post
/public_api/appsec/v1/application/criteria
Creates a Criteria based on the provided details.
Required license:
Cortex XSIAM Premium. In Cortex XSIAM Enterprise and Cortex NG SIEM, requires the Cortex Cloud Posture Management add-on. Not supported in XSIAM Enterprise Plus.
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
241
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
-H
'x-xdr-auth-id: 241'
'https://api-yourfqdn/public_api/appsec/v1/application/criteria'
-d
'{
"name" : "name",
"description" : "description",
"config" : {
"criteriaPrettyName" : "criteriaPrettyName",
"applicationMetaData" : {
"exposedToInternetOverride" : true
},
"unifyAcrossProviders" : true,
"unifyWithinProvider" : true,
"criteriaDefinitions" : [ null, null ],
"criteriaPrettyNameTags" : [ "criteriaPrettyNameTags", "criteriaPrettyNameTags" ]
}
}'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
payload = "{\"name\":\"string\",\"description\":\"string\",\"type\":\"cloud\",\"config\":{\"unifyWithinProvider\":true,\"unifyAcrossProviders\":true,\"criteriaDefinitions\":[[{\"type\":\"tags\",\"provider\":\"GITLAB\",\"filters\":[{\"type\":\"equal\",\"field\":\"repositoryName\",\"values\":[\"string\"]}],\"tagKeys\":[\"string\"]}]],\"criteriaPrettyName\":\"string\",\"criteriaPrettyNameTags\":[\"string\"],\"applicationMetaData\":{\"businessOwner\":\"none\",\"businessCriticality\":\"Critical\",\"exposedToInternetOverride\":true}}}"
headers = {
'Authorization': "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
'x-xdr-auth-id': "241",
'content-type': "application/json"
}
conn.request("POST", "/public_api/appsec/v1/application/criteria", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/appsec/v1/application/criteria")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
request["x-xdr-auth-id"] = '241'
request["content-type"] = 'application/json'
request.body = "{\"name\":\"string\",\"description\":\"string\",\"type\":\"cloud\",\"config\":{\"unifyWithinProvider\":true,\"unifyAcrossProviders\":true,\"criteriaDefinitions\":[[{\"type\":\"tags\",\"provider\":\"GITLAB\",\"filters\":[{\"type\":\"equal\",\"field\":\"repositoryName\",\"values\":[\"string\"]}],\"tagKeys\":[\"string\"]}]],\"criteriaPrettyName\":\"string\",\"criteriaPrettyNameTags\":[\"string\"],\"applicationMetaData\":{\"businessOwner\":\"none\",\"businessCriticality\":\"Critical\",\"exposedToInternetOverride\":true}}}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"name": "string",
"description": "string",
"type": "cloud",
"config": {
"unifyWithinProvider": true,
"unifyAcrossProviders": true,
"criteriaDefinitions": [
[
{
"type": "tags",
"provider": "GITLAB",
"filters": [
{
"type": "equal",
"field": "repositoryName",
"values": [
"string"
]
}
],
"tagKeys": [
"string"
]
}
]
],
"criteriaPrettyName": "string",
"criteriaPrettyNameTags": [
"string"
],
"applicationMetaData": {
"businessOwner": "none",
"businessCriticality": "Critical",
"exposedToInternetOverride": true
}
}
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/appsec/v1/application/criteria");
xhr.setRequestHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
xhr.setRequestHeader("x-xdr-auth-id", "241");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/appsec/v1/application/criteria")
.header("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ")
.header("x-xdr-auth-id", "241")
.header("content-type", "application/json")
.body("{\"name\":\"string\",\"description\":\"string\",\"type\":\"cloud\",\"config\":{\"unifyWithinProvider\":true,\"unifyAcrossProviders\":true,\"criteriaDefinitions\":[[{\"type\":\"tags\",\"provider\":\"GITLAB\",\"filters\":[{\"type\":\"equal\",\"field\":\"repositoryName\",\"values\":[\"string\"]}],\"tagKeys\":[\"string\"]}]],\"criteriaPrettyName\":\"string\",\"criteriaPrettyNameTags\":[\"string\"],\"applicationMetaData\":{\"businessOwner\":\"none\",\"businessCriticality\":\"Critical\",\"exposedToInternetOverride\":true}}}")
.asString();import Foundation
let headers = [
"Authorization": "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id": "241",
"content-type": "application/json"
]
let parameters = [
"name": "string",
"description": "string",
"type": "cloud",
"config": [
"unifyWithinProvider": true,
"unifyAcrossProviders": true,
"criteriaDefinitions": [[
[
"type": "tags",
"provider": "GITLAB",
"filters": [
[
"type": "equal",
"field": "repositoryName",
"values": ["string"]
]
],
"tagKeys": ["string"]
]
]],
"criteriaPrettyName": "string",
"criteriaPrettyNameTags": ["string"],
"applicationMetaData": [
"businessOwner": "none",
"businessCriticality": "Critical",
"exposedToInternetOverride": true
]
]
] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/appsec/v1/application/criteria")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/appsec/v1/application/criteria",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"name\":\"string\",\"description\":\"string\",\"type\":\"cloud\",\"config\":{\"unifyWithinProvider\":true,\"unifyAcrossProviders\":true,\"criteriaDefinitions\":[[{\"type\":\"tags\",\"provider\":\"GITLAB\",\"filters\":[{\"type\":\"equal\",\"field\":\"repositoryName\",\"values\":[\"string\"]}],\"tagKeys\":[\"string\"]}]],\"criteriaPrettyName\":\"string\",\"criteriaPrettyNameTags\":[\"string\"],\"applicationMetaData\":{\"businessOwner\":\"none\",\"businessCriticality\":\"Critical\",\"exposedToInternetOverride\":true}}}",
CURLOPT_HTTPHEADER => [
"Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"content-type: application/json",
"x-xdr-auth-id: 241"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/appsec/v1/application/criteria");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
headers = curl_slist_append(headers, "x-xdr-auth-id: 241");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"name\":\"string\",\"description\":\"string\",\"type\":\"cloud\",\"config\":{\"unifyWithinProvider\":true,\"unifyAcrossProviders\":true,\"criteriaDefinitions\":[[{\"type\":\"tags\",\"provider\":\"GITLAB\",\"filters\":[{\"type\":\"equal\",\"field\":\"repositoryName\",\"values\":[\"string\"]}],\"tagKeys\":[\"string\"]}]],\"criteriaPrettyName\":\"string\",\"criteriaPrettyNameTags\":[\"string\"],\"applicationMetaData\":{\"businessOwner\":\"none\",\"businessCriticality\":\"Critical\",\"exposedToInternetOverride\":true}}}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/appsec/v1/application/criteria");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
request.AddHeader("x-xdr-auth-id", "241");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"name\":\"string\",\"description\":\"string\",\"type\":\"cloud\",\"config\":{\"unifyWithinProvider\":true,\"unifyAcrossProviders\":true,\"criteriaDefinitions\":[[{\"type\":\"tags\",\"provider\":\"GITLAB\",\"filters\":[{\"type\":\"equal\",\"field\":\"repositoryName\",\"values\":[\"string\"]}],\"tagKeys\":[\"string\"]}]],\"criteriaPrettyName\":\"string\",\"criteriaPrettyNameTags\":[\"string\"],\"applicationMetaData\":{\"businessOwner\":\"none\",\"businessCriticality\":\"Critical\",\"exposedToInternetOverride\":true}}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Body parameters
required
namestringrequired
descriptionstring
typestring (Enum)required
configobjectrequired
unifyWithinProviderboolean
unifyAcrossProvidersboolean
criteriaDefinitionsarrayrequired
criteriaPrettyNamestring
criteriaPrettyNameTagsarray[string]
applicationMetaDataobject
businessOwnerstring (Enum)required
businessCriticalitystring (Enum)required
exposedToInternetOverridebooleanrequired
unifyWithinProviderboolean
unifyAcrossProvidersboolean
criteriaDefinitionsarrayrequired
criteriaPrettyNamestring
criteriaPrettyNameTagsarray
applicationMetaDataobjectrequired
applicationNameSourceTagsstring
businessCriticalitySourceTagsstring
businessOwnerSourceTagsarray[string]
businessUnitSourceTagsstring
application/json
Creates a new criteria object.
namestringrequiredUnique name for the criteria.
Unique name for the criteria.
descriptionstringOptional description for the criteria.
Optional description for the criteria.
typestring (Enum)requiredCriteria Type. Allowed values - cloud.
Criteria Type. Allowed values - cloud.
Allowed values:"cloud"
configobjectrequired
unifyWithinProviderbooleanRepositories with the same name at the selected group-by level (org, project, or repository) are consolidated into a single application within the selected provider.
Repositories with the same name at the selected group-by level (org, project, or repository) are consolidated into a single application within the selected provider.
unifyAcrossProvidersbooleanIf multiple applications share the same name at the chosen group-by level (org, project, or repository), they are merged across providers to form a single unified application.
If multiple applications share the same name at the chosen group-by level (org, project, or repository), they are merged across providers to form a single unified application.
criteriaDefinitionsarrayrequired
[]
[typestring (Enum)required
providerobjectrequired
string (Enum)
string (Enum)
filtersarray
tagKeysarray[string]
]
typestring (Enum)required
Allowed values:"tags""organization""project""repository"
providerobjectrequired
string (Enum)Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
Allowed values:"GITLAB""GITHUB""BITBUCKET""AZURE_REPOS""AWS_CODE_COMMIT"
string (Enum)Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
Allowed values:"GCP""AWS""AZURE"
filtersarrayOptional. A list of filters to apply. If you choose to include the filters array, all fields within each filter object are required. Each filter object contains the following fields:
Optional. A list of filters to apply. If you choose to include the filters array, all fields within each filter object are required. Each filter object contains the following fields:
[typeobject (Enum)required
fieldobject (Enum)required
valuesarray[string]required
]
typeobject (Enum)requiredThe filter operation.
The filter operation.
Allowed values:"equal""notEqual""contains""notContains"
fieldobject (Enum)requiredThe field to filter on.
The field to filter on.
Allowed values:"repositoryName""organizationName""projectName"
valuesarray[string]requiredThe values to match for the filter.
The values to match for the filter.
tagKeysarray[string]The tag keys to include.
The tag keys to include.
criteriaPrettyNamestringA human-readable name for the criteria.
A human-readable name for the criteria.
criteriaPrettyNameTagsarray[string]Tags associated with the criteria name.
Tags associated with the criteria name.
applicationMetaDataobject
businessOwnerstring (Enum)requiredThe metadata of the business owner.
The metadata of the business owner.
Allowed values:"none""organizationOwner""projectOwner""repositoryOwner"
businessCriticalitystring (Enum)requiredThe operational importance of the asset.
The operational importance of the asset.
Allowed values:"Critical""High""Medium""Low"
exposedToInternetOverridebooleanrequiredWhether the asset is exposed to the internet.
Whether the asset is exposed to the internet.
unifyWithinProviderbooleanRepositories with the same name at the selected group-by level (org, project, or repository) are consolidated into a single application within the selected provider.
Repositories with the same name at the selected group-by level (org, project, or repository) are consolidated into a single application within the selected provider.
unifyAcrossProvidersbooleanIf multiple applications share the same name at the chosen group-by level (org, project, or repository), they are merged across providers to form a single unified application.
If multiple applications share the same name at the chosen group-by level (org, project, or repository), they are merged across providers to form a single unified application.
criteriaDefinitionsarrayrequired
[]
[typestring (Enum)required
providerobjectrequired
string (Enum)
string (Enum)
filtersarray
tagKeysarray[string]
]
typestring (Enum)required
Allowed values:"tags""organization""project""repository"
providerobjectrequired
string (Enum)Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
Allowed values:"GITLAB""GITHUB""BITBUCKET""AZURE_REPOS""AWS_CODE_COMMIT"
string (Enum)Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
Allowed values:"GCP""AWS""AZURE"
filtersarrayOptional. A list of filters to apply. If you choose to include the filters array, all fields within each filter object are required. Each filter object contains the following fields:
Optional. A list of filters to apply. If you choose to include the filters array, all fields within each filter object are required. Each filter object contains the following fields:
[typeobject (Enum)required
fieldobject (Enum)required
valuesarray[string]required
]
typeobject (Enum)requiredThe filter operation.
The filter operation.
Allowed values:"equal""notEqual""contains""notContains"
fieldobject (Enum)requiredThe field to filter on.
The field to filter on.
Allowed values:"repositoryName""organizationName""projectName"
valuesarray[string]requiredThe values to match for the filter.
The values to match for the filter.
tagKeysarray[string]The tag keys to include.
The tag keys to include.
criteriaPrettyNamestringA human-readable name for the criteria.
A human-readable name for the criteria.
criteriaPrettyNameTagsarrayTags associated with the criteria name.
Tags associated with the criteria name.
[]
applicationMetaDataobjectrequired
applicationNameSourceTagsstringIdentifies the application name. If multiple values are found, the three most frequent ones are concatenated (for example, infra_bank_pay).
If matching tag is not found, the application name is automatically generated by the system.
Identifies the application name. If multiple values are found, the three most frequent ones are concatenated (for example, infra_bank_pay). If matching tag is not found, the application name is automatically generated by the system.
businessCriticalitySourceTagsstringMaps the business criticality level (Critical, High, Medium, or Low). If multiple values are present, the highest severity level is applied. The default value is Medium.
Maps the business criticality level (Critical, High, Medium, or Low). If multiple values are present, the highest severity level is applied. The default value is Medium.
businessOwnerSourceTagsarray[string]
businessUnitSourceTagsstringMaps the tag key to the Business Unit. If multiple values are available, a comma-separated string containing the top five most frequent values is shown.
Maps the tag key to the Business Unit. If multiple values are available, a comma-separated string containing the top five most frequent values is shown.
REQUEST
{
"name": "example",
"description": "example",
"type": "cloud",
"config": {
"unifyWithinProvider": false,
"unifyAcrossProviders": false,
"criteriaDefinitions": [
[
{
"type": "tags",
"provider": "GCP",
"filters": [
{
"type": "equal",
"field": "repositoryName",
"values": [
"example"
]
}
],
"tagKeys": [
"example"
]
}
]
],
"criteriaPrettyName": "example",
"criteriaPrettyNameTags": [
{}
],
"applicationMetaData": {
"applicationNameSourceTags": "example",
"businessCriticalitySourceTags": "example",
"businessOwnerSourceTags": [
"example"
],
"businessUnitSourceTags": "example"
}
}
}Responses
Ok
Body
application/json
idstringrequiredUnique Id of the criteria.
Unique Id of the criteria.
namestringrequiredUnique name of the criteria.
Unique name of the criteria.
RESPONSE
{
"id": "example",
"name": "example"
}