Resource URL | Authorization | Description |
/v5/api/policies (GET) | Admin, Policy Admin, Analyst | List all of the policies, or search for policies associated with a site, site group, or domain list |
/v5/api/policies (POST) | Admin, Policy Admin | Create a new policy from a domain list |
/v5/api/policies/{policyId} (GET) | Admin, Policy Admin, Analyst | Search for a policy by policy ID |
/v5/api/policies/{policyId} (DELETE) | Admin, Policy Admin | Delete the policy specified by policy ID |
/v5/api/policies/{policyId} (PUT) | Admin, Policy Admin | Update the policy specified by policy ID |
Policy parameters
Name | Type | Example | Notes |
---|---|---|---|
action | JSON | { "type" : "block" } | One of "trust, "block", "monitor", or "redirect". |
active | boolean | false | If true, the policy is active, if false it's inactive. |
appliedTo | List of JSON | [ { "name" : " 1b9874b1-9a6b-4347-92f1-7c33bb47c66b", "type" : "siteId" } ] | The list of sites and site groups that this policy applies to. |
description | String | "This is a description" | The human-readable description of the policy. |
domain | List of JSON | [ { "listId" : " f5d03dec-bdd8-435b-af71-97ddd2d27690", "type": "list" } ] | The list of domain lists that the policy should match on. |
exceptionDomainLists | List of JSON | [ { "listId" : " f5d03dec-bdd8-435b-af71-97ddd2d27690", "type": "list" } ] | A list of exception domain lists that the policy shouldn't match on. |
id | String (UUID) | " 1509980672880-b6aca992-7ef0-4e67-88fe-ff5c44f5cfea " | Unique identifier for the policy. |
name | String | "Name" | A human readable name for the policy. This must be unique. |
policyVersionId | String (UUID) | " 9722af80-ff82-4d38-9f87-f13e6567defa" | The version number changes each time a policy is updated. This will be used to determine if an applied policy is out-of-date. |
queryTypes | List of Strings | [ "TXT", "PTR", "A" ] | The list of query types this policy should match on. |
sourceIps | JSON | { ranges [ "1.1.1.1" ], "type": "INCLUDE" } | The source IPs to match on (if type is "INCLUDE") or to explicitly not match on ("EXCLUDE"). The include/exclude parameter is optional. Excluding source IPs is only applicable to Block and Monitor policies, and isn't applicable to Allow policies. When this parameter isn't specified, the default value is Include. |
threats | List of JSON | [{ "type" : "DGA" }] | The list of threats to match on. |
timeRanges | List of JSON | [{ "start": "00:00", "end": "23:59" "days": ["Monday"] }] | The list of time periods during which the policy applies. |
timestamp | long | 1532095137993 | The timestamp of when the policy was last updated (as milliseconds since Jan. 1, 1970). |
matchAnswer | boolean | true | The criteria on which policies act on domains. This is only
applicable to Block and Monitor policies. If you set matchAnswer to
"true", domains listed will be blocked or monitored based on the domain
found in the query or answer section of the DNS response. Note: You must
select at least one criteria to block or monitor domain lists
(matchAnswer or matchAuthority).
|
matchAuthority | boolean | true | The criteria on which policies act on domains. This is only
applicable to Block and Monitor policies. If you set matchAuthority to
"true", domains listed will be blocked or monitored based on the domain
found in the authoritative nameserver section of the DNS response.
Note: You must select at least one criteria to block or monitor
domain lists (matchAnswer or matchAuthority).
|