Rulesets REST Interface

Data and limitations

The ruleset data is the internal representation of the ruleset object and is subject to change without notice.

You can’t change rulesets via the REST interface, and you can’t delete them. POST commands on an URL like /application/APPUUID/rulesets/RULESETUUID always return an error code 409. PUT and DELETE also always fail and return an error code 409.

However, you can, for example, export a ruleset and import it into multiple other applications to duplicate it.

Getting a list of rulesets for an application

  • Request

    Method GET
    URL /applications/APPUUID/rulesets/
    Arguments
  • Response

    Return code Arguments Meaning
    200 {RULEUUID1: VERSION, RULEUUID2: VERSION } list of rulesets for the given application successfully returned as a dictionary containing the ruleset UUIDs as keys and the representative version numbers as values
    401 - no login
    403 - not enough rights
    404 - application not found
    500 - internal server error
  • Example

    The following request retrieves a list of all rulesets for the application that has the UUID “f011694d47d73578-3c0581461472821ff8d0c3a8c007d88c”. Note that you don’t use the application name in the request, but this UUID.

    In this case, there is only one ruleset available.

    $ curl -u admin:admin -H 'Content-Type: application/json' http://127.0.0.1:8087/api/af/2.0/applications/f011694d47d73578-3c0581461472821ff8d0c3a8c007d88c/rulesets {    "__name": "rulesets",    "__path": "/api/af/2.0/applications/f011694d47d73578-3c0581461472821ff8d0c3a8c007d88c/rulesets/",    "__subnodes": [        "127.0.0.1:8083:f011694d47d73578-1a7bfe29b480dac5575de4bc15d85a6f:1"    ],    "rulesets": {        "127.0.0.1:8083:f011694d47d73578-1a7bfe29b480dac5575de4bc15d85a6f:1": 1    } }

Getting a ruleset BLOB

  • Request

    Method GET
    URL /applications/APPUUID/rulesets/RULEUUID
    Arguments
  • Response

    Return code Arguments Meaning
    200 { RULESETDATA } ruleset successfully returned as a dictionary containing all ruleset data
    401 - no login
    403 - not enough rights
    404 - application or ruleset not found
    500 - internal server error

    Example

    The following request retrieves the data of the ruleset with the UUID "127.0.0.1:8083:f011694d47d73578-1a7bfe29b480dac5575de4bc15d85a6f:1", which is a ruleset for the application "f011694d47d73578-3c0581461472821ff8d0c3a8c007d88c".

    (In the example, the response is truncated.)

    $ curl -u admin:admin -H 'Content-Type: application/json' http://127.0.0.1:8087/api/af/2.0/applications/f011694d47d73578-3c0581461472821ff8d0c3a8c007d88c/rulesets/127.0.0.1:8083:f011694d47d73578-1a7bfe29b480dac5575de4bc15d85a6f:1 { "__name": "127.0.0.1:8083:f011694d47d73578-1a7bfe29b480dac5575de4bc15d85a6f:1", "__path": "/api/af/2.0/applications/f011694d47d73578-3c0581461472821ff8d0c3a8c007d88c/rulesets/127.0.0.1:8083:f011694d47d73578-1a7bfe29b480dac5575de4bc15d85a6f:1/", "__subnodes": [], "baseline_config": {}, "changelog": [], "comment": "", "db_last_modified_timestamp": 1347292036, "db_last_modified_userid": "unknown", "global_handler": [ { "ConfigItems": [ { "db_last_modified_userid": "unknown", "description": "Enable Shortcut Handler", "is_inherited": true, "name": "enabled", "owner": [], "type": "boolean" }, .... } ], "global_timestamp": "00000000000000dc-127.0.0.1:8083-f011694d47d73578-d9a8f3dd4119ea7f200fd9b4acd624a1-1347292036", "handler": [ { "ConfigItems": [ { "db_last_modified_userid": "unknown", "description": "Enable this handler", "is_inherited": true, "name": "enabled", "owner": [], "type": "boolean" }, .... } ], "last_modified": 1347292036, "name": "initial ruleset", "owner": [], "rules": [ { "db_last_modified_userid": "unknown", "handler": [ { "ConfigItems": [ { "db_last_modified_userid": "unknown", "description": "Enable this handler", "is_inherited": true, "name": "enabled", "owner": [], "type": "boolean" }, .... ], "name": "/.*", "owner": [], "selector": [ { "ConfigItems": [ { "db_last_modified_userid": "unknown", "description": "Selection based on hostname", "is_inherited": true, "name": "enabled", "owner": [], "type": "boolean" }, .... ] } ], "version": 1 }

Adding a ruleset

  • Request

    Method POST
    URL /applications/APPUUID/rulesets/
    Arguments { RULESETDATA }

    To activate the added ruleset you need to change the fields logonly_ruleset_version and active_ruleset_version for the application that is to use this ruleset. See Applications REST Interface .

  • Response

    Return code Arguments Meaning
    200 RULESETUUID ruleset with the given UUID successfully added
    401 - no login
    403 - not enough rights
    404 - application not found
    409 - malformed, conflicting, or missing data
    500 - internal server error