get
/public_api/v2/cwp/policies
Fetches a list of all CWP policy instances. You can filter the results by policy type (e.g., COMPLIANCE, MALWARE, SECRET, TRUSTED_IMAGES). By default, all policy types are returned. Use the disableVerbose flag to optimize performance by skipping asset group data updates.
Required license: Requires the Cortex Cloud Runtime Security add-on. Not available in Cortex XSIAM Enterprise Plus.
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
241
Query parameters
types
array[PolicyType]
The policies type
The policies type
disableVerbose
Boolean
Flag to bypass calling platform for asset groups data when fetching policies. Note that this means asset groups will not be updated upon fetching policies.
Flag to bypass calling platform for asset groups data when fetching policies. Note that this means asset groups will not be updated upon fetching policies.
Example:
true
Default:
false
CLIENT REQUEST
curl -X 'GET'
-H
'Accept: application/json; charset=UTF-8'
-H
'Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
-H
'x-xdr-auth-id: 241'
'https://api-yourfqdn/public_api/v2/cwp/policies?types=&disableVerbose=true'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
headers = {
'Authorization': "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
'x-xdr-auth-id': "241"
}
conn.request("GET", "/public_api/v2/cwp/policies?types=SOME_ARRAY_VALUE&disableVerbose=SOME_BOOLEAN_VALUE", headers=headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v2/cwp/policies?types=SOME_ARRAY_VALUE&disableVerbose=SOME_BOOLEAN_VALUE")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
request["x-xdr-auth-id"] = '241'
response = http.request(request)
puts response.read_bodyconst data = null;
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("GET", "https://api-yourfqdn/public_api/v2/cwp/policies?types=SOME_ARRAY_VALUE&disableVerbose=SOME_BOOLEAN_VALUE");
xhr.setRequestHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
xhr.setRequestHeader("x-xdr-auth-id", "241");
xhr.send(data);HttpResponse<String> response = Unirest.get("https://api-yourfqdn/public_api/v2/cwp/policies?types=SOME_ARRAY_VALUE&disableVerbose=SOME_BOOLEAN_VALUE")
.header("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ")
.header("x-xdr-auth-id", "241")
.asString();import Foundation
let headers = [
"Authorization": "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id": "241"
]
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v2/cwp/policies?types=SOME_ARRAY_VALUE&disableVerbose=SOME_BOOLEAN_VALUE")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v2/cwp/policies?types=SOME_ARRAY_VALUE&disableVerbose=SOME_BOOLEAN_VALUE",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id: 241"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "GET");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v2/cwp/policies?types=SOME_ARRAY_VALUE&disableVerbose=SOME_BOOLEAN_VALUE");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
headers = curl_slist_append(headers, "x-xdr-auth-id: 241");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v2/cwp/policies?types=SOME_ARRAY_VALUE&disableVerbose=SOME_BOOLEAN_VALUE");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
request.AddHeader("x-xdr-auth-id", "241");
IRestResponse response = client.Execute(request);Responses
Success
Body
application/json; charset=UTF-8
The response you get when calling the get policies V2 path
[idstringrequired
revisionintegerrequired
createdAtstringrequireddate-time
modifiedAtstringrequireddate-time
typestring (Enum)required
createdBystringrequired
disabledbooleanrequired
namestringrequired
descriptionstringrequired
evaluationModesarray[string]required
evaluationStagestring (Enum)required
policyRulesarrayrequired
conditionstringrequiredbyte
exceptionstringrequiredbyte
assetScopestringrequiredbyte
assetGroupsIDsarray[integer]required
assetGroupsarray[string]required
actionstring (Enum)required
severitystring (Enum)required
remediationGuidancestringrequired
missingInformationActionstring (Enum)
usingSystemAssetGroupsbooleanrequired
unifiedPolicyIdstring
gracePeriodstringrequired
]
idstringrequired
revisionintegerrequired
createdAtstringrequireddate-time
modifiedAtstringrequireddate-time
typestring (Enum)requiredOne of the supported policy types
One of the supported policy types
Example:
"MALWARE"Allowed values:"COMPLIANCE""MALWARE""SECRET""TRUSTED_IMAGES"
createdBystringrequired
disabledbooleanrequired
namestringrequired
descriptionstringrequired
evaluationModesarray[string]required
evaluationStagestring (Enum)requiredOne of the supported evaluation stages
One of the supported evaluation stages
Example:
"CI"Allowed values:"CI""RUNTIME""DEPLOY"null
policyRulesarrayrequiredArray of policy_rule objects related to the policy
Array of policy_rule objects related to the policy
[idstringrequired
rule_idstringrequired
policy_idstringrequired
severitystring (Enum)required
actionstring (Enum)required
policy_revisionintegerrequired
rule_namestringrequired
remediation_guidancestringrequired
user_remediation_guidancestringrequired
]
idstringrequired
rule_idstringrequired
policy_idstringrequired
severitystring (Enum)requiredOne of the supported policy severities
One of the supported policy severities
Example:
"CRITICAL"Allowed values:"LOW""MEDIUM""HIGH""CRITICAL"null
actionstring (Enum)requiredOne of the supported policy actions
One of the supported policy actions
Example:
"ISSUE"Allowed values:"ISSUE""PREVENT"null
policy_revisionintegerrequired
rule_namestringrequired
remediation_guidancestringrequired
user_remediation_guidancestringrequiredAdditional remediation guidance that can be added to the rule’s predefined guidance.
Additional remediation guidance that can be added to the rule’s predefined guidance.
conditionstringrequiredbyte
exceptionstringrequiredbyte
assetScopestringrequiredbyte
assetGroupsIDsarray[integer]required
assetGroupsarray[string]required
actionstring (Enum)requiredOne of the supported policy actions
One of the supported policy actions
Example:
"ISSUE"Allowed values:"ISSUE""PREVENT"null
severitystring (Enum)requiredOne of the supported policy severities
One of the supported policy severities
Example:
"CRITICAL"Allowed values:"LOW""MEDIUM""HIGH""CRITICAL"null
remediationGuidancestringrequired
missingInformationActionstring (Enum)One of the supported policy actions
One of the supported policy actions
Example:
"ISSUE"Allowed values:"ISSUE""PREVENT"null
usingSystemAssetGroupsbooleanrequired
unifiedPolicyIdstring
gracePeriodstringrequiredGrace period duration string in days
Grace period duration string in days
RESPONSE
[application/json; charset=UTF-8 content]Client error
Body
application/json; charset=UTF-8
err_msgstringrequiredThe error message
The error message
metadataobjectDetails for the PublicAPIError
Details for the PublicAPIError
codestring (Enum)requiredA short, programmatically safe string indicating the error code reported
A short, programmatically safe string indicating the error code reported
Example:
"NOT_FOUND"Allowed values:"BAD_REQUEST""INTERNAL_ERROR""NOT_FOUND""FORBIDDEN"
RESPONSE
[application/json; charset=UTF-8 content]Service had unexpected internal error
Body
application/json; charset=UTF-8
err_msgstringrequiredThe error message
The error message
metadataobjectDetails for the PublicAPIError
Details for the PublicAPIError
codestring (Enum)requiredA short, programmatically safe string indicating the error code reported
A short, programmatically safe string indicating the error code reported
Example:
"NOT_FOUND"Allowed values:"BAD_REQUEST""INTERNAL_ERROR""NOT_FOUND""FORBIDDEN"
RESPONSE
[application/json; charset=UTF-8 content]