguishing an integer from an alpha character requires at least one character. |
enforcementRules - [FieldFormatEnforcementRuleInput!]
|
A list of enforcement rules. These are tightening rules, in order to relax some rules you need to remove them from this list. |
threshold - ThresholdInput
|
Appsec Threshold configuration for field format violations. |
Example
{
"action": "NONE",
"learn": true,
"type": "ANY",
"minLength": UnsignedInt16,
"maxLength": UnsignedInt16,
"enforcementRules": [FieldFormatEnforcementRuleInput],
"threshold": ThresholdInput
}
UpdateFormFieldConsistencyInput
Description
Modify a form field consistency countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
learn - Boolean
|
A flag to enable or disable learning. |
sessionlessFieldConsistency - SessionlessFieldConsistency
|
When turned on, it checks only the web form structure. |
fieldConsistencyExemptions - [FormFieldConsistencyRuleInput!]
|
A list of exemption rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for form field consistency violations. |
Example
{
"action": "NONE",
"learn": false,
"sessionlessFieldConsistency": "ON",
"fieldConsistencyExemptions": [
FormFieldConsistencyRuleInput
],
"threshold": ThresholdInput
}
UpdateHTMLSQLInjectionInput
Description
Modify an HTML SQL injection countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
learn - Boolean
|
A flag to enable or disable learning. |
checkSQLWildChars - Boolean
|
Whether to check for form fields that contain SQL wild chars. |
sqlInjectionType - SQLInjectionType
|
A SQL injection type. |
exemptCommentsWith - CommentExemption
|
Exempts all comments of the given type. |
sqliGrammar - Boolean
|
Enable SQL Injection grammar |
relaxationRules - [HTMLSQLInjectionRelaxationRuleInput!]
|
A list of XML SQL injection relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for HTML SQL injection violations. |
Example
{
"action": "NONE",
"learn": false,
"checkSQLWildChars": true,
"sqlInjectionType": "NONE",
"exemptCommentsWith": "CHECK_ALL",
"sqliGrammar": false,
"relaxationRules": [
HTMLSQLInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
UpdateHTMLXSSInput
Description
Modify an HTML cross-site scripting countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
learn - Boolean
|
A flag to enable or disable learning. |
checkCompleteURLs - Boolean
|
A flag to enforce checks for complete URLs for cross-site scripts, instead of just the query portions of URLs. |
relaxationRules - [HTMLXSSRelaxationRuleInput!]
|
A list of HTML cross-site scripting relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for HTML cross-site scripting violations. |
Example
{
"action": "NONE",
"learn": true,
"checkCompleteURLs": false,
"relaxationRules": [HTMLXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
UpdateHTTPRFCProfileInput
Description
Modify an HTTP RFC Profile countermeasure.
Fields
| Input Field | Description |
|---|---|
action - HTTPRFCProfileAction
|
Action to be taken when there is a non compliant request. |
threshold - ThresholdInput
|
Appsec Threshold configuration for HTTP RFC violations. |
Example
{"action": "BLOCK", "threshold": ThresholdInput}
UpdateJSONCommandInjectionSettingsInput
Description
Modufy a JSON command injection Settings Input.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
commandInjectionType - CommandInjectionType
|
A Command injection type. |
relaxationRules - [JSONCommandInjectionRelaxationRuleInput!]
|
A list of command injection rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for json command injection violations. |
Example
{
"action": "NONE",
"commandInjectionType": "COMMAND_KEYWORD",
"relaxationRules": [
JSONCommandInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
UpdateJSONCrossSiteScriptingSettingsInput
Description
Modify a JSON cross-site scripting settings input to protect applications from XSS Attacks through JSON requests
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
relaxationRules - [JSONXSSRelaxationRuleInput!]
|
A list of JSON XSS rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for JSON XSS violations. |
Example
{
"action": "NONE",
"relaxationRules": [JSONXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
UpdateJSONDenialOfServiceSettingsInput
Description
Modify a JSON Denial of Service Settings input to protect applications from Denial of Service Attacks through JSON requests
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
enforcementRule - JSONDoSEnforcementRuleInput
|
A paginated list of enforcement rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for JSON DOS violations. |
Example
{
"action": "NONE",
"enforcementRule": JSONDoSEnforcementRuleInput,
"threshold": ThresholdInput
}
UpdateJSONSQLInjectionSettingsInput
Description
Modify a JSON SQL Injection Settings input to protect applications from SQL Injection attacks through JSON requests
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
sqlInjectionType - SQLInjectionType
|
A SQL injection type. |
sqliGrammar - Boolean
|
Enable SQL Injection grammar |
relaxationRules - [JSONSQLInjectionRelaxationRuleInput!]
|
A paginated list of SQL Injection rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for JSON SQL injection violations. |
Example
{
"action": "NONE",
"sqlInjectionType": "NONE",
"sqliGrammar": false,
"relaxationRules": [
JSONSQLInjectionRelaxationRuleInput
],
"threshold": ThresholdInput
}
UpdateJSONSettingsInput
Description
Modify a JSON Security Settings input to protect JSON Applications
Fields
| Input Field | Description |
|---|---|
jsonSQLInjectionSettings - UpdateJSONSQLInjectionSettingsInput
|
JSON SQL Injection Settings. |
jsonDenialOfServiceSettings - UpdateJSONDenialOfServiceSettingsInput
|
JSON Denial Of Service Settings. |
jsonCrossSiteScriptingSettings - UpdateJSONCrossSiteScriptingSettingsInput
|
JSON Cross Site Scripting Settings. |
jsonCommandInjectionSettings - UpdateJSONCommandInjectionSettingsInput
|
JSON Command Injection Settings. |
Example
{
"jsonSQLInjectionSettings": UpdateJSONSQLInjectionSettingsInput,
"jsonDenialOfServiceSettings": UpdateJSONDenialOfServiceSettingsInput,
"jsonCrossSiteScriptingSettings": UpdateJSONCrossSiteScriptingSettingsInput,
"jsonCommandInjectionSettings": UpdateJSONCommandInjectionSettingsInput
}
UpdateNetworkControlsInput
Description
Modify network controls.
Fields
| Input Field | Description |
|---|---|
blockedCountries - [CountryCode!]
|
A list of blocked countries. |
ipFilterList - [IPFilterInput!]
|
A list of ip filters. |
Example
{
"blockedCountries": ["AD"],
"ipFilterList": [IPFilterInput]
}
UpdateNotificationRecordInput
UpdateNotificationRecordOutput
Description
Output from updating notification records.
Fields
| Field Name | Description |
|---|---|
records - [NotificationRecord!]
|
Example
{"records": [NotificationRecord]}
UpdatePOSTBodyInput
Description
Modify a POST BODY limit countermeasure.
Fields
| Input Field | Description |
|---|---|
limit - UnsignedInt32
|
A post body size limit value. |
threshold - ThresholdInput
|
Appsec Threshold configuration for post body limit violations. |
Example
{
"limit": UnsignedInt32,
"threshold": ThresholdInput
}
UpdatePolicyInput
Description
Modify a policy.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the policy to be updated. |
name - String
|
The name of the policy. |
wafProfile - UpdateWAFProfileInput
|
The WAF profile associated to this policy. |
networkControls - UpdateNetworkControlsInput
|
The network controls associated to this policy. |
responderPolicies - [ResponderPolicyInput!]
|
The responder polices associated to this policy. |
appSecThresholds - [AppSecThresholdInput!]
|
The appsec thresholds associated to this policy. |
trustedSources - [TrustedSourceInput!]
|
The trusted IP sources associated to this policy. Traffic at these sources are used by the learning feature to generate recommendations. |
botProfile - UpdateBotProfileInput
|
The bot profile associated to this policy. |
Example
{
"id": "abc123",
"name": "abc123",
"wafProfile": UpdateWAFProfileInput,
"networkControls": UpdateNetworkControlsInput,
"responderPolicies": [ResponderPolicyInput],
"appSecThresholds": [AppSecThresholdInput],
"trustedSources": [TrustedSourceInput],
"botProfile": UpdateBotProfileInput
}
UpdatePolicyOutput
Description
Returned when updating a policy.
Fields
| Field Name | Description |
|---|---|
policy - Policy!
|
The updated policy. |
Example
{"policy": Policy}
UpdateProxyInput
Description
Modify a proxy.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the proxy to be updated. |
name - String
|
Company the proxy configuration belongs to. |
vServers - [VServerInput!]
|
The back-end origin servers, ports and protocols that bind it to the front-end port. |
policyIDs - [String!]
|
A list of policies associated with this proxy. |
Example
{
"id": "xyz789",
"name": "xyz789",
"vServers": [VServerInput],
"policyIDs": ["xyz789"]
}
UpdateProxyOutput
Description
Output from updating a proxy.
Fields
| Field Name | Description |
|---|---|
proxy - Proxy!
|
The updated proxy. |
Example
{"proxy": Proxy}
UpdateProxyPlusAllowedIPsInput
Description
Update IP Whitelist.
Fields
| Input Field | Description |
|---|---|
cidrs - [CIDR!]
|
Example
{"cidrs": [CIDR]}
UpdateProxyPlusBackendInput
UpdateProxyPlusBackendsInput
Description
Input to update a list of backends.
Fields
| Input Field | Description |
|---|---|
resources - [UpdateProxyPlusBackendInput!]
|
The backends of the proxy plus service. |
Example
{"resources": [UpdateProxyPlusBackendInput]}
UpdateProxyPlusDeniedCountriesInput
Description
Update denied countries.
Fields
| Input Field | Description |
|---|---|
countryCodes - [CountryCode!]
|
A list of denied countries. |
Example
{"countryCodes": ["AD"]}
UpdateProxyPlusDeniedIPsInput
Description
Create IP Blacklist.
Fields
| Input Field | Description |
|---|---|
cidrs - [CIDR!]
|
Example
{"cidrs": [CIDR]}
UpdateProxyPlusPolicyInput
Description
Update a proxy plus policy.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the proxy plus policy to be updated. |
name - String
|
The name of the proxy plus policy. |
companyDName - String
|
The identifier of the owning company. |
deniedCountries - UpdateProxyPlusDeniedCountriesInput
|
The denied countries associated to this proxy plus policy. |
allowedIPs - UpdateProxyPlusAllowedIPsInput
|
The IP whitelist associated to this proxy plus policy. |
deniedIPs - UpdateProxyPlusDeniedIPsInput
|
The IP blacklist associated to this proxy plus policy. |
proxies - UpdateProxyPlusPolicyProxyLinkInput
|
The proxy plus proxies associated to this proxy plus policy. |
Example
{
"id": "abc123",
"name": "xyz789",
"companyDName": "abc123",
"deniedCountries": UpdateProxyPlusDeniedCountriesInput,
"allowedIPs": UpdateProxyPlusAllowedIPsInput,
"deniedIPs": UpdateProxyPlusDeniedIPsInput,
"proxies": UpdateProxyPlusPolicyProxyLinkInput
}
UpdateProxyPlusPolicyOutput
Description
An updated proxy plus policy response.
Fields
| Field Name | Description |
|---|---|
policy - ProxyPlusPolicy!
|
The proxy plus policy that was updated. |
Example
{"policy": ProxyPlusPolicy}
UpdateProxyPlusPolicyProxyLinkInput
Description
Link proxy plus proxies to a policy, when updating said policy.
Fields
| Input Field | Description |
|---|---|
proxyIDs - [String]!
|
The IDs of proxy plus proxies associated with a specific Policy. |
Example
{"proxyIDs": ["xyz789"]}
UpdateProxyPlusProxyInput
Description
Input used to update Proxy Plus Proxy.
Example
{
"id": "abc123",
"companyDName": "xyz789",
"name": "abc123",
"policyID": "xyz789"
}
UpdateProxyPlusProxyOutput
Description
Output from updating Proxy Plus Proxy.
Fields
| Field Name | Description |
|---|---|
proxy - ProxyPlusProxy!
|
The proxy plus proxy that was updated. |
Example
{"proxy": ProxyPlusProxy}
UpdateProxyPlusServiceInput
Description
The input to update a proxy plus service.
Fields
| Input Field | Description |
|---|---|
id - String!
|
The ID of the proxy plus service to be updated. |
name - String
|
The name of the proxy plus service. |
companyDName - String
|
The identifier of the owning company. |
proxyID - String
|
The ID of the proxy plus proxy that the service belongs to. |
listenerPort - Int
|
The port that the proxy plus service listens on. |
listenerProtocol - ProxyPlusProtocol
|
The protocol that the proxy plus service listens to. |
backends - UpdateProxyPlusBackendsInput
|
The backends of the proxy plus service. |
xffHeader - String
|
The XFF Header of the proxy plus service. |
proxyProtocol - PROXYProtocol
|
PROXY Protocol version used by the proxy plus service. |
monitored - Boolean
|
The monitoring status of the service. |
hstsEnabled - Boolean
|
HTTP Strict Transport Security (HSTS) enabled for the proxy plus service. |
hstsMaxAge - Int
|
HTTP Strict Transport Security (HSTS) max age for the proxy plus service. |
hstsPreload - Boolean
|
HTTP Strict Transport Security (HSTS) preload for the proxy plus serviceoxy. |
hstsIncludeSubdomains - Boolean
|
HTTP Strict Transport Security (HSTS) include subdomains for the proxy plus service. |
sniEnabled - Boolean
|
Server Name Indication (SNI) enabled for the proxy plus service. |
sniCommonName - String
|
Server Name Indication (SNI) common name for the proxy plus service. |
sslCertificateID - String
|
The SSL certificate ID associated to the proxy plus service. |
persistenceType - ProxyPlusPersistenceType
|
The persistence type of the proxy plus service. |
loadBalanceMethod - ProxyPlusLoadBalanceMethod
|
The load balance method of the proxy plus service. |
Example
{
"id": "abc123",
"name": "abc123",
"companyDName": "abc123",
"proxyID": "abc123",
"listenerPort": 123,
"listenerProtocol": "HTTP",
"backends": UpdateProxyPlusBackendsInput,
"xffHeader": "abc123",
"proxyProtocol": "DISABLED",
"monitored": false,
"hstsEnabled": false,
"hstsMaxAge": 987,
"hstsPreload": false,
"hstsIncludeSubdomains": true,
"sniEnabled": true,
"sniCommonName": "xyz789",
"sslCertificateID": "abc123",
"persistenceType": "SOURCE_IP",
"loadBalanceMethod": "ROUND_ROBIN"
}
UpdateProxyPlusServiceOutput
Description
Output from updating a proxy plus service.
Fields
| Field Name | Description |
|---|---|
service - ProxyPlusService!
|
The proxy plus service that was updated. |
Example
{"service": ProxyPlusService}
UpdateRecurringExecutiveReportConfigurationInput
Description
Input to an update of a recurring report configuration.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of recurring executive report configuration. |
dName - String!
|
The unique, primary identifier for the company. |
description - String
|
Description of Report Configuration. |
includeWAF - Boolean
|
If true, includes WAF violation summary in the report |
includeBot - Boolean
|
If true, includes Bot mitigation summary in the report |
includeDDOS - Boolean
|
If true, includes DDOS mitigation summary in the report |
notification - ExecutiveReportNotificationDetailsInput
|
List of email recepients of generated reports. |
enabled - Boolean
|
If true, this report configuration generates reports. |
from - Time
|
Timestamp when the first report is generated. |
to - Time
|
Timestamp when this report configuration will expire and won't be run after. |
period - ExecutiveReportPeriod!
|
Metric summary interval of report. |
Example
{
"id": "xyz789",
"dName": "abc123",
"description": "abc123",
"includeWAF": true,
"includeBot": false,
"includeDDOS": false,
"notification": ExecutiveReportNotificationDetailsInput,
"enabled": true,
"from": "10:15:30Z",
"to": "10:15:30Z",
"period": "PRIOR_WEEKLY"
}
UpdateRecurringExecutiveReportConfigurationOutput
Description
Output of an update of a recurring report configuration operation.
Fields
| Field Name | Description |
|---|---|
configuration - RecurringExecutiveReportConfiguration!
|
Configuration of a recurring report job. |
Example
{"configuration": RecurringExecutiveReportConfiguration}
UpdateSAMLInput
Description
Input needed for updating a SAML connection.
Fields
| Input Field | Description |
|---|---|
id - ID!
|
SSO Config identifier. |
domain - [String!]
|
List of Domain Names. |
signInURL - String
|
Login URL for redirect. |
userIDAttributes - String
|
User Attributes. |
sslCertificate - String
|
SSL Certificate of the IDP. |
signatureRequest - Boolean
|
Signature requested from IDP. |
signatureAlgorithm - Algorithm
|
Algorithm used in signature. |
signatureDigestAlgorithm - Algorithm
|
DigestAlgorithm used in signature. |
protocolBinding - Protocol
|
Protocol Binding. |
requestTemplate - String
|
Request template in XML format. |
tenant - String
|
Tenant name. |
Example
{
"id": 4,
"domain": ["xyz789"],
"signInURL": "abc123",
"userIDAttributes": "abc123",
"sslCertificate": "xyz789",
"signatureRequest": false,
"signatureAlgorithm": "SHA256",
"signatureDigestAlgorithm": "SHA256",
"protocolBinding": "HTTP_REDIRECT",
"requestTemplate": "abc123",
"tenant": "xyz789"
}
UpdateSemicolonFieldSeparatorInput
Description
Modify a Semicolon field separator countermeasure.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the countermeasure is enabled. |
Example
{"enabled": true}
UpdateUserInput
Description
Modify a user.
Fields
| Input Field | Description |
|---|---|
id - String!
|
ID of the user to be updated. |
enabled - Boolean
|
Enabled status of this user. |
firstName - String
|
First name of this user. |
lastName - String
|
Last name of this user. |
jobTitle - String
|
Job title of this user. |
phone - String
|
Phone number of this user. |
mobile - String
|
Mobile number of this user. |
roles - [UserRole!]
|
Roles of this user |
Example
{
"id": "xyz789",
"enabled": false,
"firstName": "xyz789",
"lastName": "xyz789",
"jobTitle": "abc123",
"phone": "abc123",
"mobile": "xyz789",
"roles": ["PRIMARY_ADMIN"]
}
UpdateUserNotificationConfigurationInput
Description
Update a User notification configuration.
Fields
| Input Field | Description |
|---|---|
id - String
|
ID of the user notification configuration to be updated. |
userID - String
|
The User Service ID representing the User the notification configuration is for. |
enabled - Boolean
|
Enable or disable the user notification configuration. If empty it defaults to true. |
categories - [CategoryConfigurationInput!]
|
The list of user category notification configurations. |
Example
{
"id": "xyz789",
"userID": "abc123",
"enabled": false,
"categories": [CategoryConfigurationInput]
}
UpdateUserNotificationConfigurationOutput
Description
Output from updating a User notification configuration.
Fields
| Field Name | Description |
|---|---|
configuration - UserNotificationConfiguration!
|
Example
{"configuration": UserNotificationConfiguration}
UpdateUserOutput
Description
Returned when updating a user.
Fields
| Field Name | Description |
|---|---|
user - User!
|
The updated user. |
Example
{"user": User}
UpdateWAFProfileInput
Description
Modify a WAF profile.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean
|
Whether the WAF profile is enabled. |
postBody - UpdatePOSTBodyInput
|
Limits the request payload size. |
httpRFCProfile - UpdateHTTPRFCProfileInput
|
Check requests for HTTP RFC non compliance. |
semicolonFieldSeparator - UpdateSemicolonFieldSeparatorInput
|
Allow or disallow semicolon field separator between request fields. |
denyURL - UpdateDenyURLInput
|
The deny URL countermeasure settings. |
bufferOverflow - UpdateBufferOverflowInput
|
The buffer overflow countermeasure settings. |
cookieConsistency - UpdateCookieConsistencyInput
|
The cookie consistency countermeasure settings. |
fieldFormat - UpdateFieldFormatInput
|
The field format countermeasure settings. |
fieldConsistency - UpdateFormFieldConsistencyInput
|
The form field consistency countermeasure settings. |
csrfSettings - UpdateCSRFSettingsInput
|
The CSRF countermeasure settings. |
contentType - UpdateContentTypeInput
|
The content type countermeasure settings. |
htmlSQLInjection - UpdateHTMLSQLInjectionInput
|
The HTML SQL Injection countermeasure settings. |
xmlSQLInjection - UpdateXMLSQLInjectionInput
|
The XML SQL Injection countermeasure settings. |
commandInjection - UpdateCommandInjectionInput
|
The Command Injection countermeasure settings. |
crossSiteScripting - UpdateHTMLXSSInput
|
The HTML cross-site scripting countermeasure settings. |
xmlCrossSiteScripting - UpdateXMLXSSInput
|
The XML cross-site scripting countermeasure settings. |
jsonSettings - UpdateJSONSettingsInput
|
The JSON related countermeasure settings. |
wsiSettings - UpdateWSISettingsInput
|
The web service interoperability countermeasure settings. |
xmlFormat - UpdateXMLFormatInput
|
The XML format countermeasure settings. |
xmlSOAPFault - UpdateXMLSOAPFaultInput
|
The XML SOAP fault countermeasure settings. |
signatures - UpdateWAFSignaturesInput
|
The WAF signatures settings. |
Example
{
"enabled": true,
"postBody": UpdatePOSTBodyInput,
"httpRFCProfile": UpdateHTTPRFCProfileInput,
"semicolonFieldSeparator": UpdateSemicolonFieldSeparatorInput,
"denyURL": UpdateDenyURLInput,
"bufferOverflow": UpdateBufferOverflowInput,
"cookieConsistency": UpdateCookieConsistencyInput,
"fieldFormat": UpdateFieldFormatInput,
"fieldConsistency": UpdateFormFieldConsistencyInput,
"csrfSettings": UpdateCSRFSettingsInput,
"contentType": UpdateContentTypeInput,
"htmlSQLInjection": UpdateHTMLSQLInjectionInput,
"xmlSQLInjection": UpdateXMLSQLInjectionInput,
"commandInjection": UpdateCommandInjectionInput,
"crossSiteScripting": UpdateHTMLXSSInput,
"xmlCrossSiteScripting": UpdateXMLXSSInput,
"jsonSettings": UpdateJSONSettingsInput,
"wsiSettings": UpdateWSISettingsInput,
"xmlFormat": UpdateXMLFormatInput,
"xmlSOAPFault": UpdateXMLSOAPFaultInput,
"signatures": UpdateWAFSignaturesInput
}
UpdateWAFSignaturesInput
Description
Modify WAF signatures.
Fields
| Input Field | Description |
|---|---|
configuredBaseSignatures - [ConfiguredBaseWAFSignatureInput!]
|
A list of signatures for a policy configured from a list of available base signatures. |
customSignatures - [CustomWAFSignatureInput!]
|
A list of custom signatures created for a policy. |
Example
{
"configuredBaseSignatures": [
ConfiguredBaseWAFSignatureInput
],
"customSignatures": [CustomWAFSignatureInput]
}
UpdateWSISettingsInput
Description
Modify a web services interoperability countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
learn - Boolean
|
A flag to enable or disable learning. |
standards - [WSIStandardInput!]
|
A list of WSI standards. |
threshold - ThresholdInput
|
Appsec Threshold configuration for WSI violations. |
Example
{
"action": "NONE",
"learn": false,
"standards": [WSIStandardInput],
"threshold": ThresholdInput
}
UpdateXMLFormatInput
Description
Modify an XML format countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
threshold - ThresholdInput
|
Appsec Threshold configuration for XML format violations. |
Example
{"action": "NONE", "threshold": ThresholdInput}
UpdateXMLSOAPFaultInput
Description
Modify an XML SOAP fault countermeasure.
Fields
| Input Field | Description |
|---|---|
action - XMLSOAPFaultAction
|
Action to be taken. |
threshold - ThresholdInput
|
Appsec Threshold configuration for XML format violations. |
Example
{"action": "NONE", "threshold": ThresholdInput}
UpdateXMLSQLInjectionInput
Description
Modify an HTML SQL injection countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
checkSQLWildChars - Boolean
|
Whether to check for form fields that contain SQL wild chars. |
sqlInjectionType - SQLInjectionType
|
An XML SQL injection type. |
exemptCommentsWith - CommentExemption
|
Exempts all comments of the given type. |
relaxationRules - [XMLSQLInjectionRelaxationRuleInput!]
|
A list of XML SQL injection relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for XML SQL injection violations. |
Example
{
"action": "NONE",
"checkSQLWildChars": true,
"sqlInjectionType": "NONE",
"exemptCommentsWith": "CHECK_ALL",
"relaxationRules": [XMLSQLInjectionRelaxationRuleInput],
"threshold": ThresholdInput
}
UpdateXMLXSSInput
Description
Modify an XML cross-site scripting countermeasure.
Fields
| Input Field | Description |
|---|---|
action - WAFAction
|
Action to be taken. |
relaxationRules - [XMLXSSRelaxationRuleInput!]
|
A list of XML cross-site scripting relaxation rules. |
threshold - ThresholdInput
|
Appsec Threshold configuration for XML cross-site scripting violations. |
Example
{
"action": "NONE",
"relaxationRules": [XMLXSSRelaxationRuleInput],
"threshold": ThresholdInput
}
User
Description
A user of the system.
Fields
| Field Name | Description |
|---|---|
id - String!
|
ID of company User. |
notificationConfiguration - UserNotificationConfiguration
|
The list of notification configuration. |
createdAt - Time!
|
Timestamp of when user was created. |
updatedAt - Time!
|
Timestamp of when user was last updated. |
company - Company!
|
Details of company. |
enabled - Boolean!
|
Whether the user is able to access the system. |
email - String!
|
User email. |
userName - String!
|
User name. |
firstName - String!
|
First name. |
lastName - String!
|
Last name. |
lastLogin - Time
|
Timestamp of last login of this user. |
jobTitle - String
|
Job title. |
phone - String
|
Phone number. |
mobile - String
|
Mobile number. |
roles - [UserRole!]
|
Roles. |
Example
{
"id": "abc123",
"notificationConfiguration": UserNotificationConfiguration,
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"company": Company,
"enabled": true,
"email": "abc123",
"userName": "abc123",
"firstName": "abc123",
"lastName": "xyz789",
"lastLogin": "10:15:30Z",
"jobTitle": "abc123",
"phone": "abc123",
"mobile": "xyz789",
"roles": ["PRIMARY_ADMIN"]
}
UserDefinedFilter
Fields
| Field Name | Description |
|---|---|
id - String!
|
Since this is a User Defined Filter, the ID is the ID of the Filter as defined in Arbor. |
filterType - FilterType!
|
Indicates whether this filter list is user defined or an inline filter. |
company - Company!
|
The company object. |
name - String!
|
Name of the filter list. |
description - String
|
The description of the filter list. |
listType - FilterListType!
|
Type of data contained in this Filter List. |
listTypeLabel - String!
|
Display label for the type of data contained in this Filter List. |
usedInTemplate - Boolean!
|
Indicates if this Filter List is used in a Template. |
usedInAutoMitigation - Boolean!
|
Indicates if this Filter List is used in an Auto Mitigation. |
entries - [String!]!
|
Array of filter list entries based on the value of the listType attribute:" BLACK_WHITE_IPV4: IPv4 FCAP expressions BLACK_WHITE_IPV6: IPv6 FCAP expressions ADDRESS_IPV4: IPv4 CIDRs or addresses ADDRESS_IPV6: IPv6 CIDRs or addresses IP_LOCATION: Two-letter ISO 3166 country codes |
templates - [FilterTemplate]!
|
A set of Templates referenced by this Filter |
Example
{
"id": "xyz789",
"filterType": "INLINE",
"company": Company,
"name": "xyz789",
"description": "xyz789",
"listType": "black_white",
"listTypeLabel": "abc123",
"usedInTemplate": false,
"usedInAutoMitigation": false,
"entries": ["abc123"],
"templates": [FilterTemplate]
}
UserFilterInput
Description
For reducing the returned list of users.
Example
{
"id": "abc123",
"email": "xyz789",
"includeDisabled": true
}
UserLog
Description
Auth0 event log for a user.
Example
{
"date": "10:15:30Z",
"type": "xyz789",
"description": "abc123",
"ip": "abc123",
"userID": "xyz789",
"logID": "xyz789"
}
UserLoginID
Description
User data to be returned.
Example
{
"loginID": "xyz789",
"name": "abc123",
"companyDName": "xyz789",
"roles": ["xyz789"]
}
UserLoginIDWithPagination
Description
Paginated users.
Fields
| Field Name | Description |
|---|---|
results - [UserLoginID!]
|
Results holds the list of users. |
pageInfo - Pagination!
|
Page Information. |
Example
{
"results": [UserLoginID],
"pageInfo": Pagination
}
UserLogsFilterInput
Description
Filter for Auth0 event log for a user.
Example
{
"id": "xyz789",
"startTime": "10:15:30Z",
"endTime": "10:15:30Z",
"types": "xyz789"
}
UserNotificationConfiguration
Description
Represents a User specific notification configuration.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of this notification configuration. |
user - User!
|
The User object. |
company - Company!
|
The company object. |
createdAt - Time!
|
The time that the notification configuration was created at. |
updatedAt - Time!
|
The time that the notification configuration was last updated at. |
deletedAt - Time
|
The time that the notification configuration was last deleted at. |
categories - [CategoryConfiguration!]!
|
The list of user category notification configurations. |
Example
{
"id": "xyz789",
"user": User,
"company": Company,
"createdAt": "10:15:30Z",
"updatedAt": "10:15:30Z",
"deletedAt": "10:15:30Z",
"categories": [CategoryConfiguration]
}
UserRole
Description
Allowed list of user roles.
Values
| Enum Value | Description |
|---|---|
|
|
Primary admin role. |
|
|
Technical user role. |
|
|
Read-only role. |
Example
"PRIMARY_ADMIN"
UsersWithPagination
Description
A paginated list of users.
Fields
| Field Name | Description |
|---|---|
results - [User!]
|
Set of users returned by query. |
pageInfo - Pagination!
|
Pagination settings for query results. |
Example
{
"results": [User],
"pageInfo": Pagination
}
VServer
Description
A collection of properties that define a virtual server.
Fields
| Field Name | Description |
|---|---|
port - UnsignedInt16!
|
The virtual server's front-end server port. |
protocol - ProxyProtocol!
|
Protocol type used for the front and back ends. |
loadBalanceMethod - ProxyLoadBalanceMethod!
|
Method used to load-balance connections. |
persistenceType - ProxyLoadBalancePersistenceType!
|
A session persistence type to apply to requests. |
xffHeader - String!
|
The name of the 'forwarded-for' header. |
sp - Boolean!
|
Ensure connections to the server occur at a rate that the server can handle. |
tcpb - Boolean!
|
Use TCP Buffering for the service. |
tlsOptions - TLSOptions
|
TLS/SSL protocol options. |
certificateBindings - [CertificateBinding!]
|
Certficate(s) for this virtual server. |
applicationServices - [ApplicationService!]
|
Application services that make up this virtual server's back end. |
Example
{
"port": UnsignedInt16,
"protocol": "HTTP",
"loadBalanceMethod": "LEAST_CONNECTION",
"persistenceType": "SOURCE_IP",
"xffHeader": "xyz789",
"sp": true,
"tcpb": true,
"tlsOptions": TLSOptions,
"certificateBindings": [CertificateBinding],
"applicationServices": [ApplicationService]
}
VServerInput
Description
Add a VServer to a Proxy.
Fields
| Input Field | Description |
|---|---|
port - UnsignedInt16!
|
Back end origin server port. |
protocol - ProxyProtocol!
|
Protocol type of the front end. |
loadBalanceMethod - ProxyLoadBalanceMethod!
|
Method used to load-balance connections. |
persistenceType - ProxyLoadBalancePersistenceType!
|
A session persistence type to apply to requests. Default = SOURCE_IP |
xffHeader - String!
|
The name of the 'forwarded-for' header. Default = "X-Forwarded-For" |
sp - Boolean
|
Ensure connections to the server occur at a rate that the server can handle. |
tcpb - Boolean
|
Use TCP Buffering for the service. |
tlsOptions - TLSOptionsInput
|
TLS/SSL protocol options. Only required for TLS. |
certificateBindings - [CertificateBindingInput!]
|
Certficate(s) for this virtual server. |
applicationServices - [ApplicationServiceInput!]
|
Application services that make up this virtual server's back end. |
Example
{
"port": UnsignedInt16,
"protocol": "HTTP",
"loadBalanceMethod": "LEAST_CONNECTION",
"persistenceType": "SOURCE_IP",
"xffHeader": "abc123",
"sp": false,
"tcpb": false,
"tlsOptions": TLSOptionsInput,
"certificateBindings": [CertificateBindingInput],
"applicationServices": [ApplicationServiceInput]
}
VServerState
Description
VServer state value.
Values
| Enum Value | Description |
|---|---|
|
|
Up or operational. |
|
|
Down or nonoperational. |
|
|
Unavailable. |
Example
"UP"
VServerStatus
Description
Represents the status of a vserver (VIP-protocol-port combination).
Fields
| Field Name | Description |
|---|---|
currentState - VServerState!
|
State of the vserver. |
port - UnsignedInt32!
|
Port of the vserver. |
protocol - String!
|
Protocol of the vserver. |
Example
{
"currentState": "UP",
"port": UnsignedInt32,
"protocol": "abc123"
}
ValueType
Description
Allowed list of values for value types.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"KEYWORD"
ViolationLog
Description
A WAF violation log.
Fields
| Field Name | Description |
|---|---|
timestamp - LogTime
|
The timestamp of the violation log. |
timestampEvent - LogTime
|
The log timestamp event. |
version - String
|
The version. |
action - String
|
The action that caused this violation log. |
cefVersion - String
|
The engine's CEF version. |
cookies - String
|
The cookies in the original request. |
customer - String
|
The customer account dname. |
devVersion - String
|
The dev version. |
domain - String
|
The domain the request was intended for. |
destinationIP - IPAddress
|
The destination IP the request was intended for. |
eventID - String
|
The unique event ID for this event. |
host - String
|
The hostname in the request. |
httptxID - String
|
The HTTP transaction ID from the engine. |
method - String
|
The HTTP method used. |
profile - String
|
The policy key generating this violation. |
protocol - String
|
The protocol used. |
rawHeaders - String
|
The raw headers in the original request. |
reason - String
|
The reason for the violation to occur. |
sessionID - String
|
The session ID. |
severity - UnsignedInt32
|
The severity code of the violation. |
severityString - String
|
The severity string of the violation. |
signatureID - String
|
The signature code prefix. |
signatureName - String
|
The signature name which triggered the violation. |
site - String
|
The processing site location. |
sourceIP - IPAddress
|
The source IP of the request. |
sourceLocation - GeoLocation
|
The source location where the request originated. |
sourcePort - UnsignedInt16
|
The source port of the request. |
type - String
|
The type of the violation. |
uri - String
|
The uri which cause the violation. |
aggregatedURI - String
|
The aggregated uri string which caused the violation |
userAgent - String
|
The user agent in the original request header. |
wafVersion - String
|
The WAF version. |
Example
{
"timestamp": LogTime,
"timestampEvent": LogTime,
"version": "xyz789",
"action": "abc123",
"cefVersion": "abc123",
"cookies": "xyz789",
"customer": "xyz789",
"devVersion": "abc123",
"domain": "xyz789",
"destinationIP": IPAddress,
"eventID": "xyz789",
"host": "abc123",
"httptxID": "xyz789",
"method": "xyz789",
"profile": "xyz789",
"protocol": "abc123",
"rawHeaders": "abc123",
"reason": "xyz789",
"sessionID": "xyz789",
"severity": UnsignedInt32,
"severityString": "xyz789",
"signatureID": "xyz789",
"signatureName": "abc123",
"site": "abc123",
"sourceIP": IPAddress,
"sourceLocation": GeoLocation,
"sourcePort": UnsignedInt16,
"type": "xyz789",
"uri": "xyz789",
"aggregatedURI": "xyz789",
"userAgent": "xyz789",
"wafVersion": "abc123"
}
ViolationLogDimension
Description
Violation log sort dimensions.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"SOURCE_IP"
ViolationLogFilterInput
Description
A WAF violation log filter input.
Fields
| Input Field | Description |
|---|---|
sourceIP - IPAddressInput
|
The source IP of the request. |
destinationIP - IPAddressInput
|
The destination IP of the request. |
host - String
|
The host of the request. |
signatureName - String
|
The signature name which triggered the violation. |
userAgent - String
|
The user agent in the original request header. |
timestamp - String
|
The timestamp of the violation log. |
sourceCountryName - String
|
The source country name. |
sourceCity - String
|
The source city name. |
action - String
|
The violation log action. |
reason - String
|
The reason for the violation to occur. |
domain - String
|
The domain the request was intended for. |
uri - String
|
The uri which cause the violation. |
aggregatedURI - String
|
The aggregated uri string which caused the violation |
httptxID - String
|
The HTTP transaction ID from the engine. |
eventID - String
|
The unique event ID for this event. |
site - String
|
The processing site location. |
profile - String
|
The policy key generating this violation. |
all - String
|
The All filters looks at all the filters mentioned above, with the exception of profile. |
Example
{
"sourceIP": IPAddressInput,
"destinationIP": IPAddressInput,
"host": "xyz789",
"signatureName": "abc123",
"userAgent": "xyz789",
"timestamp": "xyz789",
"sourceCountryName": "abc123",
"sourceCity": "xyz789",
"action": "abc123",
"reason": "abc123",
"domain": "xyz789",
"uri": "xyz789",
"aggregatedURI": "abc123",
"httptxID": "xyz789",
"eventID": "xyz789",
"site": "abc123",
"profile": "abc123",
"all": "abc123"
}
ViolationLogGroup
Description
A violation log group.
Fields
| Field Name | Description |
|---|---|
key - String!
|
The group name. |
count - UnsignedInt32!
|
The count of violation logs in this group. |
Example
{
"key": "abc123",
"count": UnsignedInt32
}
ViolationLogGroupByField
Description
Allowed list of violation log group by fields.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"URI"
ViolationLogGroupByInput
Description
A WAF violation log group by input.
Fields
| Input Field | Description |
|---|---|
field - ViolationLogGroupByField!
|
The field that will be used to group the logs. |
direction - SortDirection
|
The order of the groups listed (ascending or descending). |
timeInterval - TimeInterval
|
The time interval when the group of logs occurred. |
Example
{
"field": "URI",
"direction": "ASCENDING",
"timeInterval": TimeInterval
}
ViolationLogSortBy
Description
A WAF violation log sort input.
Fields
| Input Field | Description |
|---|---|
dimension - ViolationLogDimension!
|
The dimension that will be used to sort the logs. |
direction - SortDirection!
|
The order of the sort (ascending or descending). Default = DESCENDING |
Example
{"dimension": "SOURCE_IP", "direction": "ASCENDING"}
ViolationLogTimeSeries
Description
A violation log time series group.
Fields
| Field Name | Description |
|---|---|
key - String!
|
The key name. |
cnt - UnsignedInt64!
|
The count of violation logs in this timeframe. |
ts - Time!
|
The timestamp of these occurrences. |
Example
{
"key": "abc123",
"cnt": UnsignedInt64,
"ts": "10:15:30Z"
}
ViolationLogsWithPagination
Description
A paginated list of WAF violation logs.
Fields
| Field Name | Description |
|---|---|
results - [ViolationLog!]
|
Violation log data |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [ViolationLog],
"pageInfo": Pagination
}
WAFAction
Description
Allowed list of actions for a given WAF countermeasure.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"NONE"
WAFAnalyticsResponse
Description
A WAF analytics response.
Fields
| Field Name | Description |
|---|---|
logs - ViolationLogsWithPagination
|
A paginated list of violation logs satisfying the filter criteria. |
groups - [ViolationLogGroup!]
|
The list of aggregated group results satisfying the group by criteria. |
timeSeriesData - [ViolationLogTimeSeries!]
|
The time series information of the violation logs occurrences. |
Example
{
"logs": ViolationLogsWithPagination,
"groups": [ViolationLogGroup],
"timeSeriesData": [ViolationLogTimeSeries]
}
WAFMitigation
Description
Represents a WAF Mitigation.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The identifier of this mitigaiton. |
company - Company!
|
The company object. |
start - Time!
|
The start time of the mitigaiton |
end - Time
|
The end time of the mitigation. A non-zero value of end time means that the mitigation has ended or finished. |
event - Event
|
The event associated with this mitigation. |
policy - Policy
|
The Policy that triggered this mitigation. Use policyKey to find policy separately, if needed
|
destinationIPs - [CIDR!]
|
The destination IPs. Use destinationIP
|
policyKey - String!
|
The Policy Key that triggered this mitigation. |
destinationIP - IPAddress!
|
The destination IP. |
countermeasures - [WAFViolation!]
|
The countermeasures associated with the mitigation. |
Example
{
"id": "xyz789",
"company": Company,
"start": "10:15:30Z",
"end": "10:15:30Z",
"event": Event,
"policy": Policy,
"destinationIPs": [CIDR],
"policyKey": "abc123",
"destinationIP": IPAddress,
"countermeasures": [WAFViolation]
}
WAFProfile
Description
A WAF profile for a given policy.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the WAF profile is enabled. |
postBody - POSTBody
|
Limits the request payload size. |
httpRFCProfile - HTTPRFCProfile
|
Check requests for HTTP RFC non compliance. |
semicolonFieldSeparator - SemicolonFieldSeparator
|
Allow or disallow semicolon field separator between request fields. |
denyURL - DenyURL
|
The deny URL countermeasure settings. |
bufferOverflow - BufferOverflow
|
The buffer overflow countermeasure settings. |
cookieConsistency - CookieConsistency
|
The cookie consistency countermeasure settings. |
fieldFormat - FieldFormat
|
The field format countermeasure settings. |
fieldConsistency - FormFieldConsistency
|
The form field consistency countermeasure settings. |
csrfSettings - CSRFSettings
|
The CSRF countermeasure settings. |
contentType - ContentType
|
The content type countermeasure settings. |
htmlSQLInjection - HTMLSQLInjection
|
The HTML SQL Injection countermeasure settings. |
xmlSQLInjection - XMLSQLInjection
|
The XML SQL Injection countermeasure settings. |
commandInjection - CommandInjection
|
The Command Injection countermeasure settings. |
crossSiteScripting - HTMLXSS
|
The HTML cross-site scripting countermeasure settings. |
xmlCrossSiteScripting - XMLXSS
|
The XML cross-site scripting countermeasure settings. |
jsonSettings - JSONSettings
|
The JSON related countermeasure settings. |
wsiSettings - WSISettings
|
The web service interoperability countermeasure settings. |
xmlFormat - XMLFormat
|
The XML format countermeasure settings. |
xmlSOAPFault - XMLSOAPFault
|
The XML SOAP fault countermeasure settings. |
signatures - WAFSignatures
|
The WAF signatures settings. |
Example
{
"enabled": true,
"postBody": POSTBody,
"httpRFCProfile": HTTPRFCProfile,
"semicolonFieldSeparator": SemicolonFieldSeparator,
"denyURL": DenyURL,
"bufferOverflow": BufferOverflow,
"cookieConsistency": CookieConsistency,
"fieldFormat": FieldFormat,
"fieldConsistency": FormFieldConsistency,
"csrfSettings": CSRFSettings,
"contentType": ContentType,
"htmlSQLInjection": HTMLSQLInjection,
"xmlSQLInjection": XMLSQLInjection,
"commandInjection": CommandInjection,
"crossSiteScripting": HTMLXSS,
"xmlCrossSiteScripting": XMLXSS,
"jsonSettings": JSONSettings,
"wsiSettings": WSISettings,
"xmlFormat": XMLFormat,
"xmlSOAPFault": XMLSOAPFault,
"signatures": WAFSignatures
}
WAFSignatureDimension
Description
Allowed values for sorting the Signature list.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"CATEGORY"
WAFSignatureFilterInput
WAFSignatureSortBy
Description
Signature sorting input.
Fields
| Input Field | Description |
|---|---|
dimension - WAFSignatureDimension!
|
The dimension to sort by. |
direction - SortDirection!
|
The direction to sort in. |
Example
{"dimension": "CATEGORY", "direction": "ASCENDING"}
WAFSignatures
Description
A WAF signature.
Fields
| Field Name | Description |
|---|---|
configuredBaseSignatures - ConfiguredBaseWAFSignaturesWithPagination
|
A paginated list of signatures for a policy configured from a list of available base signatures. |
Arguments
|
|
customSignatures - CustomWAFSignaturesWithPagination
|
A paginated list of custom WAF signatures created for a policy. |
Arguments
|
|
Example
{
"configuredBaseSignatures": ConfiguredBaseWAFSignaturesWithPagination,
"customSignatures": CustomWAFSignaturesWithPagination
}
WAFViolation
Description
Represents WAF violation.
Fields
| Field Name | Description |
|---|---|
id - String!
|
The id of a WAF violation. Use name
|
name - String!
|
The name of the countermeasure. |
company - Company!
|
The company object. removing support |
mitigation - WAFMitigation!
|
The WAF mitigation for the violation. |
violationsDetails - [AppViolationData!]
|
The details of the violations. |
Arguments
|
|
Example
{
"id": "xyz789",
"name": "xyz789",
"company": Company,
"mitigation": WAFMitigation,
"violationsDetails": [AppViolationData]
}
WSISettings
Description
A web services interoperability countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
learn - Boolean!
|
A flag to enable or disable learning. |
standards - WSIStandardsWithPagination
|
A paginated list of WSI standards. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for WSI violations. |
Example
{
"action": "NONE",
"learn": true,
"standards": WSIStandardsWithPagination,
"threshold": AppSecThreshold
}
WSISettingsRuleCount
Description
WSI settings rule count.
Fields
| Field Name | Description |
|---|---|
rule - LearnedWSISettingsRule!
|
|
count - UnsignedInt32!
|
Example
{
"rule": LearnedWSISettingsRule,
"count": UnsignedInt32
}
WSISettingsRuleCountsWithPagination
Description
WSI settings learning rules.
Fields
| Field Name | Description |
|---|---|
results - [WSISettingsRuleCount!]
|
|
pageInfo - Pagination!
|
Example
{
"results": [WSISettingsRuleCount],
"pageInfo": Pagination
}
WSIStandard
Description
A web service interoperability standard.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether the standard is enabled. |
ruleID - WSIStandardRuleID!
|
A unique rule ID for the standard. |
rule - WSIStandardRule!
|
A WSI rule. |
Example
{
"enabled": true,
"ruleID": "SOAP_FAULT_VALID_CHILDREN",
"rule": WSIStandardRule
}
WSIStandardInput
Description
A web service interoperability standard.
Fields
| Input Field | Description |
|---|---|
enabled - Boolean!
|
Whether the standard is enabled. Default = true |
ruleID - WSIStandardRuleID!
|
The unique rule ID for the standard. |
Example
{"enabled": true, "ruleID": "SOAP_FAULT_VALID_CHILDREN"}
WSIStandardRule
Description
A web service interoperability standard rule.
Fields
| Field Name | Description |
|---|---|
id - WSIStandardRuleID!
|
A unique rule ID for the standard. |
code - String!
|
A code for the standard. |
description - String!
|
A decsription of the standard. |
Example
{
"id": "SOAP_FAULT_VALID_CHILDREN",
"code": "abc123",
"description": "xyz789"
}
WSIStandardRuleID
Description
Allowed list of WSI standard rule IDs.
Values
| Enum Value | Description |
|---|---|
|
|
When an ENVELOPE is a Fault, the soap:Fault element MUST NOT have element children other than faultcode, faultstring, faultactor and detail. |
|
|
When an ENVELOPE is a Fault, the element children of the soap:Fault element MUST be unqualified |
|
|
A RECEIVER MUST accept fault messages that have any number of qualified or unqualified attributes, including zero, appearing on the detail element. The namespace of qualified attributes can be anything other than the namespace of the qualified document element 'Envelope' |
|
|
When an ENVELOPE contains a faultcode element, the content of that element SHOULD be either one of the fault codes defined in SOAP 1.1 (supplying additional information if necessary in the detail element), or a Qname whose namespace is controlled by the fault's specifying authority (in that order of preference). |
|
|
An ENVELOPE MUST NOT contain soap:encodingStyle attribute on any of the elements whose namespace is the same as the namespace of the qualified document element 'Envelope' |
|
|
An ENVELOPE MUST NOT contain soap:encodingStyle attributes on any element that is a child of soap:Body. |
|
|
An ENVELOPE described in an rpc-literal binding MUST NOT contain soap:encodingStyle attribute on any element that is a grandchild of soap:Body. |
|
|
An ENVELOPE MUST NOT have any element children of soap:Envelope following the soap:Body element. |
|
|
A MESSAGE MUST be serialized as either UTF-8 or UTF-16 |
|
|
An ENVELOPE containing a soap:mustUnderstand attribute MUST only use the lexical forms '0' and '1'. |
|
|
The children of the soap:Body element in an ENVELOPE MUST be namespace qualified. |
|
|
A RECEIVER MUST generate a fault if they encounter an envelope whose document element is not soap:Envelope |
|
|
When an ENVELOPE contains a faultcode element the content of that element SHOULD NOT use of the SOAP 1.1 'dot' notation to refine the meaning of the fault. |
|
|
The soap:Envelope, soap:Header, and soap:Body elements in an ENVELOPE MUST NOT have attributes in the same namespace as that of the qualified document element 'Envelope' |
|
|
An ENVELOPE SHOULD NOT contain the namespace declaration xmlns:xml='http://www.w3.org/XML/1998/namespace'. |
|
|
The value of the SOAPAction HTTP header field in a HTTP request MESSAGE MUST be a quoted string. |
|
|
An INSTANCE SHOULD use a '200 OK' HTTP status code on a response message that contains an envelope that is not a fault. |
|
|
An INSTANCE MUST return a '500 Internal Server Error' HTTP status code if the response envelope is a Fault. |
|
|
A HTTP request MESSAGE MUST use the HTTP POST method |
|
|
A MESSAGE SHOULD be sent using HTTP/1.1. |
|
|
A MESSAGE MUST be sent using either HTTP/1.1 or HTTP/1.0. |
|
|
An ENVELOPE MUST NOT include the soapenc:arrayType attribute. |
|
|
An ENVELOPE described with an rpc-literal binding MUST NOT have the xsi:nil attribute with a value of '1' or 'true' on the part accessors. |
|
|
For one-way operations, an INSTANCE MUST NOT return a HTTP response that contains an envelope. Specifically, the HTTP response entity-body must be empty. |
|
|
An ENVELOPE described with an rpc-literal binding that is a response MUST have a wrapper element whose name is the corresponding wsdl:operation name suffixed with the string 'Response'. |
|
|
An ENVELOPE described with an rpc-literal binding MUST place the part accessor elements for parameters and return value in no namespace. |
|
|
An ENVELOPE MUST include all soapbind:headers specified on a wsdl:input or wsdl:output of a wsdl:operation of a wsdl:binding that describes it. |
|
|
A wsdl:binding in a DESCRIPTION SHOULD contain a soapbind:fault describing each known fault. |
|
|
A HTTP request MESSAGE MUST contain a SOAPAction HTTP header field with a quoted value equal to the value of the soapAction attribute of soapbind:operation, if present in the corresponding WSDL description. |
Example
"SOAP_FAULT_VALID_CHILDREN"
WSIStandardsWithPagination
Description
A paginated list of WSI standards.
Fields
| Field Name | Description |
|---|---|
results - [WSIStandard!]
|
A list of WSI standards. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [WSIStandard],
"pageInfo": Pagination
}
WebhookConfiguration
Description
Represents the Webhook channel-specific configuration.
Fields
| Field Name | Description |
|---|---|
URL - String!
|
The customer URL that we send webhook messages to. |
Example
{"URL": "abc123"}
WebhookConfigurationInput
Description
Represents the Webhook channel-specific configuration Input.
Fields
| Input Field | Description |
|---|---|
URL - String!
|
The customer URL that we send webhook messages to. |
Example
{"URL": "abc123"}
WhiteLabel
Description
Specifications for elements that can be modified for white-labelled customers.
Fields
| Field Name | Description |
|---|---|
enabled - Boolean!
|
Whether white-labelling is enabled for the Company. |
favicon - Map
|
Specifies a map of fav icons for this company's pages. |
footerLinks - [Link!]
|
List of all URLs and Labels associated with this company. |
productName - String!
|
Product Name as displayed by/for this company. |
loginMarqueeItems - [String!]
|
Marquee elements to be displayed on login for this company. |
supportURL - String!
|
Support URL to be displayed for this company. |
supportUser - String!
|
Company support username. |
headerLogo - String!
|
Header logo for this company. |
bottomLeftLabel - String!
|
Bottom left label to be rendered for company. |
theme - String!
|
Theme for company. |
bottomRightLabel - String!
|
Bottom right label to be rendered for company. |
domain - String!
|
Company domain. |
email - EMail!
|
Company contact email ID. |
Example
{
"enabled": true,
"favicon": Map,
"footerLinks": [Link],
"productName": "abc123",
"loginMarqueeItems": ["abc123"],
"supportURL": "abc123",
"supportUser": "abc123",
"headerLogo": "abc123",
"bottomLeftLabel": "xyz789",
"theme": "xyz789",
"bottomRightLabel": "abc123",
"domain": "abc123",
"email": EMail
}
XMLFormat
Description
An XML format countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
threshold - AppSecThreshold
|
Appsec Threshold configuration for XML format violations. |
Example
{"action": "NONE", "threshold": AppSecThreshold}
XMLLocation
Description
Allowed list of values for an XML location.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"ELEMENT"
XMLSOAPFault
Description
An XML SOAP fault countermeasure.
Fields
| Field Name | Description |
|---|---|
action - XMLSOAPFaultAction!
|
Action to be taken. |
threshold - AppSecThreshold
|
Appsec Threshold configuration for XML format violations. |
Example
{"action": "NONE", "threshold": AppSecThreshold}
XMLSOAPFaultAction
Description
Allowed list of actions for XML SOAP Fault countermeasure.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"NONE"
XMLSQLInjection
Description
An XML SQL injection countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
checkSQLWildChars - Boolean!
|
Whether to check for form fields that contain SQL wild chars. |
sqlInjectionType - SQLInjectionType!
|
An XML SQL injection type. |
exemptCommentsWith - CommentExemption!
|
Exempts all comments of the given type. |
relaxationRules - XMLSQLInjectionRelaxationRulesWithPagination
|
A list of XML SQL injection relaxation rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for XML SQL injection violations. |
Example
{
"action": "NONE",
"checkSQLWildChars": true,
"sqlInjectionType": "NONE",
"exemptCommentsWith": "CHECK_ALL",
"relaxationRules": XMLSQLInjectionRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
XMLSQLInjectionRelaxationRule
Description
An XML SQL injection relaxation rule.
Fields
| Field Name | Description |
|---|---|
name - String!
|
The name of the rule. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex - Boolean!
|
Whether the name is in regex format. |
location - XMLLocation
|
The location of the attachment. |
Example
{
"name": "xyz789",
"enabled": true,
"isNameRegex": false,
"location": "ELEMENT"
}
XMLSQLInjectionRelaxationRuleInput
Description
An XML SQL injection relaxation rule.
Fields
| Input Field | Description |
|---|---|
name - String!
|
The name of the rule. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. Default = true |
isNameRegex - Boolean!
|
Whether the name is in regex format. Default = false |
location - XMLLocation
|
The location that should be examined by the rule. |
Example
{
"name": "xyz789",
"enabled": true,
"isNameRegex": false,
"location": "ELEMENT"
}
XMLSQLInjectionRelaxationRulesWithPagination
Description
A paginated list SQL injection relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [XMLSQLInjectionRelaxationRule!]
|
A list of relaxation rules. |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [XMLSQLInjectionRelaxationRule],
"pageInfo": Pagination
}
XMLXSS
Description
An XML cross-site scripting countermeasure.
Fields
| Field Name | Description |
|---|---|
action - WAFAction!
|
Action to be taken. |
relaxationRules - XMLXSSRelaxationRulesWithPagination
|
A paginated list of XML cross-site scripting relaxation rules. |
Arguments
|
|
threshold - AppSecThreshold
|
Appsec Threshold configuration for XML cross-site scripting violations. |
Example
{
"action": "NONE",
"relaxationRules": XMLXSSRelaxationRulesWithPagination,
"threshold": AppSecThreshold
}
XMLXSSRelaxationRule
Description
An XML XSS relaxation rule.
Fields
| Field Name | Description |
|---|---|
name - String!
|
The name of the rule. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. |
isNameRegex - Boolean!
|
Whether the name is in regex format. |
location - XMLLocation
|
The location of the attachment. |
Example
{
"name": "abc123",
"enabled": false,
"isNameRegex": false,
"location": "ELEMENT"
}
XMLXSSRelaxationRuleInput
Description
An XML XSS relaxation rule.
Fields
| Input Field | Description |
|---|---|
name - String!
|
The name of the rule. |
enabled - Boolean!
|
Whether the relaxation rule is enabled. Default = true |
isNameRegex - Boolean!
|
Whether the name is in regex format. Default = false |
location - XMLLocation
|
The location of the attachment. |
Example
{
"name": "abc123",
"enabled": true,
"isNameRegex": true,
"location": "ELEMENT"
}
XMLXSSRelaxationRulesWithPagination
Description
A paginated list of XML cross-site scripting (XSS) relaxation rules.
Fields
| Field Name | Description |
|---|---|
results - [XMLXSSRelaxationRule!]
|
A list of XML XSS relaxation rules |
pageInfo - Pagination!
|
The returned page information. |
Example
{
"results": [XMLXSSRelaxationRule],
"pageInfo": Pagination
}
XSSValueType
Description
Allowed list of values for value types in XSS.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"TAG"
ZombieDetectionDDOSCountermeasure
Fields
| Field Name | Description |
|---|---|
name - String!
|
|
id - String!
|
There is no id associated with a countermeasure. Use id of the mitigation.
|
company - Company!
|
Use company of the mitigation.
|
traffic - [TrafficData!]
|
|
trafficData - [TrafficData!]
|
Use traffic.
|
trafficDetails - [MitigationDetailsTrafficSeries!]!
|
|
blacklisting - Boolean!
|
Example
{
"name": "abc123",
"id": "xyz789",
"company": Company,
"traffic": [TrafficData],
"trafficData": [TrafficData],
"trafficDetails": [MitigationDetailsTrafficSeries],
"blacklisting": true
}