post
/public_api/v1/legacy_exceptions/edit
Update an existing legacy exception rule.
Prerequisites:
To get the required fields:
- Use Get Legacy Exceptions Modules API to retrieve existing exception details.
- The
idfield in the fetch API response corresponds toexception_idin this request. - The
rule_namefield in the fetch API response corresponds tonamein this request. - The
scopefield is not returned by the fetch API. Use"PROFILE"ifprofile_idsis non-empty in the fetch response; use"GLOBAL"ifprofile_idsis[].
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
241
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
-H
'x-xdr-auth-id: 241'
'https://api-yourfqdn/public_api/v1/legacy_exceptions/edit'
-d
''
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
payload = "{\"request_data\":{\"exception_id\":\"string\",\"update_data\":{\"name\":\"string\",\"platform\":\"string\",\"module\":0,\"profile_ids\":[0],\"status\":\"string\",\"scope\":\"string\",\"description\":\"string\",\"conditions\":{}}}}"
headers = {
'Authorization': "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
'x-xdr-auth-id': "241",
'content-type': "application/json"
}
conn.request("POST", "/public_api/v1/legacy_exceptions/edit", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v1/legacy_exceptions/edit")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
request["x-xdr-auth-id"] = '241'
request["content-type"] = 'application/json'
request.body = "{\"request_data\":{\"exception_id\":\"string\",\"update_data\":{\"name\":\"string\",\"platform\":\"string\",\"module\":0,\"profile_ids\":[0],\"status\":\"string\",\"scope\":\"string\",\"description\":\"string\",\"conditions\":{}}}}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"request_data": {
"exception_id": "string",
"update_data": {
"name": "string",
"platform": "string",
"module": 0,
"profile_ids": [
0
],
"status": "string",
"scope": "string",
"description": "string",
"conditions": {}
}
}
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/v1/legacy_exceptions/edit");
xhr.setRequestHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
xhr.setRequestHeader("x-xdr-auth-id", "241");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/legacy_exceptions/edit")
.header("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ")
.header("x-xdr-auth-id", "241")
.header("content-type", "application/json")
.body("{\"request_data\":{\"exception_id\":\"string\",\"update_data\":{\"name\":\"string\",\"platform\":\"string\",\"module\":0,\"profile_ids\":[0],\"status\":\"string\",\"scope\":\"string\",\"description\":\"string\",\"conditions\":{}}}}")
.asString();import Foundation
let headers = [
"Authorization": "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id": "241",
"content-type": "application/json"
]
let parameters = ["request_data": [
"exception_id": "string",
"update_data": [
"name": "string",
"platform": "string",
"module": 0,
"profile_ids": [0],
"status": "string",
"scope": "string",
"description": "string",
"conditions": []
]
]] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/legacy_exceptions/edit")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v1/legacy_exceptions/edit",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"request_data\":{\"exception_id\":\"string\",\"update_data\":{\"name\":\"string\",\"platform\":\"string\",\"module\":0,\"profile_ids\":[0],\"status\":\"string\",\"scope\":\"string\",\"description\":\"string\",\"conditions\":{}}}}",
CURLOPT_HTTPHEADER => [
"Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"content-type: application/json",
"x-xdr-auth-id: 241"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/legacy_exceptions/edit");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
headers = curl_slist_append(headers, "x-xdr-auth-id: 241");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"exception_id\":\"string\",\"update_data\":{\"name\":\"string\",\"platform\":\"string\",\"module\":0,\"profile_ids\":[0],\"status\":\"string\",\"scope\":\"string\",\"description\":\"string\",\"conditions\":{}}}}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v1/legacy_exceptions/edit");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
request.AddHeader("x-xdr-auth-id", "241");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"request_data\":{\"exception_id\":\"string\",\"update_data\":{\"name\":\"string\",\"platform\":\"string\",\"module\":0,\"profile_ids\":[0],\"status\":\"string\",\"scope\":\"string\",\"description\":\"string\",\"conditions\":{}}}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Body parameters
application/json
request_dataobjectrequiredRequest body for editing or updating an existing legacy exception rule.
Request body for editing or updating an existing legacy exception rule.
exception_idstringThe ID of the legacy exception to edit. Corresponds to the id field returned by the fetch API.
The ID of the legacy exception to edit. Corresponds to the id field returned by the fetch API.
update_dataobjectrequired
namestringName for the legacy exception rule.
Name for the legacy exception rule.
platformstringTarget platform for the exception. Must be one of the platforms supported by the chosen module (see /public_api/v1/legacy_exceptions/get_modules endpoint response).
Target platform for the exception. Must be one of the platforms supported by the chosen module (see /public_api/v1/legacy_exceptions/get_modules endpoint response).
moduleintegerNumeric ID of the protection module to create the exception for. Get valid module IDs from /public_api/v1/legacy_exceptions/get_modules endpoint.
Numeric ID of the protection module to create the exception for. Get valid module IDs from /public_api/v1/legacy_exceptions/get_modules endpoint.
profile_idsarray[integer]List of prevention profile IDs this exception rule applies to. Use /public_api/v1/endpoints/get_profiles endpoint to find existing profile IDs.
- For
scope: PROFILE: provide one or more profile IDs (e.g. [29])
- For
scope: GLOBAL: must be an empty array []
List of prevention profile IDs this exception rule applies to. Use /public_api/v1/endpoints/get_profiles endpoint to find existing profile IDs.
- For
scope: PROFILE: provide one or more profile IDs (e.g.[29]) - For
scope: GLOBAL: must be an empty array[]
statusstringStatus of the rule.
Allowed values: ENABLED or DISABLED.
Status of the rule.
Allowed values: ENABLED or DISABLED.
scopestringScope of the exception:
PROFILE — exception applies to specific prevention profiles listed in profile_idsGLOBAL — exception applies globally; profile_ids must be [] and the module must be an Exception-type module
Scope of the exception:
PROFILE— exception applies to specific prevention profiles listed inprofile_idsGLOBAL— exception applies globally;profile_idsmust be[]and the module must be an Exception-type module
descriptionstringOptional description of the exception rule.
Optional description of the exception rule.
conditionsobjectThe conditions structure depends on the chosen module. Use /public_api/v1/legacy_exceptions/get_modules endpoint to get the conditions_definition for each module.
The conditions structure depends on the chosen module. Use /public_api/v1/legacy_exceptions/get_modules endpoint to get the conditions_definition for each module.
REQUEST
{
"request_data": {
"exception_id": "f87c6f24205249d896677ab63626d4f4",
"update_data": {
"name": "Edit legacy exception rule",
"platform": "Windows",
"module": 1,
"profile_ids": [
29
],
"status": "DISABLED",
"scope": "PROFILE",
"description": "my legacy desc",
"conditions": {
"remoteIpsWhitelist": [
"192.168.1.45",
"10.0.0.10-10.0.0.20"
]
}
}
}
}{
"request_data": {
"exception_id": "d9c06bfa3f9b45a7a0196244e68d181d",
"update_data": {
"name": "Edit legacy exception rule 1",
"platform": "Linux",
"module": 43,
"profile_ids": [
26
],
"status": "ENABLED",
"scope": "PROFILE",
"description": "test 3",
"conditions": {
"process_exceptions": [
{
"processName": "Test process 1",
"modules": [
{
"moduleId": 67,
"moduleName": "Disable Injection"
}
]
},
{
"processName": "Test process 2",
"modules": [
{
"moduleId": 63,
"moduleName": "Child Process Protection"
}
]
},
{
"processName": "Test process 3",
"modules": [
{
"moduleId": 65,
"moduleName": "Brute Force Protection"
}
]
}
]
}
}
}
}Responses
OK
Body
application/json
replystringThe ID of the edited legacy exception rule.
The ID of the edited legacy exception rule.
Example:
"f87c6f24205249d896677ab63626d4f4"RESPONSE
{
"reply": "f87c6f24205249d896677ab63626d4f4"
}