post
/public_api/v1/get_attack_surface_rules/
Get all or a subset of attack surface rules.
Required License: Cortex Xpanse Expander
Request headers
authorization
String
required
api-key
api-key
Example:
{{api_key}}
x-xdr-auth-id
String
required
api-key-id
api-key-id
Example:
{{api_key_id}}
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'authorization: {{api_key}}'
-H
'x-xdr-auth-id: {{api_key_id}}'
'https://api-}/public_api/v1/get_attack_surface_rules/'
-d
'{
"request_data" : {
"search_from" : 0,
"filters" : [ {
"field" : "attack_surface_rule_id",
"value" : "AttackSurfaceRulesFilter_value",
"operator" : "in"
}, {
"field" : "attack_surface_rule_id",
"value" : "AttackSurfaceRulesFilter_value",
"operator" : "in"
} ],
"sort" : {
"field" : "created",
"keyword" : "desc"
},
"search_to" : 0
}
}'
import http.client
conn = http.client.HTTPSConnection("api-")
payload = "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}"
headers = {
'authorization': "{{api_key}}",
'x-xdr-auth-id': "{{api_key_id}}",
'content-type': "application/json"
}
conn.request("POST", "%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["authorization"] = '{{api_key}}'
request["x-xdr-auth-id"] = '{{api_key_id}}'
request["content-type"] = 'application/json'
request.body = "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"request_data": {
"filters": [
{
"field": "attack_surface_rule_id",
"operator": "in",
"value": "string"
}
],
"search_from": 0,
"search_to": 500,
"sort": {
"field": "enabled_status",
"keyword": "ASC"
}
}
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/");
xhr.setRequestHeader("authorization", "{{api_key}}");
xhr.setRequestHeader("x-xdr-auth-id", "{{api_key_id}}");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/")
.header("authorization", "{{api_key}}")
.header("x-xdr-auth-id", "{{api_key_id}}")
.header("content-type", "application/json")
.body("{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}")
.asString();import Foundation
let headers = [
"authorization": "{{api_key}}",
"x-xdr-auth-id": "{{api_key_id}}",
"content-type": "application/json"
]
let parameters = ["request_data": [
"filters": [
[
"field": "attack_surface_rule_id",
"operator": "in",
"value": "string"
]
],
"search_from": 0,
"search_to": 500,
"sort": [
"field": "enabled_status",
"keyword": "ASC"
]
]] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}",
CURLOPT_HTTPHEADER => [
"authorization: {{api_key}}",
"content-type: application/json",
"x-xdr-auth-id: {{api_key_id}}"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "authorization: {{api_key}}");
headers = curl_slist_append(headers, "x-xdr-auth-id: {{api_key_id}}");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/");
var request = new RestRequest(Method.POST);
request.AddHeader("authorization", "{{api_key}}");
request.AddHeader("x-xdr-auth-id", "{{api_key_id}}");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Body parameters
required
request_dataobject
filtersarray
search_frominteger
search_tointeger
sortobject
fieldstring (Enum)
keywordstring (Enum)
Free-Form objectFree-Form objectFree-Form object
application/json
request_dataobject(Required) A dictionary containing the API request fields.
An empty dictionary returns all results.
(Required) A dictionary containing the API request fields.
An empty dictionary returns all results.
filtersarrayProvides an array of filtered fields. Each JSON object can contain the following keywords:
- field
- operators
- value
Provides an array of filtered fields. Each JSON object can contain the following keywords:
- field
- operators
- value
[fieldstring (Enum)
operatorstring (Enum)
valueobject
string
]
fieldstring (Enum)Identifies the alert field the filter is matching. Filters are based on the following keywords:
- enabled_status
- category
- priority
- attack_surface_rule_id
- asm_alert_categories
Identifies the alert field the filter is matching. Filters are based on the following keywords:
- enabled_status
- category
- priority
- attack_surface_rule_id
- asm_alert_categories
Allowed values:"attack_surface_rule_id""category""priority""enabled_status""asm_alert_categories"
operatorstring (Enum)String that identifies the comparison operator you want to use for this filter.
- in
String that identifies the comparison operator you want to use for this filter.
- in
Allowed values:"in"
valueobjectValue that this filter must match. The contents of this field will differ depending on the alert field that you specified for this filter
Value that this filter must match. The contents of this field will differ depending on the alert field that you specified for this filter
stringValue that this filter must match. The contents of this field will differ depending on the alert field that you specified for this filter
Value that this filter must match. The contents of this field will differ depending on the alert field that you specified for this filter
Array
search_fromintegerAn integer representing the starting offset within the query result set from which you want attack surface rules returned
An integer representing the starting offset within the query result set from which you want attack surface rules returned
search_tointegerAn integer representing the end offset within the result set after which you do not want attack surface rules returned.
Attack surface rules in the alerts list that are indexed higher than this value are not returned in the final results set.
An integer representing the end offset within the result set after which you do not want attack surface rules returned.
Attack surface rules in the alerts list that are indexed higher than this value are not returned in the final results set.
Default:
500sortobjectIdentifies the sort order for the result set. By default, the sort is defined as created, DESC.
Identifies the sort order for the result set. By default, the sort is defined as created, DESC.
fieldstring (Enum)
Default:
"created"Allowed values:"enabled_status""priority""category""attack_surface_rule_id""attack_surface_rule_name""created"
keywordstring (Enum)Can either be ASC (ascending order) or DESC (descending order).
Can either be ASC (ascending order) or DESC (descending order).
Default:
"desc"Allowed values:"ASC""asc""DESC""desc"
REQUEST
{
"request_data": {
"filters": [
{
"field": "attack_surface_rule_id",
"operator": "in",
"value": "example"
}
],
"search_from": 0,
"search_to": 0,
"sort": {
"field": "enabled_status",
"keyword": "ASC"
}
}
}Responses
OK
Body
application/json
replyobjectrequired
total_countinteger
result_countinteger
attack_surface_rulesarray
[attack_surface_rule_namestring
enabled_statusstring
prioritystring
descriptionstring
attack_surface_rule_idstring
categorystring
knowledge_base_linkstring
createdinteger
modifiedinteger
modified_bystring
remediation_guidancestring
asm_alert_categoriesarray[string]
Free-Form object]
attack_surface_rule_namestring
enabled_statusstring
prioritystring
descriptionstring
attack_surface_rule_idstring
categorystring
knowledge_base_linkstring
createdinteger
modifiedinteger
modified_bystring
remediation_guidancestring
asm_alert_categoriesarray[string]
RESPONSE
{
"reply": {
"total_count": 0,
"result_count": 0,
"attack_surface_rules": [
{
"attack_surface_rule_name": "example",
"enabled_status": "example",
"priority": "example",
"description": "example",
"attack_surface_rule_id": "example",
"category": "example",
"knowledge_base_link": "example",
"created": 0,
"modified": 0,
"modified_by": "example",
"remediation_guidance": "example",
"asm_alert_categories": [
"example"
]
}
]
}
}Bad Request. Got an invalid JSON.
Body
application/json
replyobjectThe query results upon error.
The query results upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.
Body
application/json
replyobjectThe query results upon error.
The query results upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}Unauthorized access. User does not have the required license type to run this API.
Body
application/json
replyobjectThe query results upon error.
The query results upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.
Body
application/json
replyobjectThe query results upon error.
The query results upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}Unprocessable Entity
Body
application/json
codeintegerError code
Error code
statusstringError name
Error name
messagestringError message
Error message
errorsobjectErrors
Errors
RESPONSE
{
"code": 0,
"status": "example",
"message": "example",
"errors": {}
}Internal server error. A unified status for API communication type errors.
Body
application/json
replyobjectThe query results upon error.
The query results upon error.
err_codestringHTTP response code.
HTTP response code.
err_msgstringError message.
Error message.
err_extrastringAdditional information describing the error.
Additional information describing the error.
RESPONSE
{
"reply": {
"err_code": "example",
"err_msg": "example",
"err_extra": "example"
}
}